madCodeHook Example Oo

neji · Post by **neji** » Tue Mar 15, 2005 8:56 am

Hello,

today I've had my first tries with madCodehook. I read the tutorial for hooking the WinExec API processwide. That works perfectly. Then i've tried to put the code into a dll to make it processwide. My Code looks as this :

dll:

Code: Select all

var WinExecHookNext : function (cmdLine : pchar; showcmd : dword) : dword ; stdcall;

function WinExecHookProc(cmdLine : pchar; showcmd : dword) : dword ; stdcall;
begin
  if MessageBox(0, cmdLine, 'Execute?', MB_YESNO or MB_ICONQUESTION) = IDYES then
    result := WinExecHookNext(cmdLine, showCmd)
  else
    result := ERROR_ACCESS_DENIED;
end;

begin
  HookAPI('kernel32.dll','WinExec',@WinExecHookProc,@WinExecHookNext);
end.

and the main Program :

Code: Select all


procedure TForm1.btninstallClick(Sender: TObject);
begin
  InjectLibrary(ALL_SESSIONS or SYSTEM_PROCESSES, 'Project1.dll');
end;

procedure TForm1.btnuninstallClick(Sender: TObject);
begin
  UninjectLibrary(ALL_SESSIONS or SYSTEM_PROCESSES, 'Project1.dll');
end;

procedure TForm1.btnnotepadClick(Sender: TObject);
begin
  WinExec('notepad.exe', SW_SHOWNORMAL);
end;

When Executing the Injectlibrary function, the program (and the rest of my Computer Oo) crashes and i got a bluescreen with the message "unknown hard error"

Does anybody know why i get this?

Post by **madshi** » Wed Mar 16, 2005 8:06 am

You get that because evidently you didn't read the hooking rules which are explained in the documentation...

neji · Post by **neji** » Wed Mar 16, 2005 12:46 pm

mhhh then it's because of the GUI stuff?

How can I make a MessageDialog instead?

Post by **madshi** » Wed Mar 16, 2005 12:57 pm

You can't, at least not in system processes/services.

Check out the HookProcessTermination demo, which shows a way to solve this problem.

neji · Post by **neji** » Wed Mar 16, 2005 2:19 pm

Ony when injecting in services?

If i would call injectlibrary with CURRENT_USER ....are there systemprocesses/services included?

Post by **madshi** » Wed Mar 16, 2005 2:50 pm

System processes/services are included only when you use the "SYSTEM_PROCESSES" flag.

Doing injection in a service has nothing to do with using GUI in the hook dll. The only sense of doing the injection in a service is to support starting your app inside of non-admin user accounts.