Search found 21 matches
- Fri Feb 14, 2020 7:54 am
- Forum: madCodeHook
- Topic: WSL(Windows Subsystem for Linux) hooking?
- Replies: 1
- Views: 9757
WSL(Windows Subsystem for Linux) hooking?
Hi Can I hook the file I/O APIs in WSL(Windows Subsystem for Linux)? For example when Ubunbu is installed on Windows 10 and "ls" command is issued, I'd like to hook the file I/O APIs. According to MSDN, the system calls on Linux is converted to the native Windows API by lxss.sys and lxcore...
- Sat Feb 03, 2018 5:05 pm
- Forum: madCodeHook
- Topic: Black screen issue when "Fast Startup" is enabled.
- Replies: 9
- Views: 12360
Re: Black screen issue when "Fast Startup" is enabled.
I moved SHGetFolderPath() from hook dll to hook application(exe). And whenever hook dll needs to call SHGetFolderPath() it sends a request to hook application via MCH IPC.
And now everything works well.
Thank you madshi and iconic.
And now everything works well.
Thank you madshi and iconic.
- Fri Feb 02, 2018 3:55 pm
- Forum: madCodeHook
- Topic: Black screen issue when "Fast Startup" is enabled.
- Replies: 9
- Views: 12360
Re: Black screen issue when "Fast Startup" is enabled.
Here's what I've found out so far. "Shell32.dll" causes dwm.exe to malfunction for some reason. If my hook dll is dependent on Shell32.dll staticlly, when dwm.exe is injected my hook dll, Shell32.dll is loaded automatically and the black screen issue I mentioned occurs. So If I change my h...
- Thu Feb 01, 2018 7:17 am
- Forum: madCodeHook
- Topic: Black screen issue when "Fast Startup" is enabled.
- Replies: 9
- Views: 12360
Re: Black screen issue when "Fast Startup" is enabled.
After revmoing all statically linked libs(including madCodeHook lib), unused headers and c/c++ files from the dll, the black screen issue never happens.
I'll find out what caused the problem and leave the result soon.
I'll find out what caused the problem and leave the result soon.
- Thu Feb 01, 2018 5:12 am
- Forum: madCodeHook
- Topic: Black screen issue when "Fast Startup" is enabled.
- Replies: 9
- Views: 12360
Re: Black screen issue when "Fast Startup" is enabled.
1) Yes, I mean shutting down the computer by clicking Windows start button -> shutdown menu. 2) Yes, the hooking application is restored from hibernated state to running state again. So its process ID is not changed and I'm not calling InjectLibrary() again. 3) I've not tried that. My dll(which is i...
- Tue Jan 30, 2018 4:53 am
- Forum: madCodeHook
- Topic: Black screen issue when "Fast Startup" is enabled.
- Replies: 9
- Views: 12360
Re: Black screen issue when "Fast Startup" is enabled.
Update:
The cause was C:\Windows\System32\dwm.exe.
This process is classifed as "user process" by MCH. When I exclude this process explicitly in InjectLibrary, black screen does not appear.
The cause was C:\Windows\System32\dwm.exe.
This process is classifed as "user process" by MCH. When I exclude this process explicitly in InjectLibrary, black screen does not appear.
- Mon Jan 29, 2018 2:01 am
- Forum: madCodeHook
- Topic: Black screen issue when "Fast Startup" is enabled.
- Replies: 9
- Views: 12360
Black screen issue when "Fast Startup" is enabled.
I have an issue when injecting a dll into user processes. When Windows 10's fast startup is enabled, after turning on Windows, black screen is shown. 1. My hooking application(.exe) is launched by a Windows Service application. That is to say my service process(exe) launches my hooking application(e...
- Fri Oct 21, 2016 12:32 am
- Forum: madCodeHook
- Topic: SendIpcMessage() issue on Windows 7(32/64bit)
- Replies: 3
- Views: 4703
Re: SendIpcMessage() issue on Windows 7(32/64bit)
I've figured it out. It turns out that the implementation of SendIpcMessage() in Windows 7 conflicts with NtOpenProcess() hooking.
In my NtOpenProcess() hook function I blocked opening my exe process and that was the cause.
Thank you..
In my NtOpenProcess() hook function I blocked opening my exe process and that was the cause.
Thank you..
- Thu Oct 20, 2016 6:57 am
- Forum: madCodeHook
- Topic: SendIpcMessage() issue on Windows 7(32/64bit)
- Replies: 3
- Views: 4703
SendIpcMessage() issue on Windows 7(32/64bit)
I've found a SendIpeMessage() bug on Windows 7(32/64bit). I'm using madCodeHook v3.1.13 In a hook dll, I call SendIpcMessage() like this: OutputDebugString(L"IPC Start"); SendIpcMessage("MyIpcName", (void*)&requestMessage[0], requestMessage.size(), &responseBuffer[0], siz...
- Tue Aug 25, 2015 1:59 am
- Forum: madCodeHook
- Topic: madConfigDrv.exe bug on Windows 10
- Replies: 2
- Views: 4077
Re: madConfigDrv.exe bug on Windows 10
Thank you madshi.
I've found the cause and resolved the problem.
madConfigDrv.exe was not the cause. Wrong signtool.exe was called.
Thank you..
I've found the cause and resolved the problem.
madConfigDrv.exe was not the cause. Wrong signtool.exe was called.
Thank you..
- Mon Aug 24, 2015 8:40 am
- Forum: madCodeHook
- Topic: madConfigDrv.exe bug on Windows 10
- Replies: 2
- Views: 4077
madConfigDrv.exe bug on Windows 10
Hi, I've found some weird bug in madConfigDrv.exe. To reproduct the bug: * Development environment: Windows 10, x64 machine, Visual Studio 2015(SP5) 1) Set up a Win32 empty project on Windows 10 and Visual Studio 2015(SP5). 2) In Post Build Event, set madConfigDrv.exe script(e.g. madConfigDrv.exe Xx...
- Tue Sep 30, 2014 6:07 am
- Forum: madCodeHook
- Topic: Injecting a dll into services.exe in Win 8.1
- Replies: 5
- Views: 13233
Injecting a dll into services.exe in Win 8.1
Hi..
Injecting a dll into "services.exe" process in Windows 8.1 seems to be problematic.
InjectLibrary() returns true, but the dll is not loaded into services.exe.
But the same code works perfectly in Windows 7/XP.
Is there any way to work around this issue?
Thanks..
Injecting a dll into "services.exe" process in Windows 8.1 seems to be problematic.
InjectLibrary() returns true, but the dll is not loaded into services.exe.
But the same code works perfectly in Windows 7/XP.
Is there any way to work around this issue?
Thanks..
- Thu Nov 07, 2013 8:53 am
- Forum: madCodeHook
- Topic: Hooking connect() api for IE11?
- Replies: 1
- Views: 3946
Hooking connect() api for IE11?
Hi.. I'm trying to hook connect() api for Internet Explorer 11 on Windows 8.1, but I can't figure out what API IE11 uses to connect to foreign hosts. I've tried connect(), ConnectEx(), WSAConnect(), WSAConnectByNameA(), WSAConnectByNameW() and WSAConnectByList() without any luck. I know this is not ...
- Tue Jul 16, 2013 12:47 pm
- Forum: madCodeHook
- Topic: Chrome freezes after being hooked.
- Replies: 3
- Views: 4574
Re: Chrome freezes after being hooked.
1. The problem also occurs when the DebugOutputString() lines are removed.
2. I have reproduced the problem with your PrintMonitor demo. See the attached screenshot.
2. I have reproduced the problem with your PrintMonitor demo. See the attached screenshot.
- Tue Jul 16, 2013 9:08 am
- Forum: madCodeHook
- Topic: Chrome freezes after being hooked.
- Replies: 3
- Views: 4574
Chrome freezes after being hooked.
I found a very weird problem. Chrome web browser freezes after being hooked. Here's the source code for DLL: #define WIN32_LEAN_AND_MEAN #include <Windows.h> #include <WinSock2.h> #include "madCHook.h" static int (WINAPI *CloseSocketNext)(SOCKET s); static int WINAPI OnCloseSocketCalled1(S...