Search found 31 matches
- Sat Mar 12, 2016 8:25 pm
- Forum: madCodeHook
- Topic: Rare 0xc0000018 error on w81 64b apps
- Replies: 36
- Views: 56651
Re: Rare 0xc0000018 error on w81 64b apps
I guess my reference was very well placed :D Quite frankly, I don't know if it's the hook .dll that's misbehaving par se, I can only observe that certain processes starts to misbehave and nothing have been changed but the injection driver, so it was kinda natural to me to suspect that it was somethi...
- Sat Mar 12, 2016 4:41 pm
- Forum: madCodeHook
- Topic: Rare 0xc0000018 error on w81 64b apps
- Replies: 36
- Views: 56651
Re: Rare 0xc0000018 error on w81 64b apps
Hey madshi, A quick update. I updated the drives using the latest Beta drivers, but there's no change, it still does it. I then took the PrintMonitor demo and replaced renameme32+64.sys with those from the Beta Package, signed .dlls, configured drivers and signed drivers, no problem when that is run...
- Fri Mar 11, 2016 8:41 pm
- Forum: madCodeHook
- Topic: Rare 0xc0000018 error on w81 64b apps
- Replies: 36
- Views: 56651
Re: Rare 0xc0000018 error on w81 64b apps
No, I only re-configured the Beta drivers, I did not recompile using the beta codeHook code.
I'm running it on Win7 x64 and using Delphi XE5.
I'm running it on Win7 x64 and using Delphi XE5.
- Fri Mar 11, 2016 5:35 pm
- Forum: madCodeHook
- Topic: Rare 0xc0000018 error on w81 64b apps
- Replies: 36
- Views: 56651
Re: Rare 0xc0000018 error on w81 64b apps
So, I downloaded the madCodehookBeta, extracted the .sys drivers, reconfigured and signed them. That seems to do the trick, so now the applications where the .dll is injected into do no longer give the 0x0000018 error, so that's a good thing.. ;) However, I have experienced that some applications (s...
- Tue Mar 08, 2016 4:33 pm
- Forum: madCodeHook
- Topic: Rare 0xc0000018 error on w81 64b apps
- Replies: 36
- Views: 56651
Re: Rare 0xc0000018 error on w81 64b apps
Thanks madshi, I'll give it a go
- Mon Mar 07, 2016 9:40 pm
- Forum: madCodeHook
- Topic: Rare 0xc0000018 error on w81 64b apps
- Replies: 36
- Views: 56651
Re: Rare 0xc0000018 error on w81 64b apps
I believe I have a similar problem, it gives the same error anyway and only on Windows10. I have the hooking .dlls signed, the kernel mode injection drivers configured and signed and it works fine on Win7. May I ask what I need to update ? Would it be enough to retrieve the renameme64.sys and rename...
- Fri Nov 27, 2015 7:42 pm
- Forum: madCodeHook
- Topic: SendIPCMessage and return a string
- Replies: 6
- Views: 7239
Re: SendIPCMessage and return a string
No worries mate, I prefer honesty :wink: You're right about the IPCString := PAnsiChar(IPCBuffer) (of course), dunno why I didn't think of that when I wrote the code. Also, with regards to the "Length(PAnsiChar(TheMessage))", you're right, it's just a bad habit I have I think, from fraggin...
- Fri Nov 27, 2015 11:05 am
- Forum: madCodeHook
- Topic: SendIPCMessage and return a string
- Replies: 6
- Views: 7239
Re: SendIPCMessage and return a string
Thanks Mathias, both for the insult and the advice ;) I get your point, the StrPCopy() seemed to be the missing trick, it was certainly the "passing data to the answerBuf memory space" that went wrong somehow, thanks for the tip with telling the IPC driver to "include" (Length(An...
- Thu Nov 26, 2015 5:17 pm
- Forum: madCodeHook
- Topic: SendIPCMessage and return a string
- Replies: 6
- Views: 7239
Re: SendIPCMessage and return a string
Sorry, should've mentioned that.. It's in Delphi (XE5). Including the terminating null, so basically set the buffer to be the length of the string +1, something like: MyRetVal: AnsiString MyString: AnsiString; SendIPCMessage('QueueName',PAnsiChar(MyString),Length(MyString),@MyRetVal,MyRetValLen,Fals...
- Wed Nov 25, 2015 10:41 pm
- Forum: madCodeHook
- Topic: SendIPCMessage and return a string
- Replies: 6
- Views: 7239
SendIPCMessage and return a string
I'm sorry, I have been trolling this entire forum, attempting to wrap my brain around how to use SendIPCMessage (with some kind of message) and return a string (or char/byte array) to the caller, allowing me to call from an injected .dll to the "mothership", receiving an answer in a string...
- Fri Apr 03, 2015 7:14 am
- Forum: madCodeHook
- Topic: Injected DLL gets instantly unloaded
- Replies: 20
- Views: 23296
Re: Injected DLL gets instantly unloaded
Sorry for butting in..
While I haven't tested Spartan myself, I could imagine that it might be that Spartan will only accepts .dlls that have been signed, if not permanently then as for right now while it's a technology review..
Just a suggestion..
While I haven't tested Spartan myself, I could imagine that it might be that Spartan will only accepts .dlls that have been signed, if not permanently then as for right now while it's a technology review..
Just a suggestion..
- Sun Mar 08, 2015 10:04 am
- Forum: madCodeHook
- Topic: madCodeHook2 doesn't hook API in 32bit process on Win7 x64
- Replies: 5
- Views: 9024
Re: madCodeHook2 doesn't hook API in 32bit process on Win7 x
Yes, you're right, I probably should update to madCodeHook3. I've send you an email regarding upgrading from my 11 year old 2-user license for madCollection, all I need for now would be a single-user upgrade to madCodeHook3. I did manage to make it work, I can't really recall the nittygritty details...
- Sun Mar 08, 2015 9:47 am
- Forum: madKernel
- Topic: Process.ID off by 1 ?
- Replies: 3
- Views: 12790
Re: Process.ID off by 1 ?
Hi madshi, It's something I experienced on Windows7, running as a VM-Ware virtual machine and using Delphi XE5. I don't think it's a general problem, it seems to come and go as it damn pleases, so it just might be a Window$ "feature" when Win7 is running in a virtual.. ... or my machine is...
- Sun Jan 11, 2015 9:15 am
- Forum: madKernel
- Topic: Process.ID off by 1 ?
- Replies: 3
- Views: 12790
Process.ID off by 1 ?
Dear madshi, I have been seeing some rather strange behavior in madKernel. I'm basically launching a process and then monitors the process to see when it exists, but I seem to experience that suddenly the PID reported by madKernel are off by 1. I set up some status logging to try and capture exactly...
- Thu Jan 01, 2015 10:51 pm
- Forum: madCodeHook
- Topic: madCodeHook2 doesn't hook API in 32bit process on Win7 x64
- Replies: 5
- Views: 9024
Re: madCodeHook2 doesn't hook API in 32bit process on Win7 x
Iconic, Thank you for your reply, but I don't quite understand why.. The code works running the hooking-app and the test-app on a 32 bit OS, now if I move the same apps and the same hooking .dll to a 64 bit environment, suddenly it doesn't hook the API's anymore. I get the .dll injected and the .dll...