|
This is exactly what I was looking for. I think it's pretty funny the source code shows you were reverse engineering EverQuest though  .
|
|
|
|
|
|
I just downloaded your source code. But i found out that the dll was infected by PWS-Sincom.dll virus. I'm using Network Associates VirusScan.
Andrew Mosqueda
|
|
|
|
|
Neither freeav (www.freeav.com) or HouseCall (housecall.antivirus.com) showed there being a virus in these files for what it's worth.
|
|
|
|
|
Just rename the DLL and the f#%$ stupid antivirus wont see it as one 
|
|
|
|
|
I have a VB DLL.I have to call it from ACUCOBOL.
I have created handle to call the DLL.
In that case,I can call the DLL and the class within it.
But I could not call the class within the called Class Please help me in this regard.
Otherwise,tell me some other procedure to call the DLL.
Santhosh s
|
|
|
|
|
Hi,
Can some one kindly tell me if APIHijack can replace functions in msvfw32.dll?
thk you
|
|
|
|
|
I am a chinese boy ,my english is very poor.
I use you programe,but not hook ws_32.dll
I write code:
SDLLHook D3DHook =
{
"ws2_32.dll",
//"WSOCK32.DLL",
false, NULL, // Default hook disabled, NULL function pointer.
{
{ "send",hooksend },
{ "recv",hookrecv },
{ "closesocket",hookclosesocket},
{ NULL, NULL }
}
};
then
if ( stricmp( Work, "Iexplore.exe" ) == 0 )
HookAPICalls( &D3DHook );
Ok ,vc output:
Loaded 'C:\Program Files\Internet Explorer\IEXPLORE.EXE', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\SHLWAPI.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\GDI32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\USER32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\KERNEL32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\ADVAPI32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\SHELL32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\COMCTL32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\SHDOCVW.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\IMM32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\OLE32.DLL', no matching symbolic information found.
HOOKDLL checking process: IEXPLORE.EXE
Loaded 'C:\WINDOWS\SYSTEM\MSVCRT.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\Downloaded Program Files\CnsMin.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\VERSION.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\INDICDLL.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\BROWSEUI.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\BROWSELC.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\WININET.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\SHFOLDER.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\MLANG.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\OLEAUT32.DLL', no matching symbolic information found.
First-chance exception in Iexplore.exe (MSONSEXT.DLL): 0x006D007E: (no name).
Loaded 'C:\WINDOWS\SYSTEM\MYDOCS.DLL', no matching symbolic information found.
First-chance exception in Iexplore.exe (MSONSEXT.DLL): 0x006D007E: (no name).
First-chance exception in Iexplore.exe (MSONSEXT.DLL): 0x006D007E: (no name).
Loaded 'C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\RPCRT4.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\URLMON.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\SHDOCLC.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\WSOCK32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\WS2HELP.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\WS2_32.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\MSWSOCK.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\MSAFD.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\RNR20.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\MSHTML.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\PDM.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\MSDBG.DLL', no matching symbolic information found.
First-chance exception in Iexplore.exe (GDI32.DLL): 0xC0000005: Access Violation.
First-chance exception in Iexplore.exe (GDI32.DLL): 0xC0000005: Access Violation.
Loaded 'C:\WINDOWS\SYSTEM\JSCRIPT.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\MSLS31.DLL', no matching symbolic information found.
First-chance exception in Iexplore.exe (GDI32.DLL): 0xC0000005: Access Loaded 'C:\WINDOWS\SYSTEM\MMUTILSE.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\MMEFXE.OCX', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\NTDLL.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\DDRAW.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\SYSTEM\DDRAWEX.DLL', no matching symbolic information found.
First-chance exception in Iexplore.exe (GDI32.DLL): 0xC0000005: Access First-chance exception in Iexplore.exe (GDI32.DLL): 0xC0000005: Access Violation.
The thread 0xFFF04275 has exited with code 0 (0x0).
The thread 0xFFF76139 has exited with code 0 (0x0).
The thread 0xFFF2CD65 has exited with code -1 (0xFFFFFFFF).
The thread 0xFFF7201D has exited with code -1 (0xFFFFFFFF).
The thread 0xFFF2C531 has exited with code -1 (0xFFFFFFFF).
The thread 0xFFF2C691 has exited with code -1 (0xFFFFFFFF).
The thread 0xFFF0BCF9 has exited with code -1 (0xFFFFFFFF).
The thread 0xFFF0495D has exited with code -1 (0xFFFFFFFF).
The thread 0xFFF00F79 has exited with code 0 (0x0).
The program 'C:\Program Files\Internet Explorer\Iexplore.exe' has exited with code 0 (0x0).
so programe not hook ws_32.dll,also programe cannot hook WSOCK32.DLL too,
can you help me ,I very hurry, i wait you,
my english is poor ,can you understand? thank you very much
|
|
|
|
|
Hello, I would like to upload my dll(a.dll) into a program(a.exe). How would I go about doing this? 
|
|
|
|
|
Is there a way to unhook hooked api calls (by apihijack) to avoid crashing hooked programs when the general hooker program is closed?
Something like returning original pointers to their place?
---
|
|
|
|
|
I'm trying to find a handle leak by hooking several of the Kernel32 api functions that create handles like CreateEvent, CreateFile, and CreateThread.
When I hooked CreateEvent, I started having problems with crashes in some of our libraries. I noticed that one of the libraries was compiled with optimization (for speed) turned on. When I turn off the optimization, the problem went away. I'm still having problems with another library that I don't have source for, and I suspect a similar problem.
Any ideas why hooking CreateEvent is causing a problem? Any idea why the optimzer would make the problem worse?
Thanks,
Larry M.
|
|
|
|
|
In VB we can call a function from C++ dll using "Declare".
Declare function Test Lib "MyFileName.dll" Alias "TestA" (ByVal nVal As Long)
Is it possible to supply the dll filename at runtime ?
|
|
|
|
|
|
APIs are redirected but never restored! If I close TestLauncher app before hooked application, it crashed when calling hooked function, because function entry points are not valid when dll is unloaded.
|
|
|
|
|
Hi,
as I understand this code catches only the dlls which are linked to the "exe"(even if they are delay loaded).. And the original microsoft sample seems to do the same. But is there a way to catch "LoadLibrary" call which is produced by "exe" to any dll? I mean what if I create a dll, say test.dll, and then somewhere in my code I write
LoadLibrary("test.dll"). Is there a way to redirect all functions from this library to my own ones in the same manner it is done for preloaded dlls?
Thanks for any help
Alex
|
|
|
|
|
hi alex,
I have a similar requuirement but no success yet.U need to override LoadLibrary function call to hook it.
But Iam failing to redirect all the function calls from there..
Find a sample in codeguru.com
Tell me if u have any updates..
mahikool@yahoo.co.in.
|
|
|
|
|
Hi,
So, I have coded ApiHiJack to hook the GetDeviceData(....) but this code don't work.
When I hook the function CreateDevice it works.
How I could hook a method ?
|
|
|
|
|
So, I have found a ancien post and I found a part of code, but when I write this line :
IDirectInputVtbl OldIDirectInputVtbl;
I have 3 errors :
D:\Dev\Hook_Direct_Input\Hook_GetDeviceData\TestDLL\dllmain.cpp(12) : error C2146: syntax error : missing ';' before identifier 'OldIDirectInputVtbl'
D:\Dev\Hook_Direct_Input\Hook_GetDeviceData\TestDLL\dllmain.cpp(12) : error C2501: 'IDirectInputAVtbl' : missing storage-class or type specifiers
D:\Dev\Hook_Direct_Input\Hook_GetDeviceData\TestDLL\dllmain.cpp(12) : fatal error C1004: unexpected end of file found
And I don't know how I can do ???????
|
|
|
|
|
So I juste forgot #define CINTERFACE.
know I haven't errors.
But I have a question :
If I want to intercept GetDeviceData()
I need configure ApiHiJack to Hook CreateDevice ?
And after I put the part of code to hook the new method ?
@+
P.S. : ApiHiJack is very useful and have more & more possibilities.
It's very interesting.
Great Software !
|
|
|
|
|
I just see I have a big problem :
This is the action to perform a getdevice data :
run function DirectInput8Create(...) :
This function create a DirectInput8 object
This object containt method CreateDevice(....)
Run method CreateDevice(...)
This function create a DirectInputDevice8 object
and this object contain method GetDeviceData(...)
So how I could hook the GetDeviceData(...) ?????
Need I to hook each function & method ?
|
|
|
|
|
Is anybody help me modify the ApiHijack project let me hijack the directdraw's
"drawtext" function?
for example, if DX Game call DrawText to show "Hello",, My program can change
the text to "Aloha"
many many many thanks!
|
|
|
|
|
You could do it with standard DirectDraw methods, but I doubt many games really use DrawText. Most use their own text drawing routines that create polygons from a texture map.
-Wade
|
|
|
|
|
Hi.
i want to hook "CreateProcess" API globally.
for example, some application calls CreateProcess
to open an text file with "Notepad.exe",
my application intercept it and open it with another
editor.
Is it possible to use the sample code?
thanks.
|
|
|
|
|
I tried by capturing text which goes for printer.
It crashes afterprinting 10 documents.
It is working fine in WinNT.
What might be the problem in win98.
Ganesh
|
|
|
|
|
I have been experimenting with the APIhijack workspace alot. Its a reliable way of intercepting code from a post compiled program. I've done a few major mods to APIhijack and as long as you write proper clean code for it, testlaucher.exe will never cause the hijacked target EXE to crash.
While traditional disassemblers allow you to do debugging, and 'patch' certain
lines of assembly code of an EXE, APIhijack allows you to replace entire DLL imports with new custom functions written in C++. The cracker therefore doesn't need to worry about what language an EXE is written in.
W32dasm is used by crackers who want to do things like remove
shareware splash screens, disable advertisement windows, trigger program registration processes and bypass screens which ask for original authentic CDs. APIhijack has the potential to do all these things but in a much more stable way.
I reckon API hijacking is a more feasible way of cracking a program. Hooks don't directly modify the code of the EXE, they use the features offered by the kernel to re-route them. APIhijack therefore has more leverage as a cracking tool. Instead of changing the EXE itself, you change the kernel which 'feeds' the EXE - an easier and more stable way of cracking. 
|
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
