c++ / delphi package - dll injection and api hooking


Postby manutai » Thu Mar 27, 2014 6:06 am

If InitializeMadCHook is called in a dll and this dll is injected in the process (say notepad) by calling CreateProcessEx function then dll is not injected and CreateProcessEx returns success. The process is started in background not as application. In this scenario there are also other dll's which are systemwide injected. This works fine if we don't call InitializeMadCHook. OS - Win 7 32 bit, MadShi lib version - 3.1.6.
Posts: 83
Joined: Sun Aug 03, 2008 1:40 am

Re: InitializeMadCHook

Postby madshi » Thu Apr 03, 2014 12:58 pm

Sorry for the late reply, somehow missed this thread.

Hmmmm... So you're saying as soon as you call InitializeMadCHook() neither CreateProcessEx nor system wide DLL injection works? That's weird, it seems to work for everyone else. Can you please try with the one of the following demos:

Do these demos work? If they do, try injecting one of the demos' hook dlls via CreateProcessEx. Does that work? Make sure the hook dll has read/execute NTFS rights for Everyone, just to be safe.
Site Admin
Posts: 10008
Joined: Sun Mar 21, 2004 5:25 pm

Return to madCodeHook

Who is online

Users browsing this forum: No registered users and 7 guests