madshi.net

Thank you！but "Process Monitor" hooked system read share file, is "Prcess Monitor" tool Hooked system call table in kernel mode？

Hi, I want to monitor share file access, how can i hook the "system" process, it's pid is 4

hello, In my hook dll, I call SendIPCMessage, sometimes this function wait forever, the process suspend.... bool bRet = false; SendIPCMessage("ipcname", (PVOID)buf, nBufLen, &bRet, sizeof(bool), INFINITE); but my host process's log show that this ipc has been processed. why SendIPCMess...

thank you! But I still have a question. // send an ipc message to whomever has created the ipc queue (doesn't matter) // if you only fill the first 3 parameters, SendIpcMessage returns at once // if you fill the next two parameters, too, SendIpcMessage will // wait for an answer of the ipc queue own...

thank you.

Can i call SendIpcMessage in dllmain DLL_PROCESS_ATTACH ?

hi, madshi, I want to create a thread in injected process to do some works. I want to create thread in dllmian function, but ms said don't create thread in dllmian. When I to do is suitable? I see some inject-dll export functins, but madcodehook's demo dll has no export functions. I want to known, t...

My OS is Win7 32bit. My madCodeHook version is 3.1.6. I use system/session wide DLL injection. It's very strange, today, regardless before or after qq.exe started, can injected into........ But it's still a small problem，My host process call UninjectLibrary then exit, all other process uninject succ...

HI, madshi: I'm a working for a security company. I need to hook all application, monitor files transmission. But a social application can't be injected when i use madchook 3.0. the process is qq.exe, It's download url: http://im.qq.com/pcqq/ I find that when qq.exe start, it will start a process ca...