Search:

I'm hooking the LdrLoadDll() function and have success. Now i want make a small change on code, to when not is a specific dll load, call original function..

I tried the following implementation...

Yes, please.

Because my driver project is in C. Have a big quantity of code already wrote in C sintaxe and i'm not disposed to change all this sintaxe.
You have some experience with driver development for...

I have this arraylist implementation working fine in usermode, when i tried pass to kernel mode version i receive a bsod on this part:



FAULTING_SOURCE_LINE_NUMBER: 128
...

Already solved, i'm using this code actually.

I want inject and execute the image of a x32 dll file in a remote x32 process (manual map injection) and to make this i found this following code, but he have a error in a line present in...

Hi,

how all know, exists sevral anti rootkit softwares that is able to delete all files and folders of any rootkit even while this rootkit is running, the same also is possible to folders or files...

Ok Vitor, thank you by this info.

Between all solution, i think that the better is translate this piece of asm code, to C++ code.
But i'm not good with asm.

So, if someone here understand asm...

Hello,

I found a project that is able to list all hooks of messages and i had adapted also for unhook these hook listeds.

My problem is that this code only works with Windows 32 bit.

Then...

I'm needing restore one inline hook in a app made by a third party program.

I alredy know that firstly is need to load the target module for reading and calculate the offset to the target API:

...

I had done a "Hello Word" example for test the funcionality of a kernel driver and is working very fine.

My environment of development is:

* Computer ( VirtualBox ): Windows 7 Ultimate x86
* ...

I updated my code on last answer. See.

@2kaud,

i'm have compiled with VC++ 2008 and now it's okay about Dll Entry Point, my problem now is because is failing the hook :-(

"Unable TO Hook Function."

Some suggestion?

My actual...

Eg:

This code below don't works on my example attached above.



DWORD WINAPI MyFunction1(LPVOID pData)
{

std::ofstream out("output.txt");

34645

My trouble is only because code inside DLL_PROCESS_ATTACH not is executed :confused:



To say true, i'm don't know, only know that code of DLL_THEAD_ATTACH not is executed.

Here is...

@2Kaud, This code above is correct? mainly this part? =>



AddOfTerminateProcess= HookFunction("Kernel32.dll",fp,MyTerminateProcess); // REFERENCE TO MyTerminateProcess in HookFunction() call....

Hi,

I'm making a dll file for inject in a specific remote process and then make hook IAT inside this remote process in TerminateProcess function.

Have this code below, dll is injected with...

I edited my code above.
Now i want get screenshot of old desktop, but only is captured screen of new desktop.
So now, how get screenshot of old desktop and not of new desktop created?

New desktop will have a background window that show a screenshot ( inside this window ) of old desktop. And Modal Dialog Form must be appear as son of background window.

Based in this example i'm wanting create a Modal Dialog Form inside new desktop created by CreateDesktop api. Until now i'm able to show Modal Dialog Form inside new desktop, but i don't know how...

Hi,

i'm wanting make IAT Hook in a executable application using a injected dll and already read in several websites from Google about this.

So, i have a code and also think that i have a...

I have a DLL injector compiled with Visual Basic 6 and I'm trying to inject my DLL (x64) on x64 notepad.exe, but nothing works.

I had searched on web about this and saw this:



If this is...

Hi,

I found a code that promises intercept and detour calls for TerminateProcess api and prevent kill my software directly across of Task Manager, but this don't is working and I can kill my...

How solve this?

I have this sintaxe:




void(*sleep)(DWORD);

Hi,

I'm using the JMP instruction tecnique for try make a Anti-Dll Injection with detour when LdrLoadDll api is called inside my program. I found a Delphi code that works perfectly, but this VC++...