UnhookCode thread stopper + example

c++ / delphi package - dll injection and api hooking
Post Reply
uall
Posts: 254
Joined: Sun Feb 20, 2005 1:24 pm

Post by uall »

our handler is installed for some milliseconds, and i dont think there will be any other handler which is able to handle the privileged function.

but maybe overwriting the call is better, i thought from my point of view as a cheat programmer, it would be to easy to detect ^^
Top
madshi
Site Admin
Posts: 10766
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

Heh... :D Well, I don't care that much whether it's easy to detect or not.

But in XP/2003 you can use the new vectored APIs, that should be hard to detect.
Top
madshi
Site Admin
Posts: 10766
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

If anybody is interested, there's a new beta build of madCollection available, with improved multi threading safety:

http://madshi.net/madCollectionBeta.exe

Use the flag "SAFE_HOOKING" to activate the new feature, when calling HookAPI/Code. Right now this new mode is not activated by default, because it's not well enough tested yet.
Top
Post Reply

Return to “madCodeHook”