madshi.net

Hi, Is the hotfix applied to MCH3 too?

Oh... sorry for my poor English. - Normal - 1. Here is my pseudo code of callback function CB_StartDocW(...) { DbgMsg("Start CB_StartDocW"); MyCode(...); // .... ORIG_StartDocW(...); } 2. inject library and hook API 'StartDocW()' by calling HookAPI(). HookAPI("Gdi32.dll", "S...

Hi! Madshi, I've been using MadCHook 3.1.13 and found something strange My program and Symantec DLP hooks same process and same GDI Print API. I've used HookAPI() with no 'dwFlags' and returns true. But, its behavior seems to skip hooking API My callback function does nothing, like it never been cal...

Oh, Sorry. I didn't get it. When I've tested with driver file names(DEF_MWPGHK_DRV32_FILENAME, DEF_MWPGHK_DRV64_FILENAME in my code), It returns valid file handle(not INVALID_HANDLE_VALUE) and GetLastError() value is 0. And with driver name(DEF_MWPGHK_NAME), It returns INVALID_HANDLE_VALUE) and erro...

Sure, my program requires admin execution level and I have run with admin There is no issues when call LoadInjectionDriver, InjectLibraryW and works well, IsInjectionDriverRunning returns right result on 64bit OS. But, Only Win7 32bit returns always FALSE whether driver is running or not (I didn't t...

Hi, I've tried to check driver is running or not by calling IsInjectionDriverRunning That API works well on win 7 64bit, win 8 64bit. But return always FALSE(whether driver is running perfectly or not) on win7 32bit Is there any constraints to using the API? (something like madconfig option, etc...)...

Hi,

I got a simple question,

at release note 3.1.8,
...
(2) fixed: hooking ntdll in non-large-address-aware x64 processes crashed
...

that clause means this issue?


Sincerely