API Hook OpenServiceW

[snoopy_spy]

Hi,
i have two problems hooking the OpenServiceW

This is the call to HookAPI

Code: Select all

           OpenServiceWNext : function (hSCManager: SC_HANDLE; lpServiceName: PWideChar; dwDesiredAccess: DWORD): SC_HANDLE; stdcall;
HookAPI('Advapi32.dll',  'OpenServiceW', @OpenServiceWCallback, @OpenServiceWNext);

I get everytime a Result of 0 and as Error 5 (DENIED)

Code: Select all

function OpenServiceWCallback(hSCManager: SC_HANDLE; lpServiceName: PWideChar; dwDesiredAccess: DWORD): SC_HANDLE;
begin
	result := OpenServiceWNext(hSCManager, lpServiceName, dwDesiredAccess);
    MessageBox(0, PChar('Result : '+IntToStr(result)+' .. Error : '+IntToStr(GetLastError)+'<'), 'OpenService', MB_OK);
end;

and the second problem, i didn't get it to work to extract the name

Code: Select all

        tempS   := WideToAnsiEx(lpServiceName);
    MessageBox(0, PChar('tempS), 'Dsfsdf', MB_OK);

i know, not to use MessageBox ... but it's only for debugging.

regards
snoopy

[madshi]

That you get result 0 and error 5 is probably not a problem of the hook. I guess whoever is calling OpenServiceW simply doesn't have enough privileges. I don't see how that is related to madCodeHook. Or am I missing something?

What happens with the MessageBox? You say it doesn't work. Could you please be a bit more specific?

[snoopy_spy]

I tried it with the Services window from Windows or with a command line "NET START R_SERVER"
Without the hook, it works OK, with the hook, i get an error (invalid handle)

The thing which doens't work is the WideAnsiToEx .... the resulting string looks strange.

[madshi]

The OpenServiceWCallback is missing the calling convention (stdcall) !!

[snoopy_spy]

Arghhh ....
That isn't possible, i checked it about 10 times. (I thought)

Thank you, now all works as it should (Perfect)

regards
snoopy