Hooking PSAPI and crashes
Hooking PSAPI and crashes
I'm trying to do some basic hooking of psapi.dll functions. However, it will crash every time with just a basic redirect to the original function.
Is there a special command or hooking method that I need to use to hook psapi functions?
Also, when I try to hook
Is there a special command or hooking method that I need to use to hook psapi functions?
Also, when I try to hook
Sure, winXP SP2. Tried without SP2 installed.
I am running a MFC dll if it makes any difference.
Again, once I use the DLLInjector to inject the dll, insta system crash and a force reboot.
I have another similar dll running just fine that hooks Kernel32.
I am running a MFC dll if it makes any difference.
Code: Select all
// ***************************************************************
// Empty.dll version: 1.0 · date: 2003-06-15
// -------------------------------------------------------------
// just an empty dll to test dll injection
// -------------------------------------------------------------
// Copyright (C) 1999 - 2003 www.madshi.net, All Rights Reserved
// ***************************************************************
// 2003-06-15 1.0 initial release
#define _DEBUG_PSAPI
#include "stdafx.h"
#include "d:\program files\MadCollection\MadCodeHook\DLL\madCHook - static.h"
#include <tlhelp32.h>
#include "LogTrace.h"
CLogTrace cLog;
//// PSAPI - WinNT functions
BOOL WINAPI MyPSAPI_EnumProcessModules(HANDLE hProcess,HMODULE* lphModule,DWORD cb,LPDWORD lpcbNeeded);
BOOL (WINAPI * OrigPSAPI_EnumProcessModules)(HANDLE hProcess,HMODULE* lphModule,DWORD cb,LPDWORD lpcbNeeded);
BOOL WINAPI MyPSAPI_EnumProcessModules(HANDLE hProcess,HMODULE* lphModule,DWORD cb,LPDWORD lpcbNeeded)
{
#ifdef _DEBUG_PSAPI
cLog.WriteLine("PSAPI_EnumProcessModules");
#endif //_DEBUG
return OrigPSAPI_EnumProcessModules(hProcess,lphModule,cb,lpcbNeeded);
//TODO finish this function after crashes are fixed.
}
void HookPSAPI(void)
{ HookAPI("PSAPI.DLL","EnumProcessModules",MyPSAPI_EnumProcessModules,(PVOID*)&OrigPSAPI_EnumProcessModules,MIXTURE_MODE); //Note, I have tried without Mixture mode also
}
void Attach(HINSTANCE hInstance)
{ //Called from DLLMain
InitializeMadCHook(); //I dont think this is used anymore
HookPSAPI();
}
void Detach(HINSTANCE hInstance)
{ //Called from DLLMain
FinalizeMadCHook(); //I dont think this is used anymore
}
I have another similar dll running just fine that hooks Kernel32.
Which version of madCodeHook are you using? I suggest updating to the latest version:
http://madshi.net/madCollection.exe (2.1.3.0)
http://madshi.net/madCollection.exe (2.1.3.0)