Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

API Hooking, codecave, inputvalidation

Posted on 2006-11-16
2
393 Views
Last Modified: 2008-01-09
A rather uncommon question, or rather series of questions im sure

First a case

I have this application
Very annoying application
This annoying application does not support any form of validation on textfields, so once you press the "save" button, these fields a written to a database, and from there it pollutes a whole new magnitude of.. stuff.
So I want to add validation to this application! (its ok with the vendor)
Now i can iterate through the handles of the application and get the different hwnd's of controls, including the save button, so one solution would be use 'another' save button wich in turn validated data (either get handles of textfields, or readproccessmemory) and on success pressed the true save button.
I dont like that one very much, as the 'save button' would most likely reside outside of the original application.
I'd much rather 'hook' the true save button, do some inspection upon activation and from there either allow or deny the actual 'pressing' messages to the constrol.

So here goes; how would you go about 'hooking' a button like that?
API hook on SendMessage to that thread? how is that done (pointer to litterature) ?
Implement a codecave in the executable around the particular control(button) ? (i have a handle to the button, anyway to reveal an interresting address from that ? )

Other ideas welcome too:) Thanks!!
0
Comment
Question by:CyTG
2 Comments
 
LVL 86

Accepted Solution

by:
jkr earned 300 total points
ID: 17956902
Basically you can accomplish this task via both API hookin and a Windows hook, where the latterwould be the IMO preferred solution. See e.g.

http://www.codeproject.com/system/hooksys.asp ("API hooking revealed")
http://www.codeproject.com/dll/hooks.asp ("Hooks and DLLs")

and

http://www.codeproject.com/threads/winspy.asp ("Three Ways to Inject Your Code into Another Process")

for a broader view. MSDN also has an interesting article about that:

http://msdn.microsoft.com/library/en-us/dnwui/html/msdn_hooks32.asp ("Win32 Hooks")
0
 
LVL 1

Author Comment

by:CyTG
ID: 18001541
thanks .. good reads!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
how to convert c++ code to Android App 3 107
mixing C++ & C# in Vis Studio 2013 7 195
C++ Language error 28 242
Should CArray be used for a list of pointers in C++? 19 115
What is C++ STL?: STL stands for Standard Template Library and is a part of standard C++ libraries. It contains many useful data structures (containers) and algorithms, which can spare you a lot of the time. Today we will look at the STL Vector. …
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
The viewer will be introduced to the technique of using vectors in C++. The video will cover how to define a vector, store values in the vector and retrieve data from the values stored in the vector.
The viewer will be introduced to the member functions push_back and pop_back of the vector class. The video will teach the difference between the two as well as how to use each one along with its functionality.

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question