Jump to content
Tuts 4 You

Delphi / API hook / DrawText


kolynet

Recommended Posts

Posted

Hi,


 


Im looking for a delphi hook source which could spy DrawTextW messages from user32.dll and store it in file or write on memo real time for ages without success! Is there anyone with better skills for hooking and stuff? Thank you:)


 


https://code.google.com/p/delphi-detours-library/


 


this is what i tried to use, compiled a DLL, and tried injecting with extreme injector or xploded security injector, but after injection the remote process stops working (crashes).


 


i have no idea. 


 


 


  • Like 1
Posted

but is it ok for you to hook locally (on the module) or you want to do this systemwise (dangerous, often requires the use of exploits)?


Posted

but is it ok for you to hook locally (on the module) or you want to do this systemwise (dangerous, often requires the use of exploits)?

 

i think locally.

Posted

IMHO - dll injection fails more than it succeeds and asm ways are better.


 


Can't you just put a jmp instruction to a code cave (in this code cave convert the args from unicode to ansi/ascii, put calls to fopen, fwrite, fclose to log DrawTextW args to file) before DrawTextW and do it like that?


  • Like 1
Posted

Yes that is the way however he wants to do it in delphi. ..so i have no ideia

Posted

Hi


 


Do you have certain single process or you want to use it in system wide ?


for single process better way is using HWBP and hook is better for system wide use !


for debugging you can use DBGCLS component and for hook you can use MagicApiHook (but after hook and getting your result each time you should pass the arguments to real function).


 


 


 


Best Regards,


h4sh3m


Posted

single, may you help me a bit with HWBP or single process hook on skype or someting? i would appreciaite it pretty much:)


Posted

finally i got my drawtext hook working in delphi. the following issue is that i cannot use the datas in my external application from where i do the injection. is there any workaround? :o


Posted

It depends on which hooking engine you're using. For example, madCodeHook provides IPC (Inter-Process-Communication) functions which can send data from injected DLL to your application and back.


Posted

im using detours. and injecting with a simple application which is doing an injection with createremotethread. 


Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...