Posted October 7, 201410 yr Hi, Im looking for a delphi hook source which could spy DrawTextW messages from user32.dll and store it in file or write on memo real time for ages without success! Is there anyone with better skills for hooking and stuff? Thank you:) https://code.google.com/p/delphi-detours-library/ this is what i tried to use, compiled a DLL, and tried injecting with extreme injector or xploded security injector, but after injection the remote process stops working (crashes). i have no idea.
October 7, 201410 yr but is it ok for you to hook locally (on the module) or you want to do this systemwise (dangerous, often requires the use of exploits)?
October 7, 201410 yr Author but is it ok for you to hook locally (on the module) or you want to do this systemwise (dangerous, often requires the use of exploits)? i think locally.
October 8, 201410 yr IMHO - dll injection fails more than it succeeds and asm ways are better. Can't you just put a jmp instruction to a code cave (in this code cave convert the args from unicode to ansi/ascii, put calls to fopen, fwrite, fclose to log DrawTextW args to file) before DrawTextW and do it like that?
October 9, 201410 yr Hi Do you have certain single process or you want to use it in system wide ?for single process better way is using HWBP and hook is better for system wide use !for debugging you can use DBGCLS component and for hook you can use MagicApiHook (but after hook and getting your result each time you should pass the arguments to real function). Best Regards,h4sh3m
October 9, 201410 yr Author single, may you help me a bit with HWBP or single process hook on skype or someting? i would appreciaite it pretty much:)
October 9, 201410 yr http://help.madshi.net/HowToUseMadCodeHook.htm - it has all the information you need.
October 9, 201410 yr Author finally i got my drawtext hook working in delphi. the following issue is that i cannot use the datas in my external application from where i do the injection. is there any workaround?
October 9, 201410 yr It depends on which hooking engine you're using. For example, madCodeHook provides IPC (Inter-Process-Communication) functions which can send data from injected DLL to your application and back.
October 9, 201410 yr Author im using detours. and injecting with a simple application which is doing an injection with createremotethread.
Create an account or sign in to comment