Page 1 of 1

ANN: madCodeHook 4.1.1

PostPosted: Sat Nov 17, 2018 11:07 am
by madshi
Today I'm releasing madExcept 4.1.1 with the following improvements:

(1) added ex/including Metro app injection functionality
(2) added support for selectively activating IAT injection
(3) improved static lib smart linking support
(4) [driver] fixed potential (rare) blue screen
(5) [driver] fixed privilege escalation vulnerability (installer

Re: ANN: madCodeHook 4.1.1

PostPosted: Sat Nov 17, 2018 3:11 pm
by madshi

I should probably mention that the (Un)InjectLibrary API parameters have
changed slightly. There used to be two parameters in v4 like this:

BOOL bSystemProcesses = TRUE,
BOOL bPermanent = FALSE,

This has been replaced now with:

DWORD dwOptions = 0,

If you don't change your code, the compiler will probably complain, but
it might still make sense to double check your code, just to be safe. The
following option flags are available atm:


If you just want to simply convert your code to the new parameters, without
any functional differences, you need to use the INJECT_SYSTEM_PROCESSES
option, if you had "bSystemProcesses" set to TRUE. And you need to use the
INJECT_PERMANENTLY option, if you had "bPermanent" set to TRUE. Also, if
you want unchanged behaviour, please use the option INJECT_METRO_APPS,
because that's what older builds did by default. The new build will only
inject into Metro Apps with the INJECT_METRO_APPS flag set.