|
|
 |
 |
 |
|
|
|
|
|
 |
|
 |
|
C / C++ / C#
|
| Learn to program in C, Answer to C Questions. Talk about C. |
|
||||||
  |
|
|
LinkBack | Thread Tools | Display Modes |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
C / C++ / C#
|
| Learn to program in C, Answer to C Questions. Talk about C. |
|
||||||
| |
|
|
LinkBack | Thread Tools | Display Modes |
(#1 (permalink))
|
|
Crew
  Posts: 343
Join Date: Mar 2009
Location: {LocalHost}
Last Online: Today 09:35 PM Reputation:
 User is Offline
|
C++ Global Hooking APIs -
01-05-2010, 10:11 PM
How would i go about Globally Hooking API's?
Would i have to inject every process? or is there a better method? I know how to do local hooks via DLL using MSDetours 1.5 Thanks |
|
|
(#2 (permalink))
|
|
Elite
 Posts: 191
Join Date: Aug 2006
Location: MArine Corps!
Last Online: Today 11:40 AM Reputation:
User is Offline
|
01-05-2010, 10:22 PM
Only one i know is SetWindowsHooks API's. Take a look a look at those, although they have one drawback, in which youd need to restart the pc before it takes affect.. You pretty much register your DLL into the system registry (forgot which one) and the OS will handle putting your dll into every running process in the system.
 <3 Micral for ths one 
|
|
|
|
(#3 (permalink))
|
|
Crew
Posts: 343
Join Date: Mar 2009
Location: {LocalHost}
Last Online: Today 09:35 PM Reputation:
User is Offline
|
01-05-2010, 10:32 PM
Quote Originally Posted by g3nuin3  Only one i know is SetWindowsHooks API's. Take a look a look at those, although they have one drawback, in which youd need to restart the pc before it takes affect.. You pretty much register your DLL into the system registry (forgot which one) and the OS will handle putting your dll into every running process in the system.
I've used simple test for Keyboard and didn't require reboot while back If i do need injecting every procss that will be no problem .. I'll use CreateToolhelp32Snapshot to view every running process and inject them all Thanks for reply  |
|
|
|
(#4 (permalink))
|
|
8-bit
 Posts: 38
Join Date: Jan 2010
Location: In tha good ol' germany!
Last Online: 01-14-2010 06:09 PM Reputation:
User is Offline
|
01-06-2010, 02:03 AM
Inject a dll into every process is pretty messy, and you still have to keep your process running,
what exactly do you want to do? For most things Mini Filters and drivers will do a cleaner job, and as for them, you got some great code pieces in CE + OSR registration is free, and those guys seriously rock. --Edit: Okay you said your pretty buddy with detours, so advicing you to write a driver is maybe a bit ahead... The main advantage on set window hook ex is that you define a DLL with a callback to be inserted into a hook chain. Quote The SetWindowsHookEx function installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread.
References: HOOK - A HowTo for setting system wide hooks — CodeGuru.com CodeProject: API hooking revealed. Free source code and programming help CodeProject: Hooks and DLLs. Free source code and programming help CodeProject: Writing a Macro Recorder/Player using Win32 Journal Hooks. Free source code and programming help |
|
|
|
(#5 (permalink))
|
|
Crew
Posts: 343
Join Date: Mar 2009
Location: {LocalHost}
Last Online: Today 09:35 PM Reputation:
User is Offline
|
01-06-2010, 02:34 AM
Couldn't really work out global hooking API's using SetWindowsHookEx but il keep searching
Quote Originally Posted by Letters Inject a dll into every process is pretty messy, and you still have to keep your process running,
what exactly do you want to do? For most things Mini Filters and drivers will do a cleaner job, and as for them, you got some great code pieces in CE + OSR registration is free, and those guys seriously rock. Also unfortunately i've never coded a driver or nor how to make a driver so that idea is out of the window >.< lol I'll check out OSR website see if i can find any useful info thanks |
|
|
|
(#6 (permalink))
|
|
8-bit
Posts: 38
Join Date: Jan 2010
Location: In tha good ol' germany!
Last Online: 01-14-2010 06:09 PM Reputation:
User is Offline
|
blubb -
01-06-2010, 06:14 AM
Quote Originally Posted by PoZHx Couldn't really work out global hooking API's using SetWindowsHookEx but il keep searching
Basically I'm starting off on making some simple security applications Also unfortunately i've never coded a driver or nor how to make a driver so that idea is out of the window >.< lol I'll check out OSR website see if i can find any useful info thanks i was finished editing my topic ( i tend to edit alot :P ) just after you answered, posted some reference for the case you still havent found what you were looking for ah lol OO this was supposed to be a pm >_> |
|
|
|
(#7 (permalink))
|
|
n00bie
Posts: 1
Join Date: Jan 2010
Last Online: 01-19-2010 10:43 AM Reputation:
User is Offline
|
01-14-2010, 09:52 AM
Hi,
I´m new to the community... but maybe I have something interesting on that topic... Dll Injection hopefully it helps. regards, mitro |
|
|
|
(#8 (permalink))
|
|
n00bie
Posts: 11
Join Date: Sep 2009
Last Online: 03-07-2010 08:00 PM Reputation:
User is Offline
|
02-02-2010, 11:38 AM
Quote Originally Posted by g3nuin3 Only one i know is SetWindowsHooks API's. Take a look a look at those, although they have one drawback, in which youd need to restart the pc before it takes affect.. You pretty much register your DLL into the system registry (forgot which one) and the OS will handle putting your dll into every running process in the system.
|
|
|
|
(#9 (permalink))
|
|
n00bie
Posts: 20
Join Date: Feb 2010
Last Online: 02-18-2010 02:14 AM Reputation:
User is Offline
|
02-04-2010, 10:12 AM
This is an interesting goal you have set for yourself. I'm sure as you know in the example of using GetKeyState you can see if a key was pressed in any application. Is this what you mean by global? Because, you could make a lengthy program that dumps the return status of all desired APIs quite easily.
Code:
cout<<GetKeyState; // returns the last key pressed cout<<GetKeyState(0x41) // returns a 1 or 0 for success or failure of the A key being pressed You could do this with virtually any API although much better to use mASM where you can simply do a TEST EAX,EAX on any API you CALL for it's return value. In further example you dump say the parameters of LoadLibraryA in any loaded application (via window or proccess rotation) and dump the name of the .DLLs that each executable loads into itself. Does this make sense? This all being said, you could always debug your own application and set breakpoints on each API yourself! Kekeke |
|
|
|
(#10 (permalink))
|
|
Crew
Posts: 343
Join Date: Mar 2009
Location: {LocalHost}
Last Online: Today 09:35 PM Reputation:
User is Offline
|
02-04-2010, 06:00 PM
Quote Originally Posted by PhreakMe This is an interesting goal you have set for yourself. I'm sure as you know in the example of using GetKeyState you can see if a key was pressed in any application. Is this what you mean by global? Because, you could make a lengthy program that dumps the return status of all desired APIs quite easily.
Code:
cout<<GetKeyState; // returns the last key pressed cout<<GetKeyState(0x41) // returns a 1 or 0 for success or failure of the A key being pressed You could do this with virtually any API although much better to use mASM where you can simply do a TEST EAX,EAX on any API you CALL for it's return value. In further example you dump say the parameters of LoadLibraryA in any loaded application (via window or proccess rotation) and dump the name of the .DLLs that each executable loads into itself. Does this make sense? This all being said, you could always debug your own application and set breakpoints on each API yourself! Kekeke I wanted to inject my DLL into every process not capture key presses or set BP's but thanks for posting I solved this issue already. |
|
|
|
| Bookmarks |
| Thread Tools | |
| Display Modes | |
|
|
|
| New To Site? | Need Help? |
Linear Mode
