Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Nov 27 02:32
    justinstenning commented #401
  • Oct 18 16:53
    0xQQa commented #400
  • Sep 22 07:50
    ATLaptic commented #401
  • Sep 21 21:47
    justinstenning commented #401
  • Sep 21 06:09
    ATLaptic opened #401
  • Sep 11 00:32
    SunnyDesignor commented #400
  • Sep 10 22:39
    justinstenning commented #400
  • Sep 10 17:04
    SunnyDesignor opened #400
  • Sep 10 16:02
    SunnyDesignor commented #375
  • Sep 07 15:07
    StephMoodyEmpowered opened #399
  • Jul 05 20:24
    IvanJRCH opened #398
  • Apr 28 18:05
    giesalabs commented #380
  • Apr 19 03:38
    zhaokaixs opened #397
  • Apr 01 14:22
    Nickert1337 edited #396
  • Apr 01 14:22
    Nickert1337 opened #396
  • Mar 15 03:48
    bwmaples commented #395
  • Mar 13 09:54
    bwmaples commented #395
  • Mar 13 09:36
    bwmaples commented #395
  • Mar 13 09:32
    bwmaples commented #395
  • Mar 13 07:33
    bwmaples commented #395
Justin Stenning
@spazzarama
@TinkerWorX easyhook already checks for this, it disassembles the instructions to determine their length and will increase the size up to the end of the instruction to be moved.
Nikolaj Mariager
@TinkerWorX
hmm
I wonder why it isn't working then.
Should I be using any special kind of signature for the function? Calling convention?
Justin Stenning
@spazzarama
I'll have to have a try, unfortunately very busy atm. For the handler? Just whatever I think
Nikolaj Mariager
@TinkerWorX
Yeah, it's okay. I guess I'll stop for today. I'll see if I can get a debugger attached and follow the injected assembly and see where/why it fails.
Justin Stenning
@spazzarama
Perhaps something isn't being backed up beforehand (register)
Nikolaj Mariager
@TinkerWorX
I was under the assumption that EasyHook backed up everything? Something like PushAD or similar?
Justin Stenning
@spazzarama
Your handler has not parameters right?
Nikolaj Mariager
@TinkerWorX
Nope, just a void Handler(); with calltype set to __cdecl
I've tried with __stdcall as well.
Nikolaj Mariager
@TinkerWorX
I'll fiddle some more with it tomorrow. Thanks for getting back to me. I'll let you know if I figure out what the problem is.
Justin Stenning
@spazzarama
Try a few other locations, eg taking out the start of a loop might not work
Thx, I'll try to find some time but prob not this week
Nikolaj Mariager
@TinkerWorX
Does RemoteHooking.Inject pause any threads in the target process?
Mitchell Monahan
@soccermitchy
Is there a way to get the base address of a process from the entry point class after I do RemoteHooking.Inject, then call a function from it's memory address? Trying to port the loader for a game modding framework I'm working on to C# using EasyHook, since my current one keeps breaking and I hate maintaining that code (since I suck at C++)
Philip Heber
@pheber16_twitter
So, to get back to my original question...would two hooks from separate AppDomains to the same native method work? :)
Justin Stenning
@spazzarama
@pheber16_twitter EH supports two hooks to the same function, the appdomain part will not impact the native workings of easyhook, but not if any issues on the c# side, probably something you will just have try. Note: your hooks will behave in a chained LIFO approach, ie ur last hook handler, then the next and so on
well it supports multiple hooks to the same function, not just two :)
Nikolaj Mariager
@TinkerWorX
@spazzarama When adding a detour inside a function, is the code it replaces called before jumping to the detour function or after? I would assume after, but I just want to make sure.
Justin Stenning
@spazzarama
@TinkerWorX the original code is called afterwards, assuming you call the original within your hook handler
Nikolaj Mariager
@TinkerWorX
Yeah, that's what I expected.
skypecallrecord
@skypecallrecord_twitter
Hey, I have a problem when using EasyHook to inject dll into a UWP app..
it show message "unable to find easyhook libary..."
Is there anyone can help please, thanks.
Justin Stenning
@spazzarama
@skypecallrecord_twitter
@skypecallrecord_twitter hooking of UWP apps is currently not supported, unless you have all your libraries copied to system32
LoadLibrary API in UWP is restricted to known paths of the app
even if in system32 I don't know if it will work or not
Jan Martin
@catmanjan
hey has anyone been able to hook into OnDragDrop in Outlook via an add-in?
Jan Martin
@catmanjan
not sure if i can use localhook - unclear if addins are run in the same appdomain as outlook
Jan Martin
@catmanjan
got it working with a remotehook, only problem is easyhook seems to crash outlook when i trigger the hook
sukhoeing
@sukhoeing
Hey, I'm new here, I'm wondering that if there's a XP-compatitable version of EasyHook32.dll? I'm stuck because of the 0x8007007F dll loading exception.
Justin Stenning
@spazzarama
@catmanjan make sure you have the correct calling convention and parameters, that is usually the cause of crashes when the hook is triggered.
@sukhoeing you may need to grab an old version, maybe even from the codeplex site, alternatively you can compile the project yourself.
Justin Stenning
@spazzarama
@sukhoeing take a look at this Fork for XP support: draco1023/EasyHook@2a68236
sukhoeing
@sukhoeing
@spazzarama Thanks so much, I've compiled the project myself and it works.
Vyacheslav Avdeev
@lsoft
Hi! I'm using EasyHook and have a question. My scope: unmanaged code, local hooks. I need to hide some files from my application. So I decide to hook FindFirstFile and FindNextFile and perform some magic. Interceptions of these functions are sufficient to accomplish my task. My application contains two dlls: main.dll, and hook.dll. Hook.dll hides files for main.dll. For some reason I need to call a genuine win32 FindFIRSTFile function from a FindNEXTFile hook handler. But this call is intercepted by FindFIRSTFile hook handler. It makes big difficulties for me. So my question: is it possible to disable all local hooks for hook.dll, but leave their enabled for main.dll?
Justin Stenning
@spazzarama
If diff threads you can use ACLs, otherwise I would suggest using a mutex to coordinate your code
Vyacheslav Avdeev
@lsoft
Yeah, I was thinking about threads... Thanks a lot for reply and for EasyHook!
Corey Gwin
@simpleshadow
Hi! New here and to hooking and injecting, so apologize if this question is way off base: Are there any conceivable strategies for injecting a Unity3D application and have it rendered in the target process (i.e. hook into Direct3D like Direct3DHook) ? I'm assuming there's not a way to pull in the UnityEngine and instead would have to write my own Direct3D engine/render that's injected (w/ shaders, etc.) to do something like this?
(Thanks for EasyHook and any suggestions!)
823639792
@823639792
how to hook any thread in my process
where can i find pdb file?
Justin Stenning
@spazzarama
@simpleshadow you could perhaps render from your app and overlay into target app
Justin Stenning
@spazzarama
@823639792
823639792
@823639792
@spazzarama
can i printf stack when use LhBarrierCallStackTrace?
Justin Stenning
@spazzarama
@823639792 any thread you set exclusive acl to 1 or -1 or similar unlikely thread ID
@823639792 there is a fork that adds stack trace support for 64-bit, otherwise 32-bit should be ok