These are chat archives for EasyHook/EasyHook

27th
Sep 2016
Justin Stenning
@spazzarama
Sep 27 2016 00:10
:)
Hochmah
@Hochmah
Sep 27 2016 16:42
Hi, I'm totally newbie on this... but I'm trying to figure out how I could log all functions and parameters an .exe is executing... that manner I could decide witch function I need to hook to accomplish my work... that is to intercept an event in the target .exe end make some validations to decide if process should continue or terminate it.
I know I'm being pretty vague, but... Can someone give me some directions?
Nikolaj Mariager
@TinkerWorX
Sep 27 2016 17:49
This isn't something you'd use EasyHook for. It's way too slow for that. You'll want to use a debugger.
Hochmah
@Hochmah
Sep 27 2016 17:52
Thanks Nikokaj, since I have no clue on which language this app was written... Do you think if I attach the processes to visual studio, I could find witch function I should hook?
Nikolaj Mariager
@TinkerWorX
Sep 27 2016 17:56
Visual Studio might not be the best tool for the job. Something like OllyDbg or IDA Pro would be more useful.
IDA Pro is expensive, OllyDbg is free and has a lot of tutorials and documentation.
Hochmah
@Hochmah
Sep 27 2016 17:57
I'll give a try on the last one... Thanks a lot!
Nikolaj Mariager
@TinkerWorX
Sep 27 2016 17:57
No problem.
I don't know if any text is shown when the function you want to hook is run, but they're usually easy to track and will usually give a good ballpark.
An example is when you hit Save and a window pops up which gives you status text like "Saving document ...". Looking for the "Saving document ..." string will get you closer to whatever does the saving.
Hochmah
@Hochmah
Sep 27 2016 18:04
Sounds a little trick... Let me see what OllyDbg can show me!
Thanks again!