Effects of sharing an CodeHook address

c++ / delphi package - dll injection and api hooking
Post Reply
Gryphyn
Posts: 3
Joined: Wed Sep 08, 2004 11:26 pm

Effects of sharing an CodeHook address

Post by Gryphyn »

I have an application with an injected DLL that is using CodeHook. This DLL is written in C++ and only exports a Class.

My issue is that this DLL may (or may not) be present, and I wish to create a Delphi DLL that uses this same address for a CodeHook. Will this cause any problems? (other than not being able to address the C++ class from Delphi - I can't change the C++ code [ :crazy: policy])
Do Hooks stack/queue/chain/whatever?
What about multiple callbacks, does this call the original function twice?

Both DLL Hooks will be driven by a 'token string' (different in each case) and both DLL's use madCodeHook.
madshi
Site Admin
Posts: 10753
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

I'm not totally sure if I understood your question correctly.

madCodeHook has a fully automated hooking queue. If you have two dlls which both hook the very same API, this is no problem at all. If your first hook calls "HookedFuncNextHook", this calls the callback function of the second hook. If that calls "HookedFuncNextHook" it will call the original API. Just as it's supposed to be. You can install as many hooks on the same API as you like and you may uninstall them in any order. No problem here...

Does that answer your question?
Gryphyn
Posts: 3
Joined: Wed Sep 08, 2004 11:26 pm

Post by Gryphyn »

madshi wrote:madCodeHook has a fully automated hooking queue.
I think that answers it, but just to make sure I've got the dependancies right. In this case I'm using HookCode not HookAPI.

Main
OrigProc -at(address)

DLL.1
Hook->Main.OrigProc
DoStuff.1
Callback->Main.OrigProc

DLL.2 (then in activation sequence 'queue')
Hook->Main.OrigProc
DoStuff.2
Callback->Main.OrigProc
or
DLL.2 (in order of activation 'stack')
Hook->DLL.1.DoStuff.1 (as address is 'redirected' by DLL.1)
DoStuff.2
Callback->DLL.1.DoStuff.1

Or in the queue scenario - does madCodeHook (itself) recognise
DLL.1
Hook->Main.OrigProc
DoStuff.1
DLL.2
DoStuff.2
Callback->Main.OrigProc

Can the result of a callback in DLL.1, activate a callback in DLL.2 (queue) or vis-a-v DLL.2 influence DLL.1 (stack)
madshi
Site Admin
Posts: 10753
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

Somehow I'm having difficulties understanding your syntax. Anyway, I think this is how it works:
Or in the queue scenario - does madCodeHook (itself) recognise
DLL.1
Hook->Main.OrigProc
DoStuff.1
DLL.2
DoStuff.2
Callback->Main.OrigProc
About this question:
Can the result of a callback in DLL.1, activate a callback in DLL.2 (queue) or vis-a-v DLL.2 influence DLL.1 (stack)
Sorry, but I've no idea what you mean...

I suggest that you simply try it out. I think you'll find that it works exactly as you would like to. It should work similar to SetWindowsHookEx hooks work.
Gryphyn
Posts: 3
Joined: Wed Sep 08, 2004 11:26 pm

Post by Gryphyn »

Thanks Madshi,

Confusion - my fault - didn't want to present you with a novel of my woes.

OK, going to give it a whirl.

Cheers
Gryphyn
Post Reply