kolynet Posted October 7, 2014 Posted October 7, 2014 Hi, Im looking for a delphi hook source which could spy DrawTextW messages from user32.dll and store it in file or write on memo real time for ages without success! Is there anyone with better skills for hooking and stuff? Thank you:) https://code.google.com/p/delphi-detours-library/ this is what i tried to use, compiled a DLL, and tried injecting with extreme injector or xploded security injector, but after injection the remote process stops working (crashes). i have no idea. 1
xSRTsect Posted October 7, 2014 Posted October 7, 2014 but is it ok for you to hook locally (on the module) or you want to do this systemwise (dangerous, often requires the use of exploits)?
kolynet Posted October 7, 2014 Author Posted October 7, 2014 but is it ok for you to hook locally (on the module) or you want to do this systemwise (dangerous, often requires the use of exploits)? i think locally.
simple Posted October 8, 2014 Posted October 8, 2014 IMHO - dll injection fails more than it succeeds and asm ways are better. Can't you just put a jmp instruction to a code cave (in this code cave convert the args from unicode to ansi/ascii, put calls to fopen, fwrite, fclose to log DrawTextW args to file) before DrawTextW and do it like that? 1
xSRTsect Posted October 8, 2014 Posted October 8, 2014 Yes that is the way however he wants to do it in delphi. ..so i have no ideia
h4sh3m Posted October 9, 2014 Posted October 9, 2014 Hi Do you have certain single process or you want to use it in system wide ?for single process better way is using HWBP and hook is better for system wide use !for debugging you can use DBGCLS component and for hook you can use MagicApiHook (but after hook and getting your result each time you should pass the arguments to real function). Best Regards,h4sh3m
kolynet Posted October 9, 2014 Author Posted October 9, 2014 single, may you help me a bit with HWBP or single process hook on skype or someting? i would appreciaite it pretty much:)
kao Posted October 9, 2014 Posted October 9, 2014 http://help.madshi.net/HowToUseMadCodeHook.htm - it has all the information you need.
kolynet Posted October 9, 2014 Author Posted October 9, 2014 finally i got my drawtext hook working in delphi. the following issue is that i cannot use the datas in my external application from where i do the injection. is there any workaround?
kao Posted October 9, 2014 Posted October 9, 2014 It depends on which hooking engine you're using. For example, madCodeHook provides IPC (Inter-Process-Communication) functions which can send data from injected DLL to your application and back.
kolynet Posted October 9, 2014 Author Posted October 9, 2014 im using detours. and injecting with a simple application which is doing an injection with createremotethread.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now