Search found 1068 matches
- Fri Aug 18, 2023 3:04 am
- Forum: madCodeHook
- Topic: code not interceptable
- Replies: 4
- Views: 39255
Re: code not interceptable
What API are you hooking in PhotosApp.exe on Windows 11 and is your project code in Delphi or c/c++? The main 2 or 3 things I can think of off the top of my head are the code design does not allow for disassembly that allows for this, it might be prone to a crash or too short, and the 2nd thing I ca...
- Sat Aug 12, 2023 8:28 pm
- Forum: madCodeHook
- Topic: Cannot load driver in safe mode
- Replies: 9
- Views: 24146
Re: Cannot load driver in safe mode
I've tested the print monitor driver that comes with the demo and is pre-signed by Madshi in Safe Mode. I was only able to load the driver in Safe Mode after adding the proper entries to SafeBoot key and disabling SecureBoot. When SecureBoot was enabled and test signing was off it failed unfortunate...
- Fri Aug 11, 2023 10:55 pm
- Forum: madCodeHook
- Topic: Cannot load driver in safe mode
- Replies: 9
- Views: 24146
Re: Cannot load driver in safe mode
Quick update, I've just run a couple of tests on Windows 10 Pro 22H2 x64 and a couple of standard drivers (not function or filter drivers, just basic) loaded fine for me in SafeMode even with SecureBoot enabled. I also checked if the driver was *truly* loaded and it was, the product worked as expect...
- Fri Aug 11, 2023 2:16 am
- Forum: madCodeHook
- Topic: Cannot load driver in safe mode
- Replies: 9
- Views: 24146
Re: Cannot load driver in safe mode
Your entries in the Registry seem ok to me after looking at them. It may be worth deleting the "Start Type" still present in your entry. If this is a newer Windows "Safe Boot" issue then clearly other 3rd-party drivers are also affected. On Windows 7 all works fine which usually ...
- Fri Aug 11, 2023 1:25 am
- Forum: madCodeHook
- Topic: Cannot load driver in safe mode
- Replies: 9
- Views: 24146
Re: Cannot load driver in safe mode
Hello, If you look at my original post I mention the error code STATUS_NOT_SAFE_MODE_DRIVER specifically. But, NtLoadDriver() still works fine here on Windows 7 Pro x64 in Safe Mode/Safe Boot. If MCH's driver is loading fine for you in "normal" boot it must definitely be an issue with Safe...
- Thu Aug 10, 2023 11:28 pm
- Forum: madCodeHook
- Topic: Cannot load driver in safe mode
- Replies: 9
- Views: 24146
Re: Cannot load driver in safe mode
Hello, This is definitely a Windows Safe Mode issue with your driver. I know this because I booted up Windows 7 Pro x64 and was able to load MCH's driver without issue *only* after adding the entry to the SafeBoot Registry area. I could load and unload perfectly fine. If you try loading the MCH driv...
- Thu Aug 10, 2023 5:59 pm
- Forum: madCodeHook
- Topic: Cannot load driver in safe mode
- Replies: 9
- Views: 24146
Re: Cannot load driver in safe mode
Hello, Safe Mode's purpose is to load only required system drivers in hopes of keeping 3rd party drivers from loading unless you're a filter driver or other driver tied into the system at a lower layer. This increases the chances of the system properly booting in case of some other buggy driver that...
- Wed Jul 26, 2023 1:03 am
- Forum: madExcept
- Topic: Identify socket error in report
- Replies: 2
- Views: 9394
Re: Identify socket error in report
@wandersonpaiva, I would likely guess it's accessing an already freed (and likely NILed) object, but it's hard to say of course with your exception log in this thread alone. I am curious however why you're using ScktComp with TClient/ServerSocket? It's riddled with issues and isn't nearly as develop...
- Tue Jun 27, 2023 10:33 pm
- Forum: madExcept
- Topic: MadExcept Viewer Not Displaying Files.
- Replies: 6
- Views: 14186
Re: MadExcept Viewer Not Displaying Files.
Great! In looking into drag and drop we now can add support for instances that can be elevated so it will also work properly, otherwise I'd have not looked at the D'nD code to begin with.A simple reboot fixed the problem
--Iconic
- Tue Jun 27, 2023 7:56 pm
- Forum: madExcept
- Topic: MadExcept Viewer Not Displaying Files.
- Replies: 6
- Views: 14186
Re: MadExcept Viewer Not Displaying Files.
SteveG, Are you by chance running MadExcept Viewer with elevated rights (administrative rights)? If so, drag and drop support in the app would require a modified window filter due to UIPI from Vista up. I checked the viewer code and it does not add the necessary window messages to support such a cas...
- Tue Jun 27, 2023 7:21 pm
- Forum: madCodeHook
- Topic: Are there any support plans for Windows 11 UWP Apps?
- Replies: 3
- Views: 6593
Re: Are there any support plans for Windows 11 UWP Apps?
Yes, in order to inject into UWP/Metro apps you must include that flag, it's not included automatically. Glad you were able to figure it out and have it working. Also, just a note, as Madshi said your DLL file will need the security permissions "ALL APPLICATION PACKAGES" and on newer OSes ...
- Thu Jun 15, 2023 9:45 pm
- Forum: madExcept
- Topic: ec.dll missing in madExcept Demos
- Replies: 2
- Views: 6179
Re: ec.dll missing in madExcept Demos
Good catch, thank you for pointing this out
--Iconic
--Iconic
- Thu Jun 01, 2023 10:43 pm
- Forum: madExcept
- Topic: Meaning of "system up time"
- Replies: 2
- Views: 6216
Re: Meaning of "system up time"
GetTickCount()/GetTickCount64() is not process or thread-based, it simply counts the CPU ticks (clock ticks) since the system booted. OS Suspension/Hibernation has absolutely no effect on the API whatsoever.
--Iconic
--Iconic
- Mon May 08, 2023 9:33 pm
- Forum: madExcept
- Topic: Madexcept with msbuild
- Replies: 4
- Views: 3633
Re: Madexcept with msbuild
Thanks for reporting back to us
--Iconic
--Iconic
- Tue Apr 25, 2023 9:54 pm
- Forum: madCodeHook
- Topic: Hooking processes running in docker containers
- Replies: 1
- Views: 4266
Re: Hooking processes running in docker containers
Hello, Here's the quick explanation of Docker injection, we've updated MCH to support injection for such cases to work with Docker but it's only currently for usermode last I checked (InjectLibrary(non-system-driver-flag-or-processhandle)). Basically, the older versions of MCH relied on the fact tha...