bedlam wrote:Could someone here please explain to me the difference between using HookAPI without DLL injection and using HookAPI with DLL injection from inside the DLL ???
HookAPI only hooks the API in the current process. If you call HookAPI without DLL injection, you're hooking the API only in your own process. If you put the HookAPI call etc in a hook dll, you can then inject the dll into one specific target application to hook the API there. Or you can inject it into all processes to get system wide API hooking.
bedlam wrote:What is the difference between the functions that end in A and W but have similar function name ??? eg: CreateProcessA / CreateProcessW
Should you always hook both ???
"A" is for "Ansi" strings, that means 1 byte per character.
"W" is for "Wide" strings, that means 2 byte per character.
Ansi strings can only describe western text like english, german, french etc. If you need to handle russian and chinese text and such stuff you need wide strings.
Do you need to hook both? That depends. In most cases either the Ansi API internally calls the Wide API or vica versa. In those cases it's good enough to hook the API which is called by the other API. Unfortunately most often in win9x the wide API calls the ansi API, while in the NT family it's the other way round.
