Search found 69 matches
- Mon Apr 25, 2005 6:51 am
- Forum: madCollection
- Topic: ipc queue question
- Replies: 1
- Views: 4858
ipc queue question
Hi Madshi and experts here, By some simple investigation, I found that madcodehook's ipcqueue is based on file mapping, is that correct? if so, is there any size limit ? i.e., the maximum buf size that can be sent in a sendipcmessage call, and what if the ipc queue process is slower than the sender?...
- Wed Mar 02, 2005 9:37 am
- Forum: madCodeHook
- Topic: HookProcessTermination demo question
- Replies: 3
- Views: 3662
Using {$IMAGEBASE xxxxxxxx} tells Delphi to which address the dll shall be loaded by default. If the address is not in use yet, loading of the dll is a whole lot faster. You can also configure this option in the project options, btw. Thanks! this means, I can use IMAGEBASE of any value? is there an...
- Wed Mar 02, 2005 3:43 am
- Forum: madCodeHook
- Topic: HookProcessTermination demo question
- Replies: 3
- Views: 3662
HookProcessTermination demo question
Could anyone tell me what does the following statement mean? And why we need that in MadCodeHook Dll?
{$IMAGEBASE $5a800000}
Thanks!
Shannon
{$IMAGEBASE $5a800000}
Thanks!
Shannon
- Tue Mar 01, 2005 9:47 am
- Forum: madCodeHook
- Topic: WinSock application: hook or driver?
- Replies: 7
- Views: 6925
API hooks can be detected quite easily. Furthermore WinSock doesn't like some kinds of hooks (it has a built in hook protection). If someone else has already hooked WinSock by using a different API hooking technique, madCodeHook might not be able to hook WinSock, anymore. Well, that's also a really...
- Tue Mar 01, 2005 1:45 am
- Forum: madCodeHook
- Topic: CreateIpcQueue: control dll uninjection inside a dll
- Replies: 7
- Views: 8392
Re: CreateIpcQueue: control dll uninjection inside a dll
The IPC mechanism isn't the fastest in the world, but is fast enough. Using it when a CreateProcess() occurs should be fine. After all, the time it takes to create the process will be at least an order of magnitude more than even the slowest IPC mechanism. But what I try to avoid is that I have to ...
- Tue Mar 01, 2005 1:31 am
- Forum: madCodeHook
- Topic: WinSock application: hook or driver?
- Replies: 7
- Views: 6925
Re: Use madCodeHook
Of course I know madCodeHook is easier..., I don't know that NDIS can't handle dialup :oops: ... My only concern is that, is there some thing that apihooking is not capable of, but driver can do it? For example, I have an idea of anti-hacker. My hook or driver program should record inbound connectio...
- Mon Feb 28, 2005 1:48 pm
- Forum: madCodeHook
- Topic: CreateIpcQueue: control dll uninjection inside a dll
- Replies: 7
- Views: 8392
Re: CreateIpcQueue: control dll uninjection inside a dll
Hi Nildo, I think you misunderstood... 1) I do NOT have a form. What I want to do is put the uninjectlibrary stuff inside of the DLL (i.e. NOT main program), is this possible? 2) I don't think consulting the main exe for the black list is a good idea. Because this might slow down the execution. Did ...
- Mon Feb 28, 2005 8:09 am
- Forum: madCodeHook
- Topic: WinSock application: hook or driver?
- Replies: 7
- Views: 6925
WinSock application: hook or driver?
I need to write a program to filter internet traffic. Now I have 2 options: use madCodeHook to hook winsock api, or to write a driver using the NDIS/SPI technologies. I think I would like to use madCodeHook because it will be simpler than writing a driver. However, is there any pitfalls? Could anyon...
- Mon Feb 28, 2005 8:03 am
- Forum: madCodeHook
- Topic: CreateIpcQueue: control dll uninjection inside a dll
- Replies: 7
- Views: 8392
CreateIpcQueue: control dll uninjection inside a dll
Hi All, I am new to madCodeHook yet feel it extremely easy to use and works on all windows (important to me). Thanks Mathais... Now having a problem: I want to create an IPC Queue inside the DLL. I have 2 purposes: 1) The main program which injected the DLL maybe closed by the user (according to my ...