 |
madshi.net high quality low level programming
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in| Search found 354 matches |
| Author | Message |
|---|---|
 Topic: How to InjectLibrary only for new processes |
|
| dcsoft Replies: 8 Views: 1635 |
 Forum: madCodeHook Posted: Fri Sep 11, 2009 4:39 am Subject: Re: How to InjectLibrary only for new processes |
| My DLL is lightweight, but it requires a number of other system DLLs (ie WinInet.dll) that I don't really want to load into every process. I know that I could change all the static references in my DL ... | |
| Topic: hooking getaddrinfo - desperate help - please... |
|
| dcsoft Replies: 11 Views: 4724 |
Forum: madCodeHook Posted: Sun Aug 02, 2009 7:06 pm Subject: hooking getaddrinfo - desperate help - please... |
| pi.id:=MSGTYPE_GETADDRINFO;
lstrcpy(pi.target,nodename); SendIpcMessage(pchar('ProtexProc'),@pi,sizeOf(pi),@result,sizeOf(result)); Does it crash if y ... |
|
| Topic: OutputDebugString replacement |
|
| dcsoft Replies: 5 Views: 2065 |
Forum: madCodeHook Posted: Thu Feb 26, 2009 3:14 pm Subject: OutputDebugString replacement |
| I log messages using SendMessage(WM_COPYDATA, ...) and wrote a viewer app similar to DbgView to receive the messages and display the strings. I could post that, if there's any interest.
The advant ... |
|
| Topic: Several Questions with madCodeHook |
|
| dcsoft Replies: 5 Views: 2051 |
Forum: madCodeHook Posted: Mon Feb 23, 2009 4:08 pm Subject: Several Questions with madCodeHook |
Glad it worked for you! I'm no Delphi expert by any means but recently had to struggle through this same issue. 
So I've plenty of experience using MadCodeHook and Visual C++. I don't know for ... |
|
| Topic: Several Questions with madCodeHook |
|
| dcsoft Replies: 5 Views: 2051 |
Forum: madCodeHook Posted: Mon Feb 23, 2009 4:40 am Subject: Don't use string |
| It's easier to use the fixed character buffer for the answer:
var TempRules : Array[0..4096] of Char; begin SendIpcMessage(IPC_CHANNEL, Msg, StrLen(Msg) + 1, @T ... |
|
| Topic: Handle Minimize Event |
|
| dcsoft Replies: 2 Views: 1546 |
Forum: madCodeHook Posted: Wed Feb 11, 2009 5:52 am Subject: WH_SHELL |
| You can use Windows Accessibility (SetWinEventHook, EVENT_SYSTEM_MINIMIZEEND).
Alternatively, you can use SetWindowsHookEx() to set a WH_SHELL hook. -- David |
|
| Topic: Suspend Process Except 1 |
|
| dcsoft Replies: 4 Views: 3788 |
Forum: madCollection Posted: Thu Dec 11, 2008 11:56 pm Subject: Suspend Process Except 1 |
| Thanks Madshi. | |
| Topic: Suspend Process Except 1 |
|
| dcsoft Replies: 4 Views: 3788 |
Forum: madCollection Posted: Tue Dec 09, 2008 3:20 am Subject: Suspend Process Except 1 |
| Usually suspending thread of other unknown processes is very dangerous. You can even end up locking up the whole OS. Is there no other way to realize your aim? What are you trying to achieve?
I hav ... |
|
| Topic: LoadLibrary() that takes a memory buffer |
|
| dcsoft Replies: 2 Views: 1984 |
Forum: madCodeHook Posted: Sun Nov 16, 2008 7:05 pm Subject: LoadLibrary() that takes a memory buffer |
http://www.joachim-bauch.de/tutorials/load_dll_memory.html seems a good place to start!  |
|
| Topic: LoadLibrary() that takes a memory buffer |
|
| dcsoft Replies: 2 Views: 1984 |
Forum: madCodeHook Posted: Sun Nov 16, 2008 6:56 pm Subject: LoadLibrary() that takes a memory buffer |
| Hello,
I want to hook LoadLibrary() to create a HMODULE from something besides a disk file (.dll). The contents of the DLL are not stored in a disk file, instead they are stored in a proprietary h ... |
|
| Topic: winsock again |
|
| dcsoft Replies: 12 Views: 5709 |
Forum: madCodeHook Posted: Thu Jul 17, 2008 11:10 am Subject: winsock again |
| You need to hook gethostbyname(), and getaddrinfo(), and send().
Did you hook the first 2 yet? Sorry, I can't give you example code. Thanks, David |
|
| Topic: What kind of API do i hook to prevent from moving file ... |
|
| dcsoft Replies: 5 Views: 2871 |
Forum: madCodeHook Posted: Sat Jul 12, 2008 6:14 pm Subject: What kind of API do i hook to prevent from moving file ... |
| SHFileOperation() is used to recycle a file. I'm not sure there are any more API's that also do, so hooking an Nt() function as suggested may be more reliable.
-- David |
|
| Topic: madcodehook ipc functions |
|
| dcsoft Replies: 9 Views: 4089 |
Forum: madCodeHook Posted: Sat Jul 12, 2008 6:11 pm Subject: madcodehook ipc functions |
| One of the disadvantages of MadCodeHook's IPC is the performance. Madshi was supposedly working on a speed up implementation. How is that going?
Thanks, David |
|
| Topic: Hook process creation on Vista |
|
| dcsoft Replies: 18 Views: 7770 |
Forum: madCodeHook Posted: Sat Jul 12, 2008 6:09 pm Subject: Hook process creation on Vista |
| Does Vista64 block hooking the NTDLL e.g. NtCreateProcess()? If allowed, I would think this would be the most reliable, since all? process creation calls go through this one?
Thanks, David |
|
| Topic: Keep Hooking... |
|
| dcsoft Replies: 2 Views: 2112 |
Forum: madCodeHook Posted: Sat Jul 12, 2008 6:07 pm Subject: Use ShellExecuteEx instead of WinExec |
| If you use ShellExecuteEx() to launch the app, you can do so on a separate thread. Use the SEE_MASK_NOCLOSEPROCESS flag so that the hProcess of the launched app is returned to you. Then do a
... |
|
All times are GMT |
Powered by phpBB © 2001, 2005 phpBB Group