madshi.net

Much more effective than DBS's new tool, update from HookShark, forget the name now. He mainly released that tool to help detect loaded modules, also with options to erase ldr entry for specific usage, but with the new tool (DebugHook i think) it has many more options and routines. I hope you contin...

Weird, it found my proxy hook, but not the actual hook that was streamed. This tool helps me out a lot.

Could this pick up a shadow hook driver?

You could do this easier with something like php and add as a plugin for your application, its not so simple via the application in c++ etc. Its also pretty undocumented as it is classed as underground activity and could be seen as a form of spyware, im sure your doing this for the correct reasons b...

without all the required instructions you provided i managed to create a simple injector to load the driver into memory pretty much same way as i inject dll's but by using services extracted from device manager. now i can host my driver and spawn it at users request without storing on local drive. t...

lol i understand Madshi mate, thanks for the response. What im asking is i have developed my own custom driver which modifys guo stuff in cs and css nothing special or "hackish" but im not too clued up on ways to load my driver into memory. Standard dll injection uses an exe (injector) to ...

hi, i have a custom driver that manipulates drawing in a target process hl2.exe and i need some help on injection methods, i could just load via a batch app but it there other ways like what you do for dll injection?

How are you hooking it?

This is similar to HookShark isn't it by DBS? I use this tool quite a lot.

gj on iat

********************************************* *************** AutoSS v1.0 ***************** ********************************************* *Credits: Gabe Newell * * GD * * Venoma * * Organner * * DeepBlueSea * * wav * * * *Run .exe then Press corresponding key and a* *screenshot will be generated. A...

wtf you on about?

Might help some of you :) #include <stdio.h> #include <windows.h> #include <tlhelp32.h> static bool AdjustSingleTokenPrivilege(HANDLE TokenHandle, LPCTSTR lpName, DWORD dwAttributes) { TOKEN_PRIVILEGES tp; tp.PrivilegeCount = 1; tp.Privileges[0].Attributes = dwAttributes; if (!LookupPrivilegeValue(N...

005386A3 |.^ 75 EC \JNZ SHORT Gunz.00538691

You cheating?

KeBugCheckEx is the loop hole there. I run Device Drivers through XP/Vista 32/64 without much problem, however i agree for userland protection you need a device driver to hide every trade your ring3 app has or block any intrusion from another ring3 app. Also on Vista Kernel it is a good thing UAC is...