|
My guess would be to try to inject a dll into every process and hook the registry access methods. But as said, just a guess. Google for "injecting a DLL" and "hooking api calls" if you don't understand what i mean...
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> Sometimes you just have to hate coding to do it well. <
|
|
|
|
|
yes, that's what i wanna do, hook a dll into 'windows' or explorer.exe.
just like sopme virusses, accept i wanna prevent them.
Bad = knowing 2 much
|
|
|
|
|
i could be completely wrong here but as far as my knowledge goes hooking into explorer won't affect any other processes trying to access the registry...
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> Sometimes you just have to hate coding to do it well. <
|
|
|
|
|
wel, i don't know at all , but i wanna write sometol, to inform my customers that there is something wrong.
i probably need to hook in the kernel or so.
i read some of the links from msdn and codeproject, but stil nothing what i need, but good info.
: )
Bad = knowing 2 much
|
|
|
|
|
hmmmm, this is 'API hooking revealed[^]' instresting material.
it provide something i need.
hook all proceses.
atleast the test app's log told me exactly what programm i have open.
: )
Bad = knowing 2 much
|
|
|
|
|
Don't know which method of DLL injection you will choose but i guess since you want to monitor every process's attempts to access the registry you will choose the 1st method (Registry) under the "Injecting techniques" on the page you linked to in your post. Just a warning here, not everyone has the rights to read/write any parts of the registry, so don't get bad surprises e.g. when your proggie works great under Windows xp but fails on Vista (like i had this experience sadly ) or it works ok under the admin account but not under a normal user account. Anyways, i did some work with api hooking myself, so if you get stuck somewhere, ask away and if i can, i help.
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> Sometimes you just have to hate coding to do it well. <
|
|
|
|
|
wel the program is for my customers.
the computers i sell and install, debug & fix for my clients in my friends lilte store.
so i have 'admin' acces from first moment on.
yes, i wanna intercept any program a user executes and attempts to write to the registry.
but much investigation has to be done.
because some proceses execute as 'system' and not as user.
but in the first place, i only want to protect certains spots in the registry, you know the dangerous spots, run, runonce, etc, etc.
the 'hook' is targetted @ people that have no clue and just chat, navigate a litle.
Bad = knowing 2 much
|
|
|
|
|
Hi Guys,
I'm building a simple TCP/IP client/server application and can't find any examples that I could run in Visual Studio IDE. Everything seems to be MFC and it's not compiling under Visual Studio 2010 Express C++ for some reason. I'm not very skilled in the C++ area so please be patient with me. Something that compiles and runs out of the box please.
Regards,
Stevo
zilo
|
|
|
|
|
Try a Google search for "socket samples", and you should find something that works. Also you cannot compile MFC applications with Express Edition as it does not contain the MFC libraries; you have to pay for them.
It's time for a new signature.
|
|
|
|
|
Richard MacCutchan wrote: Also you cannot compile MFC applications with Express Edition
Strange, google says exactly the opposite.
Life is a stage and we are all actors!
|
|
|
|
|
Yes, a bad choice of words on my part. I meant that the Express Edition does not include MFC by default, and thus will not be able to build an MFC project, unless you buy MFC and install it.
It's time for a new signature.
|
|
|
|
|
Why can't everything be in C#
zilo
|
|
|
|
|
|
Thanks a lot to all reponses!
In the meantime, I've managed to make Practical C++ Sockets[^] work with only little tweaking and my poor knowledge of unmanaged C++ world
zilo
|
|
|
|
|
|
Thanks Moak for such an exhaustive answer,
currently I've managed to make Practical C++ Sockets[^] work, that will be hopefully enough for the moment.
zilo
|
|
|
|
|
Hi all,
i m using CFileDialog to browse file,but i want no shourtcut disaplay in this dialog.
please anyone can tell me how can i do this.
thanks in advance.
|
|
|
|
|
you can specify a filter in the OPENFILENAME struct, for example
ofn.lpstrFilter = _T("Word Files (*.doc; *.docx)\0*.doc;*.docx\0");
But that is a whitelist, i.e. nothing other than doc/docx files will be shown. AFAIK there's no way to exclude an extension, but allow anything else.
There is sufficient light for those who desire to see, and there is sufficient darkness for those of a contrary disposition.
Blaise Pascal
|
|
|
|
|
I tried this but its not working
CFileDialog dlg(TRUE,0,0,OFN_FILEMUSTEXIST|OFN_PATHMUSTEXIST|OFN_HIDEREADONLY);
dlg.m_ofn.lpstrFilter = _T("EXE Files (*.exe)\0*.exe\0");
if(dlg.DoModal()==IDCANCEL)
return;
|
|
|
|
|
You are missing a final \0 terminator in your filter string. The filter uses a single \0 to delimit each individual string, and then two terminators \0\0 to terminate the whole thing.
|
|
|
|
|
CFileDialog dlg(TRUE,0,0,OFN_FILEMUSTEXIST|OFN_PATHMUSTEXIST|OFN_HIDEREADONLY);
dlg.m_ofn.lpstrFilter = _T("EXE Files (*.exe)\0*.exe\0\0");
if(dlg.DoModal()==IDCANCEL)
return;
now its ok.
but its not working again.
|
|
|
|
|
try this then
dlg.m_ofn.lpstrFilter = "C++ Source Files (*.cpp;*.h)|*.cpp;*.h|All files (*.*)|*.*||"
There is sufficient light for those who desire to see, and there is sufficient darkness for those of a contrary disposition.
Blaise Pascal
|
|
|
|
|
|
The second \0 is put implicitly by the compiler.
There is sufficient light for those who desire to see, and there is sufficient darkness for those of a contrary disposition.
Blaise Pascal
|
|
|
|
|
Hmm, you're right. I always specify the filter using the CFileDialog constructor, so I use the "|" and "||" delimiters in the filter string.
|
|
|
|