Can we hook APIs of .sys file?

contains all delphi packages mentioned below

Can we hook APIs of .sys file?

Postby manutai » Mon Nov 11, 2013 10:23 am

Hi,

I want to hook APIs of a .sys file.
Is it possible using HookAPI function?
Or is there any other function to do this?
manutai
 
Posts: 79
Joined: Sun Aug 03, 2008 1:40 am

Re: Can we hook APIs of .sys file?

Postby madshi » Mon Nov 11, 2013 10:29 am

You mean you want to hook a driver in driver land? That is not possible with madCodeHook. Driver land is a totally different thing compared to user land. Also, Microsoft has strictly forbidden API hooking in driver land in 64bit OSs. See here:

http://en.wikipedia.org/wiki/Kernel_Patch_Protection
madshi
Site Admin
 
Posts: 9265
Joined: Sun Mar 21, 2004 5:25 pm

Re: Can we hook APIs of .sys file?

Postby manutai » Mon Dec 09, 2013 5:48 am

Thanks for this useful information.
manutai
 
Posts: 79
Joined: Sun Aug 03, 2008 1:40 am


Return to madCollection

Who is online

Users browsing this forum: No registered users and 6 guests

cron