madshi.net

Hi Madshi and experts here, By some simple investigation, I found that madcodehook's ipcqueue is based on file mapping, is that correct? if so, is there any size limit ? i.e., the maximum buf size that can be sent in a sendipcmessage call, and what if the ipc queue process is slower than the sender?...

Using {$IMAGEBASE xxxxxxxx} tells Delphi to which address the dll shall be loaded by default. If the address is not in use yet, loading of the dll is a whole lot faster. You can also configure this option in the project options, btw. Thanks! this means, I can use IMAGEBASE of any value? is there an...

Could anyone tell me what does the following statement mean? And why we need that in MadCodeHook Dll?

{$IMAGEBASE $5a800000}


Thanks!
Shannon

API hooks can be detected quite easily. Furthermore WinSock doesn't like some kinds of hooks (it has a built in hook protection). If someone else has already hooked WinSock by using a different API hooking technique, madCodeHook might not be able to hook WinSock, anymore. Well, that's also a really...

The IPC mechanism isn't the fastest in the world, but is fast enough. Using it when a CreateProcess() occurs should be fine. After all, the time it takes to create the process will be at least an order of magnitude more than even the slowest IPC mechanism. But what I try to avoid is that I have to ...

Of course I know madCodeHook is easier..., I don't know that NDIS can't handle dialup :oops: ... My only concern is that, is there some thing that apihooking is not capable of, but driver can do it? For example, I have an idea of anti-hacker. My hook or driver program should record inbound connectio...

Hi Nildo, I think you misunderstood... 1) I do NOT have a form. What I want to do is put the uninjectlibrary stuff inside of the DLL (i.e. NOT main program), is this possible? 2) I don't think consulting the main exe for the black list is a good idea. Because this might slow down the execution. Did ...

I need to write a program to filter internet traffic. Now I have 2 options: use madCodeHook to hook winsock api, or to write a driver using the NDIS/SPI technologies. I think I would like to use madCodeHook because it will be simpler than writing a driver. However, is there any pitfalls? Could anyon...

Hi All, I am new to madCodeHook yet feel it extremely easy to use and works on all windows (important to me). Thanks Mathais... Now having a problem: I want to create an IPC Queue inside the DLL. I have 2 purposes: 1) The main program which injected the DLL maybe closed by the user (according to my ...