|
I used APIHijack lib to override TextOut funtion to capture text under point
How can I un override it to calls normal TextOut after I catured the text under consor.
|
|
|
|
|
Hi everybody.
Nice work.
I wander if there is a similar way to dicover function params within an encrypted dll.
I understand now that PE dll format hold all information about the functions, but I have dlls without any string information. I saw all functions using deassempler, but I can't see the params.
Thanks in advance.
|
|
|
|
|
Compiling...
apihijack.cpp
c:\temp\3\apihijack.cpp(158) : error C2440: '=' : cannot convert from 'unsigned long' to 'void *'
Conversion from integral type to pointer type requires reinterpret_cast, C-style cast or function-style cast
c:\temp\3\apihijack.cpp(196) : error C2440: '=' : cannot convert from 'unsigned long *' to 'unsigned long'
This conversion requires a reinterpret_cast, a C-style cast or function-style cast
c:\temp\3\apihijack.cpp(203) : error C2446: '>' : no conversion from 'unsigned long *' to 'unsigned long'
This conversion requires a reinterpret_cast, a C-style cast or function-style cast
c:\temp\3\apihijack.cpp(203) : error C2040: '>' : 'unsigned long' differs in levels of indirection from 'unsigned long *'
c:\temp\3\apihijack.cpp(204) : error C2440: '=' : cannot convert from 'unsigned long *' to 'unsigned long'
This conversion requires a reinterpret_cast, a C-style cast or function-style cast
dllmain.cpp
Error executing cl.exe.
TestDLL.dll - 5 error(s), 0 warning(s)
|
|
|
|
|
Hi,
Be sure that another correct codes/programs run correctly under that MS Visual Studio or cl.exe and then try to compile your current program. If no progress comes then compile the project by removing the "debug" folder from the project directory. Or simply create a new project for compiling the code. I hope solution may come. Thanks.
|
|
|
|
|
Hi- I am trying to use APIHijack to hook calls to TextOut. I've looked into the MFC header and DEF (exported function) files, and understand from these that the TextOut method of the DC (device context) classes end up devolving into TextOut GDI calls. I also see that the latter are mapped to either TextOutW or TextOutA calls depending on whether a program is using Unicode or not.
I'm testing against a program in which I spefically call TextOut and can see its results, but I'm new to DLL function hooking. Does anyone know if I have perhaps had the bad luck to need this feature on a call that, for whatever reason, cannot be hooked in this fashion?
Any other thoughts on this problem are welcome!
Thanks in advance-
Bob
|
|
|
|
|
|
I hook successly the functions CopyFileA,OpenFileW. Why can not hook the function bellow?
(the file:dllmain.cpp)
typedef FILE* (WINAPI *fopen_Type)( const char *filename, const char *mode );
FILE* WINAPI Myfopen( const char *filename, const char *mode );
SDLLHook D3DHook =
{
"MSVCRTD.DLL",
false, NULL,
{
{"fopen", Myfopen},
{ NULL, NULL }
}
};
FILE* WINAPI Myfopen( const char *filename, const char *mode )
{
MessageBox(NULL,filename,"fopen",MB_OK);//Already get the message
//fopen_Type *OldFn=(fopen_Type*)D3DHook.Functions[0].OrigFn;
fopen_Type OldFn=(fopen_Type)D3DHook.Functions[0].OrigFn;
return OldFn(filename,mode); //compiler is ok but error in here when hook
}
The problem is the return value of the function "fopen" is pointer. When hooking happen the compiler says:
Debug Error!
Module:
File: i386\chkesp.c
Line:42
The value of ESP was not properly saved across a function call. This is usualy a result of calling a function declared with one calling convention with a function pointer declared with a different calling convertion
How to fix this error?
Do Xuan Huyen
|
|
|
|
|
fopen is not a standard WINAPI call, so that you must call it as like:
typedef FILE* (*fopen_Type)( const char *filename, const char *mode );
FILE* Myfopen( const char *filename, const char *mode );
FILE* Myfopen( const char *filename, const char *mode )
{
MessageBox(NULL,filename,"fopen",MB_OK);//Already get the message
//fopen_Type *OldFn=(fopen_Type*)D3DHook.Functions[0].OrigFn;
fopen_Type OldFn=(fopen_Type)D3DHook.Functions[0].OrigFn;
return OldFn(filename,mode); //compiler is ok but error in here when hook
}
Why are you use Hook Api? Only to trace the exe's call?
Why didn't use this tool "Auto Debug Tool"?
Get this tool now!
Auto Debug for Windows
|
|
|
|
|
This is exactly what I was looking for. I think it's pretty funny the source code shows you were reverse engineering EverQuest though .
|
|
|
|
|
|
I just downloaded your source code. But i found out that the dll was infected by PWS-Sincom.dll virus. I'm using Network Associates VirusScan.
Andrew Mosqueda
|
|
|
|
|
Neither freeav (www.freeav.com) or HouseCall (housecall.antivirus.com) showed there being a virus in these files for what it's worth.
|
|
|
|
|
Just rename the DLL and the f#%$ stupid antivirus wont see it as one
|
|
|
|
|
I have a VB DLL.I have to call it from ACUCOBOL.
I have created handle to call the DLL.
In that case,I can call the DLL and the class within it.
But I could not call the class within the called Class Please help me in this regard.
Otherwise,tell me some other procedure to call the DLL.
Santhosh s
|
|
|
|
|
Hi,
Can some one kindly tell me if APIHijack can replace functions in msvfw32.dll?
thk you
|
|
|
|
|
I am a chinese boy ,my english is very poor.
I use you programe,but not hook ws_32.dll
I write code:
SDLLHook D3DHook =
{
"ws2_32.dll",
//"WSOCK32.DLL",
false, NULL, // Default hook disabled, NULL function pointer.
{
{ "send",hooksend },
{ "recv",hookrecv },
{ "closesocket",hookclosesocket},
{ NULL, NULL }
}
};
then
if ( stricmp( Work, "Iexplore.exe" ) == 0 )
HookAPICalls( &D3DHook );
Ok ,vc output:
Loaded 'C:\Program Files\Internet Explorer\IEXPLORE.EXE', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\SHLWAPI.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\GDI32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\USER32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\KERNEL32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\ADVAPI32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\SHELL32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\COMCTL32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\SHDOCVW.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\IMM32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\OLE32.DLL', no matching symbolic information found.
HOOKDLL checking process: IEXPLORE.EXE
Loaded 'C:\WINDOWS\SYSTEM\MSVCRT.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\Downloaded Program Files\CnsMin.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\VERSION.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\INDICDLL.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\BROWSEUI.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\BROWSELC.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\WININET.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\SHFOLDER.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\MLANG.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\OLEAUT32.DLL', no matching symbolic information found.
First-chance exception in Iexplore.exe (MSONSEXT.DLL): 0x006D007E: (no name).
Loaded 'C:\WINDOWS\SYSTEM\MYDOCS.DLL', no matching symbolic information found.
First-chance exception in Iexplore.exe (MSONSEXT.DLL): 0x006D007E: (no name).
First-chance exception in Iexplore.exe (MSONSEXT.DLL): 0x006D007E: (no name).
Loaded 'C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\RPCRT4.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\URLMON.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\SHDOCLC.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\WSOCK32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\WS2HELP.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\WS2_32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\MSWSOCK.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\MSAFD.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\RNR20.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\MSHTML.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\PDM.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\MSDBG.DLL', no matching symbolic information found.
First-chance exception in Iexplore.exe (GDI32.DLL): 0xC0000005: Access Violation.
First-chance exception in Iexplore.exe (GDI32.DLL): 0xC0000005: Access Violation.
Loaded 'C:\WINDOWS\SYSTEM\JSCRIPT.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\MSLS31.DLL', no matching symbolic information found.
First-chance exception in Iexplore.exe (GDI32.DLL): 0xC0000005: Access Loaded 'C:\WINDOWS\SYSTEM\MMUTILSE.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\MMEFXE.OCX', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\NTDLL.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\DDRAW.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\DDRAWEX.DLL', no matching symbolic information found.
First-chance exception in Iexplore.exe (GDI32.DLL): 0xC0000005: Access First-chance exception in Iexplore.exe (GDI32.DLL): 0xC0000005: Access Violation.
The thread 0xFFF04275 has exited with code 0 (0x0).
The thread 0xFFF76139 has exited with code 0 (0x0).
The thread 0xFFF2CD65 has exited with code -1 (0xFFFFFFFF).
The thread 0xFFF7201D has exited with code -1 (0xFFFFFFFF).
The thread 0xFFF2C531 has exited with code -1 (0xFFFFFFFF).
The thread 0xFFF2C691 has exited with code -1 (0xFFFFFFFF).
The thread 0xFFF0BCF9 has exited with code -1 (0xFFFFFFFF).
The thread 0xFFF0495D has exited with code -1 (0xFFFFFFFF).
The thread 0xFFF00F79 has exited with code 0 (0x0).
The program 'C:\Program Files\Internet Explorer\Iexplore.exe' has exited with code 0 (0x0).
so programe not hook ws_32.dll,also programe cannot hook WSOCK32.DLL too,
can you help me ,I very hurry, i wait you,
my english is poor ,can you understand? thank you very much
|
|
|
|
|
Hello, I would like to upload my dll(a.dll) into a program(a.exe). How would I go about doing this?
|
|
|
|
|
Is there a way to unhook hooked api calls (by apihijack) to avoid crashing hooked programs when the general hooker program is closed?
Something like returning original pointers to their place?
---
|
|
|
|
|
I'm trying to find a handle leak by hooking several of the Kernel32 api functions that create handles like CreateEvent, CreateFile, and CreateThread.
When I hooked CreateEvent, I started having problems with crashes in some of our libraries. I noticed that one of the libraries was compiled with optimization (for speed) turned on. When I turn off the optimization, the problem went away. I'm still having problems with another library that I don't have source for, and I suspect a similar problem.
Any ideas why hooking CreateEvent is causing a problem? Any idea why the optimzer would make the problem worse?
Thanks,
Larry M.
|
|
|
|
|
In VB we can call a function from C++ dll using "Declare".
Declare function Test Lib "MyFileName.dll" Alias "TestA" (ByVal nVal As Long)
Is it possible to supply the dll filename at runtime ?
|
|
|
|
|
|
APIs are redirected but never restored! If I close TestLauncher app before hooked application, it crashed when calling hooked function, because function entry points are not valid when dll is unloaded.
|
|
|
|
|
Hi,
as I understand this code catches only the dlls which are linked to the "exe"(even if they are delay loaded).. And the original microsoft sample seems to do the same. But is there a way to catch "LoadLibrary" call which is produced by "exe" to any dll? I mean what if I create a dll, say test.dll, and then somewhere in my code I write
LoadLibrary("test.dll"). Is there a way to redirect all functions from this library to my own ones in the same manner it is done for preloaded dlls?
Thanks for any help
Alex
|
|
|
|
|
hi alex,
I have a similar requuirement but no success yet.U need to override LoadLibrary function call to hook it.
But Iam failing to redirect all the function calls from there..
Find a sample in codeguru.com
Tell me if u have any updates..
mahikool@yahoo.co.in.
|
|
|
|
|
Hi,
So, I have coded ApiHiJack to hook the GetDeviceData(....) but this code don't work.
When I hook the function CreateDevice it works.
How I could hook a method ?
|
|
|
|
|