Search found 31 matches

by Overnissen
Sat Mar 12, 2016 8:25 pm
Forum: madCodeHook
Topic: Rare 0xc0000018 error on w81 64b apps
Replies: 36
Views: 56651

Re: Rare 0xc0000018 error on w81 64b apps

I guess my reference was very well placed :D Quite frankly, I don't know if it's the hook .dll that's misbehaving par se, I can only observe that certain processes starts to misbehave and nothing have been changed but the injection driver, so it was kinda natural to me to suspect that it was somethi...
by Overnissen
Sat Mar 12, 2016 4:41 pm
Forum: madCodeHook
Topic: Rare 0xc0000018 error on w81 64b apps
Replies: 36
Views: 56651

Re: Rare 0xc0000018 error on w81 64b apps

Hey madshi, A quick update. I updated the drives using the latest Beta drivers, but there's no change, it still does it. I then took the PrintMonitor demo and replaced renameme32+64.sys with those from the Beta Package, signed .dlls, configured drivers and signed drivers, no problem when that is run...
by Overnissen
Fri Mar 11, 2016 8:41 pm
Forum: madCodeHook
Topic: Rare 0xc0000018 error on w81 64b apps
Replies: 36
Views: 56651

Re: Rare 0xc0000018 error on w81 64b apps

No, I only re-configured the Beta drivers, I did not recompile using the beta codeHook code.

I'm running it on Win7 x64 and using Delphi XE5.
by Overnissen
Fri Mar 11, 2016 5:35 pm
Forum: madCodeHook
Topic: Rare 0xc0000018 error on w81 64b apps
Replies: 36
Views: 56651

Re: Rare 0xc0000018 error on w81 64b apps

So, I downloaded the madCodehookBeta, extracted the .sys drivers, reconfigured and signed them. That seems to do the trick, so now the applications where the .dll is injected into do no longer give the 0x0000018 error, so that's a good thing.. ;) However, I have experienced that some applications (s...
by Overnissen
Tue Mar 08, 2016 4:33 pm
Forum: madCodeHook
Topic: Rare 0xc0000018 error on w81 64b apps
Replies: 36
Views: 56651

Re: Rare 0xc0000018 error on w81 64b apps

Thanks madshi, I'll give it a go :)
by Overnissen
Mon Mar 07, 2016 9:40 pm
Forum: madCodeHook
Topic: Rare 0xc0000018 error on w81 64b apps
Replies: 36
Views: 56651

Re: Rare 0xc0000018 error on w81 64b apps

I believe I have a similar problem, it gives the same error anyway and only on Windows10. I have the hooking .dlls signed, the kernel mode injection drivers configured and signed and it works fine on Win7. May I ask what I need to update ? Would it be enough to retrieve the renameme64.sys and rename...
by Overnissen
Fri Nov 27, 2015 7:42 pm
Forum: madCodeHook
Topic: SendIPCMessage and return a string
Replies: 6
Views: 7239

Re: SendIPCMessage and return a string

No worries mate, I prefer honesty :wink: You're right about the IPCString := PAnsiChar(IPCBuffer) (of course), dunno why I didn't think of that when I wrote the code. Also, with regards to the "Length(PAnsiChar(TheMessage))", you're right, it's just a bad habit I have I think, from fraggin...
by Overnissen
Fri Nov 27, 2015 11:05 am
Forum: madCodeHook
Topic: SendIPCMessage and return a string
Replies: 6
Views: 7239

Re: SendIPCMessage and return a string

Thanks Mathias, both for the insult and the advice ;) I get your point, the StrPCopy() seemed to be the missing trick, it was certainly the "passing data to the answerBuf memory space" that went wrong somehow, thanks for the tip with telling the IPC driver to "include" (Length(An...
by Overnissen
Thu Nov 26, 2015 5:17 pm
Forum: madCodeHook
Topic: SendIPCMessage and return a string
Replies: 6
Views: 7239

Re: SendIPCMessage and return a string

Sorry, should've mentioned that.. It's in Delphi (XE5). Including the terminating null, so basically set the buffer to be the length of the string +1, something like: MyRetVal: AnsiString MyString: AnsiString; SendIPCMessage('QueueName',PAnsiChar(MyString),Length(MyString),@MyRetVal,MyRetValLen,Fals...
by Overnissen
Wed Nov 25, 2015 10:41 pm
Forum: madCodeHook
Topic: SendIPCMessage and return a string
Replies: 6
Views: 7239

SendIPCMessage and return a string

I'm sorry, I have been trolling this entire forum, attempting to wrap my brain around how to use SendIPCMessage (with some kind of message) and return a string (or char/byte array) to the caller, allowing me to call from an injected .dll to the "mothership", receiving an answer in a string...
by Overnissen
Fri Apr 03, 2015 7:14 am
Forum: madCodeHook
Topic: Injected DLL gets instantly unloaded
Replies: 20
Views: 23296

Re: Injected DLL gets instantly unloaded

Sorry for butting in..

While I haven't tested Spartan myself, I could imagine that it might be that Spartan will only accepts .dlls that have been signed, if not permanently then as for right now while it's a technology review..

Just a suggestion..
by Overnissen
Sun Mar 08, 2015 10:04 am
Forum: madCodeHook
Topic: madCodeHook2 doesn't hook API in 32bit process on Win7 x64
Replies: 5
Views: 9024

Re: madCodeHook2 doesn't hook API in 32bit process on Win7 x

Yes, you're right, I probably should update to madCodeHook3. I've send you an email regarding upgrading from my 11 year old 2-user license for madCollection, all I need for now would be a single-user upgrade to madCodeHook3. I did manage to make it work, I can't really recall the nittygritty details...
by Overnissen
Sun Mar 08, 2015 9:47 am
Forum: madKernel
Topic: Process.ID off by 1 ?
Replies: 3
Views: 12790

Re: Process.ID off by 1 ?

Hi madshi, It's something I experienced on Windows7, running as a VM-Ware virtual machine and using Delphi XE5. I don't think it's a general problem, it seems to come and go as it damn pleases, so it just might be a Window$ "feature" when Win7 is running in a virtual.. ... or my machine is...
by Overnissen
Sun Jan 11, 2015 9:15 am
Forum: madKernel
Topic: Process.ID off by 1 ?
Replies: 3
Views: 12790

Process.ID off by 1 ?

Dear madshi, I have been seeing some rather strange behavior in madKernel. I'm basically launching a process and then monitors the process to see when it exists, but I seem to experience that suddenly the PID reported by madKernel are off by 1. I set up some status logging to try and capture exactly...
by Overnissen
Thu Jan 01, 2015 10:51 pm
Forum: madCodeHook
Topic: madCodeHook2 doesn't hook API in 32bit process on Win7 x64
Replies: 5
Views: 9024

Re: madCodeHook2 doesn't hook API in 32bit process on Win7 x

Iconic, Thank you for your reply, but I don't quite understand why.. The code works running the hooking-app and the test-app on a 32 bit OS, now if I move the same apps and the same hooking .dll to a 64 bit environment, suddenly it doesn't hook the API's anymore. I get the .dll injected and the .dll...