Page 1 of 1

Can we hook APIs of .sys file?

Posted: Mon Nov 11, 2013 10:23 am
by manutai
Hi,

I want to hook APIs of a .sys file.
Is it possible using HookAPI function?
Or is there any other function to do this?

Re: Can we hook APIs of .sys file?

Posted: Mon Nov 11, 2013 10:29 am
by madshi
You mean you want to hook a driver in driver land? That is not possible with madCodeHook. Driver land is a totally different thing compared to user land. Also, Microsoft has strictly forbidden API hooking in driver land in 64bit OSs. See here:

http://en.wikipedia.org/wiki/Kernel_Patch_Protection

Re: Can we hook APIs of .sys file?

Posted: Mon Dec 09, 2013 5:48 am
by manutai
Thanks for this useful information.