Solved

API hook(with full source code).

Posted on 2003-10-24
14
2,957 Views
Last Modified: 2007-12-19
i need API Hook Such as CreateProcess.
with full source code (not madshi).
plz! help.
0
Comment
Question by:AFZDeveloper
  • 3
  • 3
  • 2
  • +3
14 Comments
 
LVL 6

Accepted Solution

by:
GloomyFriar earned 125 total points
ID: 9613591
0
 
LVL 33

Assisted Solution

by:Slick812
Slick812 earned 125 total points
ID: 9616770
hello AFZDeveloper, you may want to give alot more information about what type of hook you want to use (or what you are trying to do). . . . if you want some full source code to be created. . . Here is an EE page with some code for a Keyboard hook

http://www.experts-exchange.com/Programming/Programming_Languages/Delphi/Q_20347433.html
0
 
LVL 6

Assisted Solution

by:DaFox
DaFox earned 125 total points
ID: 9621193
Slick, I guess AFZDev. is asking for some API (function) hijacking code!

AFZDeveloper, information on this topic are very rare. The guys who know how to do it often won't share their knowledge (of course).
I recommend to take a look at Jeffrey Richter's book and/or the Detour package at http://research.microsoft.com/ (both contain full VC++ source code).

I guess this is not a satisfing answer for you. But I really doubt you will ever get a full API hijacking Delphi example and as you can read in Jeffrey Richter's book there are many different circumstances you have to care about. It's not that easy as setting up a "WindowsHookEx()" ;-)

Regards,
Markus
0
 
LVL 33

Expert Comment

by:Slick812
ID: 9621719
I see AFZDeveloper in alot of questions here. . . who knows what he is asking for. . . . but he needs to give enough information to  get help for the problem
0
 
LVL 3

Author Comment

by:AFZDeveloper
ID: 9621937
such as madCodeHook but with source code.
0
 

Expert Comment

by:SoulessZero
ID: 9623188
There are many Hooks that can be installed on system, what kind of Hook do you need help?
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 3

Author Comment

by:AFZDeveloper
ID: 9623454
SoulessZero
plz! more comment.

0
 
LVL 6

Expert Comment

by:DaFox
ID: 9623648
AFZDev., I would say you are the one who has to be more precise...
MadCodeHook is a collection of many different hook types + much low level stuff. You won't even find one collection written in any other language that contains all of this.
What are you aiming at? Is it a "just for fun" question or do you need a specific thing to be done?

Markus
0
 
LVL 6

Expert Comment

by:DaFox
ID: 9623655
> i need API Hook Such as CreateProcess.

Are you talking about CreateRemoteThread()???
0
 

Assisted Solution

by:SoulessZero
SoulessZero earned 125 total points
ID: 9625889
> i need API Hook Such as CreateProcess.

CreateProcess API function is not a Hook function. If you mean to monitor any newly created process, then you may need to implement follow hook functions by using API call.

1. SetWindowsHookEx <--- Install a Hook function on system, all Hook functions must be implemented in a DLL.
2. Specify which system hook to install, Keyboard, Mouse, Message Filter, Journal playback...etc. Read Win32 API help in Delphi and look for "SetWindowsHookEx" API function.
3. UnHookWindowHookEx <------ Removes hook function from system and free its memory.

Im not going to tell you or write exact code here, coz Im a lazy guy. You have to learn it by yourself by read Win32 API Help file and hang your system for several times. (thats what i paid for my skills :-)
0
 
LVL 3

Author Comment

by:AFZDeveloper
ID: 9630992
SoulessZero
yes, monitor any newly created process for example.
plz. send a source code for it.
tanks.
0
 
LVL 20

Expert Comment

by:Madshi
ID: 9797740
>> MadCodeHook is a collection of many different hook types + much low level stuff. You won't even find one collection written in any other language that contains all of this.

Thanks, DaFox!   :-)
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

The uses clause is one of those things that just tends to grow and grow. Most of the time this is in the main form, as it's from this form that all others are called. If you have a big application (including many forms), the uses clause in the in…
Hello everybody This Article will show you how to validate number with TEdit control, What's the TEdit control? TEdit is a standard Windows edit control on a form, it allows to user to write, read and copy/paste single line of text. Usua…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now