|
NT based API hooking is also good
is it really necessary for you to hook with the functions using op codes.
otherwise my suggestion is
NT based :-
API hooking revealed[^]
kernel based:-
API Hooking (LoadLibrary)[^]
Величие не Бога может быть недооценена.
|
|
|
|
|
great sugestions but i would like to really know about more how to hook functions using opcodes...
|
|
|
|
|
In order to properly perform the type of hook operation you are describing you will need to implement some type of code relocation functionality. This is typically done by relocating one opcode at a time until enough memory is available to insert the patched code (or hook). This requires that each opcode and any operands be decoded and then encoded at a new location. Simply copying the opcode may not be sufficient if it uses relative addressing. From a top level view you would typically do the following:
1. Allocate enough memory for the original code to be copied to. See VirtualAllocEx() in the Windows SDK.
2. Decode a single opcode.
3. Encode/assemble the opcode at it's new location.
4. Repeat steps 2 and 3 until there is enough memory available to insert the hook.
5. Insert a jmp operation at the end of the relocated opcodes. This typically points to the end of the decode stream (or pointer if you prefer).
6. Insert the hook code (typically a jmp to your code).
You end up with something like this:
Before code relocation
user code -> | LoadLibrary (movable) | LoadLibrary main code
After code relocation
user code -> * jmp to your code * LoadLibrary main code
| |
| |
your code -> LoadLibrary (moved)
Before you begin you will probably want to familiarize yourself with the target CPU. Assuming that you are targeting Intel platforms visit "Intel® 64 and IA-32 Architectures Software Developer's Manuals[^]" for a list of references.
The reference manuals will tell you how each instruction is composed and what if any operands need to be processed. It will also tell you how each operand is composed, which addressing modes apply to each opcode and give you a list of all opcode modifiers (prefix bytes) and what they mean.
For an example of how to decode an opcode check out http://udis86.sourceforge.net/[^]
1300 calories of pure beef goodness can't be wrong!
|
|
|
|
|
thnx very informative il start following you tips, thnx much !!!
|
|
|
|
|
Hi,
How can I disable Tree Item?
I think we can not, we just make a illusion of disable if yes then tell me how to set the color and font of individual item?
|
|
|
|
|
|
This code is giving error:
error C2039: 'SetItemStateEx' : is not a member of 'CTreeCtrl'
code is:
Ctrl->SetItemStateEx(hItem,TVIS_EX_DISABLED);
|
|
|
|
|
which VC version you are using?
Величие не Бога может быть недооценена.
|
|
|
|
|
|
Actually that is avail in VS2008 onwards.
Величие не Бога может быть недооценена.
|
|
|
|
|
I am using VS2010. i still face this issue.
|
|
|
|
|
In a C/C++ code I want to find the number of ticks in one millisecond / second.
How can I do that?
RKP
|
|
|
|
|
if u are looking to check the performance then
best is
To get the accuracy in milliseconds
GetTickCount
Get with the best accuracy
QueryPerformanceFrequency
QueryPerformanceCounter
Величие не Бога может быть недооценена.
|
|
|
|
|
Thanks ARJ09 for the reply.
Yes I am checking the performance of function which is to be called at a specific interval. The time in millisecond is not that accurate. But I am able to get a tick count of 3,4. So I want to know there are how many ticks in one millisecond. Rather I am asking 1 tick = ___ millisecond?
RKP
|
|
|
|
|
QueryPerformanceFrequency
Величие не Бога может быть недооценена.
|
|
|
|
|
|
I want to query foxpro database .dbf table . how to make select query
Trioum
|
|
|
|
|
Does FoxPro have ODBC drivers?
"Old age is like a bank account. You withdraw later in life what you have deposited along the way." - Unknown
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
|
|
|
|
|
INPUT myInput;
myInput.type = INPUT_MOUSE;
MOUSEINPUT mouseInput;
mouseInput.dwFlags = MOUSEEVENTF_MOVE|MOUSEEVENTF_ABSOLUTE;
mouseInput.dx = 0;
mouseInput.dy = 690;
mouseInput.mouseData = 0;
mouseInput.time = 0;
mouseInput.dwExtraInfo = NULL;
myInput.mi = mouseInput;
SendInput(1, &myInput, sizeof(INPUT));
PROBLEM 1: The mouse is moved at the upper-left corner while through this code, I am requesting him to move to BOTTOM-LEFT corner? Why this is not happening.
PROBLEM 2: I want to send event MOUSEEVENTF_RIGHTDOWN ( right button pressed at BOTTOM-LEFT), and request the system that please feel like as I click you at start button , but it is not accepting my command, I changed the flag to mouseInput.dwFlags=MOUSEEVENTF_RIGHTDOWN|MOUSEEVENTF_ABSOLUTE; So What is wrong ?
|
|
|
|
|
did u called SetCursorPos to set the cursor to that possition before sending the mouse input?
Величие не Бога может быть недооценена.
|
|
|
|
|
VOW you are GENIOUS. THANKS. Now I also find the solution of problem2 that I pasted below.
Actually in none of the article that are related with the SendInput , anyone talked about SetCursorPos. I guess it is good to call SetCursorPos first and then use the SendInput() function.
1- First Call SetCurPos()
2- then Call the SendInput() to perform the mouse events like button down up etc.
INPUT rightClick[2];
MOUSEINPUT rightDown;
rightDown.dwFlags = MOUSEEVENTF_RIGHTDOWN + MOUSEEVENTF_ABSOLUTE;
rightDown.dx = 0;
rightDown.dy = 0;
rightDown.time = 0;
rightDown.mouseData = 0;
MOUSEINPUT rightUp;
rightUp.dwFlags = MOUSEEVENTF_RIGHTUP + MOUSEEVENTF_ABSOLUTE;
rightUp.dx = 0;
rightUp.dy = 0;
rightUp.time = 0;
rightUp.mouseData = 0;
rightClick[0].type = INPUT_MOUSE;
rightClick[0].mi = rightDown;
rightClick[1].type = INPUT_MOUSE;
rightClick[1].mi = rightUp;
// finally, send the spoofed right-click to invoke the menu
::SendInput( 2, rightClick, sizeof(rightClick[0]));
|
|
|
|
|
Another Problem:
The logic of SetCurPos()works for the right clicks and OS take the appropriate action against the right click, but it did not work for left click. When I changed both flags to MOUSEEVENTF_ LEFTDOWN in the code.
The cursor goes at the bottom-left corner but application can not trigger the start button (Window Start) event, as cursor was at that point. Actually if the cursor is at the button, then we require to have a left click at button? so how we manage a click at a button by using sendinput() method.
SetCursorPos(10,790);
INPUT rightClick[2];
MOUSEINPUT rightDown;
rightDown.dwFlags = MOUSEEVENTF_RIGHTDOWN + MOUSEEVENTF_ABSOLUTE;
rightDown.dx = 0;
rightDown.dy = 0;
rightDown.time = 0;
rightDown.mouseData = 0;
MOUSEINPUT rightUp;
rightUp.dwFlags = MOUSEEVENTF_RIGHTUP + MOUSEEVENTF_ABSOLUTE;
rightUp.dx = 0;
rightUp.dy = 0;
rightUp.time = 0;
rightUp.mouseData = 0;
rightClick[0].type = INPUT_MOUSE;
rightClick[0].mi = rightDown;
rightClick[1].type = INPUT_MOUSE;
rightClick[1].mi = rightUp;
// finally, send the spoofed right-click to invoke the menu
::SendInput( 2, rightClick, sizeof(rightClick[0]));
|
|
|
|
|
void GenerateKey(int vk , BOOL bExtended)
{
KEYBDINPUT kb = {0};
INPUT Input = {0};
// generate down
if(bExtended)
kb.dwFlags = KEYEVENTF_EXTENDEDKEY;
kb.wVk = vk;
Input.type = INPUT_KEYBOARD;
Input.ki = kb;
::SendInput(1, &Input, sizeof(Input));
// generate up
::ZeroMemory(&kb, sizeof(KEYBDINPUT));
::ZeroMemory(&Input, sizeof(INPUT));
kb.dwFlags = KEYEVENTF_KEYUP;
if(bExtended)
kb.dwFlags |= KEYEVENTF_EXTENDEDKEY;
kb.wVk = vk;
Input.type = INPUT_KEYBOARD;
Input.ki = kb;
::SendInput(1, &Input, sizeof(Input));
}
check this
Величие не Бога может быть недооценена.
|
|
|
|
|
Thanks. Though it is not a recomended method but I called the SendInput function twice and now it works
::SendInput( 2, leftClick, sizeof(leftClick[0]));
::SendInput( 2, leftClick, sizeof(leftClick[0]));
|
|
|
|
|
good,
Just check by chaning the Time stamp for the event.
Величие не Бога может быть недооценена.
|
|
|
|