didn't hook apis in specified application

c++ / delphi package - dll injection and api hooking
Post Reply
orseL
Posts: 3
Joined: Thu Jul 19, 2018 2:38 am

didn't hook apis in specified application

Post by orseL »

Hi madshi,

before i ask, i'm sure that i'm totally beginner in madchook and also english. :wink:

i'm testing api hook now with madchook 3.1.18

and i want to catch some apis such as "CreateFile, ReadFile and SHGetFileInfo" in (Desktop-search engine)explorer application that named "Everything"

i've successed to attach my test dll on this application. but it didn't hook apis at all and i couldn't find out any problem.

i attach some screen-shot, log and my source-code that modified from Print monitor Demo.

please check it and i would appriciate when you answer.

thanks! best regard
Attachments
source-code.zip
(10.34 KiB) Downloaded 339 times
Screen-shot and log.zip
(209.22 KiB) Downloaded 327 times
madshi
Site Admin
Posts: 10754
Joined: Sun Mar 21, 2004 5:25 pm

Re: didn't hook apis in specified application

Post by madshi »

I'm confused, your source code doesn't even seem to use madCodeHook at all. Or am I missing something?
orseL
Posts: 3
Joined: Thu Jul 19, 2018 2:38 am

Re: didn't hook apis in specified application

Post by orseL »

I'm really sorry that i uploaded wrong file. Here is new uploads. thanks to reply :)
Attachments
HookWindowTest.zip
(6.96 KiB) Downloaded 332 times
madshi
Site Admin
Posts: 10754
Joined: Sun Mar 21, 2004 5:25 pm

Re: didn't hook apis in specified application

Post by madshi »

You are calling FinalizeMadCHook() for DLL_THREAD_ATTACH and DLL_THREAD_DETACH events, which is totally wrong.

You said that you modified the PrintMonitor demo, which would have been smart. But you did not. Your dllmain.cpp file has exactly zero things in common with the PrintMonitor demo. If you actually did use the PrintMonitor demo as a starting point, you would not have run into this problem... :wink:
orseL
Posts: 3
Joined: Thu Jul 19, 2018 2:38 am

Re: didn't hook apis in specified application

Post by orseL »

Now it works super :D Thanks madshi!
Post Reply