madshi.net

Hi

what is the schedule for including the fix for this issue in a release?

Thanks

oops sorry about uploading the .lib files. I've deleted the download.

Your version works on my test machine.

Hi Iconic Yes, can you please upload your binary. CopyFunction still fails for me on 64bit. WOW64 seems to be ok. Here is my VS2019 test project (*** Edited out ***) Thanks ***Edit*** I've downloaded your project but have also erased the link of your archive file on this forum, I have a copy locally...

I'm using MCH 4.1.3 (madCHook64mt.lib), Windows 10 20H2, VisualStudio 16.8.2

Similar issue? viewtopic.php?f=5&t=27462

When building for x86, I have to link with madCHook32mt.lib and madCHook32.lib for CopyFunction. For other functions I only need to link with madCHook32mt.lib. Not sure if it's related.

Hi, can someone please help me? I am having a problem with CopyFunction from madCodeHook4 in the following test code where 6760 is the pid of notepad.exe: #include <windows.h> #include <madchook.h> DWORD WINAPI remoteProcess(LPVOID) { return 1; } int main() { InitializeMadCHook(); HANDLE process = O...

I have tried using /integritycheck linker option along with signtool /ph option as documented here: https://social.technet.microsoft.com/wiki/contents/articles/255.forced-integrity-signing-of-portable-executable-pe-files.aspx but I still get event ID 5038 or 6281. I think maybe my dll needs to be co...

ok, great. Here is the event log if you are interested: Log Name: Security Source: Microsoft-Windows-Security-Auditing Date: 8/6/2020 9:39:07 PM Event ID: 5038 Task Category: System Integrity Level: Information Keywords: Audit Failure User: N/A Computer: debug-windows10-64 Description: Code integrit...

Thanks Iconic,

I'm seeing this in Windows 10 1909. I just tried excluding "System" but it didn't help.

I would like to inject into all processes except the Windows system process (PID 4), but I am having trouble doing so: ULONG exclude_pids[] = {4, 0}; // exclude system process (4), list must finish with 0 BOOL rc = InjectLibraryW(INJECTION_DRIVER_NAME, dll.c_str(), ALL_SESSIONS, INJECT_METRO_APPS | ...

oops INJECT_METRO_APPS was missing, working now. Thanks iconic

sorry to drag up this old thread. Did this issue get resolved? I'm also unable to inject into App Store applications on Windows 10.0.17763 64bit. I have tested using HookProcessCreation after adding "ALL APPLICATION PACKAGES" NTFS read/execute rights to the folder. Windows Photos app, cand...

The work-around I used was to install a windows service that called InjectLibrary with permanent = FALSE and then exited. It would be much nicer if the permanent flag worked though.

I am also facing this problem with madCodeHook 4.0.4. I inject permanently a 32bit and a 64bit dll. Before reboot, the dlls are injected into running and new processes. But after reboot only the 32bit dll is injected. I have been able to replicate it on Windows 10 (16299) and Windows 8.1 (9600) but ...

no, still the same problem with madCollectionBeta.exe (2.8.3.0)