madshi.net

OK, I've stripped out all the MadKernel Code and I'm back to erros/AV's again whenever I try calling: GetModuleFileName(callmod, ...) and GetModuleFileName(0, ...). I use a logfile and whenever I call GetModuleFileName(...) the log is showing many repeated lines of calls to the Callback function. I ...

I forgot to mention that I only compiled the Delphi 2005 versions. It could
be a Delphi 2005 problem.

Yeah, I agree, i thought there would be an easier way than using all that extra overhead code. I didn't know calling GetModuleFileName(0, ...) would return the calling exe name.....I just realised now that the dll is part of the process being called. I'm now getting the idea of all this inject stuff...

Hi Madashi, I've updated to MadCollection v2.1.60 from v2.1.20 and whenever I use InjectLibrary to inject a DLL into ALL_SESSIONS (see code below) The PC just turns off in an instant and reboots. My Inject/Uninject code is called from a system service: InjectLibrary((ALL_SESSIONS Or SYSTEM_PROCESSES...

HI, I've sorted the problem out now, I am using the IModule/IProcess interfaces to obtain the OwnerProcess.ID of the Calling Module, this tells me which process launched the hook. Is this code ok to use ??: function SetWindowsHookExACallback(HookId: Integer; lpHookProc: TFNHookProc; hMod: Hinst; dwT...

Thanks for discuss madshi, i'll work on it tonight.

cheers.

MSCTF.DLL can't be reported as a process, since it's a DLL only. Who does the reporting? If you hook SetWindowsHookEx, you can use GetCallingModule to ask which module called SetWindowsHookEx. Also you can use GetCurrentProcessId to find out which process called it. Within the CallBack function for...

I found some info on ctfmon.exe, direct from MS site: Ctfmon.exe is the file that is responsible for controlling the Alternative User Input technologies. It starts the Language Bar component (in the Systray) and remains running in the background even after you quit an Office XP program. It also star...

Hi, I've managed to download and compile the source code to AntiKeyLogger http://psmantikeyloger.sourceforge.net/ I have run the program without errors and it pops up when ever a keyboard hook is detected, so far so good. However, when using the MadCodeHook injection on SetWindowsHookEx, if ctfmon.e...