Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Nov 27 02:32
    justinstenning commented #401
  • Oct 18 16:53
    0xQQa commented #400
  • Sep 22 07:50
    ATLaptic commented #401
  • Sep 21 21:47
    justinstenning commented #401
  • Sep 21 06:09
    ATLaptic opened #401
  • Sep 11 00:32
    SunnyDesignor commented #400
  • Sep 10 22:39
    justinstenning commented #400
  • Sep 10 17:04
    SunnyDesignor opened #400
  • Sep 10 16:02
    SunnyDesignor commented #375
  • Sep 07 15:07
    StephMoodyEmpowered opened #399
  • Jul 05 20:24
    IvanJRCH opened #398
  • Apr 28 18:05
    giesalabs commented #380
  • Apr 19 03:38
    zhaokaixs opened #397
  • Apr 01 14:22
    Nickert1337 edited #396
  • Apr 01 14:22
    Nickert1337 opened #396
  • Mar 15 03:48
    bwmaples commented #395
  • Mar 13 09:54
    bwmaples commented #395
  • Mar 13 09:36
    bwmaples commented #395
  • Mar 13 09:32
    bwmaples commented #395
  • Mar 13 07:33
    bwmaples commented #395
skypecallrecord
@skypecallrecord_twitter
Hey, I have a problem when using EasyHook to inject dll into a UWP app..
it show message "unable to find easyhook libary..."
Is there anyone can help please, thanks.
Justin Stenning
@spazzarama
@skypecallrecord_twitter
@skypecallrecord_twitter hooking of UWP apps is currently not supported, unless you have all your libraries copied to system32
LoadLibrary API in UWP is restricted to known paths of the app
even if in system32 I don't know if it will work or not
Jan Martin
@catmanjan
hey has anyone been able to hook into OnDragDrop in Outlook via an add-in?
Jan Martin
@catmanjan
not sure if i can use localhook - unclear if addins are run in the same appdomain as outlook
Jan Martin
@catmanjan
got it working with a remotehook, only problem is easyhook seems to crash outlook when i trigger the hook
sukhoeing
@sukhoeing
Hey, I'm new here, I'm wondering that if there's a XP-compatitable version of EasyHook32.dll? I'm stuck because of the 0x8007007F dll loading exception.
Justin Stenning
@spazzarama
@catmanjan make sure you have the correct calling convention and parameters, that is usually the cause of crashes when the hook is triggered.
@sukhoeing you may need to grab an old version, maybe even from the codeplex site, alternatively you can compile the project yourself.
Justin Stenning
@spazzarama
@sukhoeing take a look at this Fork for XP support: draco1023/EasyHook@2a68236
sukhoeing
@sukhoeing
@spazzarama Thanks so much, I've compiled the project myself and it works.
Vyacheslav Avdeev
@lsoft
Hi! I'm using EasyHook and have a question. My scope: unmanaged code, local hooks. I need to hide some files from my application. So I decide to hook FindFirstFile and FindNextFile and perform some magic. Interceptions of these functions are sufficient to accomplish my task. My application contains two dlls: main.dll, and hook.dll. Hook.dll hides files for main.dll. For some reason I need to call a genuine win32 FindFIRSTFile function from a FindNEXTFile hook handler. But this call is intercepted by FindFIRSTFile hook handler. It makes big difficulties for me. So my question: is it possible to disable all local hooks for hook.dll, but leave their enabled for main.dll?
Justin Stenning
@spazzarama
If diff threads you can use ACLs, otherwise I would suggest using a mutex to coordinate your code
Vyacheslav Avdeev
@lsoft
Yeah, I was thinking about threads... Thanks a lot for reply and for EasyHook!
Corey Gwin
@simpleshadow
Hi! New here and to hooking and injecting, so apologize if this question is way off base: Are there any conceivable strategies for injecting a Unity3D application and have it rendered in the target process (i.e. hook into Direct3D like Direct3DHook) ? I'm assuming there's not a way to pull in the UnityEngine and instead would have to write my own Direct3D engine/render that's injected (w/ shaders, etc.) to do something like this?
(Thanks for EasyHook and any suggestions!)
823639792
@823639792
how to hook any thread in my process
where can i find pdb file?
Justin Stenning
@spazzarama
@simpleshadow you could perhaps render from your app and overlay into target app
Justin Stenning
@spazzarama
@823639792
823639792
@823639792
@spazzarama
can i printf stack when use LhBarrierCallStackTrace?
Justin Stenning
@spazzarama
@823639792 any thread you set exclusive acl to 1 or -1 or similar unlikely thread ID
@823639792 there is a fork that adds stack trace support for 64-bit, otherwise 32-bit should be ok
or for the thread if you don't need current thread (usually case especially if injecting) setexclusive with 0
0 == current threadid
823639792
@823639792
@spazzarama LhBarrierCallStackTrace(CallStack, 64, &MethodCount); Can I output CallStack using string?
Justin Stenning
@spazzarama
it has some details that may help you
823639792
@823639792
ok,thanks
Green-Wolf
@Green-Wolf
Good Evening all, I just wanted a quick sanity check to ask if it is it possible to use Easyhook to hook .NET dll's that are in the GAC. I'm wanting to hook the system.net.http dll for the httpclient class. Specifically the getAsync method. Is this possible with easyhook?
Justin Stenning
@spazzarama
@Green-Wolf EasyHook cannot hook managed methods. There was a very early proof of concept that was possible by forcing a re-JIT/hooking the JIT compiler however that hasn't been possible since .NET 3.5 (I believe). It is possible to hook delegates, but that doesn't really help in this situation.
Green-Wolf
@Green-Wolf
Thanks @spazzarama , much appreciated
Michael IV
@SasMaster1980_twitter
Hi All. Anybody here encountered any issues when using native C++ based on Windows SDK 10 (10.0.16299.0) ?
I filed an issue on the github page.What happens is that when I switch from 8.1 to 10 SDK the hook can't find its entry point in the hook DLL.
Justin Stenning
@spazzarama
@SasMaster1980_twitter worked fine for me with 10.0.15063.0, can you try that version (I don't have 10.0.16299.0 SDK installed yet)

@SasMaster1980_twitter I assume your native entry point looks something like:

extern "C" void declspec(dllexport) stdcall NativeInjectionEntryPoint(REMOTE_ENTRY_INFO inRemoteInfo);
void __stdcall NativeInjectionEntryPoint(REMOTE_ENTRY_INFO
inRemoteInfo) {...

Michael IV
@SasMaster1980_twitter
Hmm, will try that version. Yeah, the hook entry point in my app looks like that.
Michael IV
@SasMaster1980_twitter
Well,weird stuff.Today tried it again with 10.0.16299.0 and with the 10.0.15063.0 - and it worked ok. No idea what was wrong. I was messing with this issue yesterday ,like, for 2 hours..
Shit
MechanicalPen
@MechanicalPen
I'm trying to use EasyHook .NET to hook a DLL. It works great except the function I am hooking takes a c++ std::string. I can't figure out how to even pass it back into the original function without it crashing. I tried void*, IntPtr. Any ideas?
MechanicalPen
@MechanicalPen
The original function is bool sf::SoundBuffer::loadFromFile ( const std::string & filename )
Justin Stenning
@spazzarama
@MechanicalPen what does your handler signature look like?
32-/64-bit?
MechanicalPen
@MechanicalPen

[UnmanagedFunctionPointer(CallingConvention.ThisCall, SetLastError = true, CharSet = CharSet.Unicode)] [return: MarshalAs(UnmanagedType.Bool)] unsafe delegate bool SmflAudio2_SoundBuffer_loadFromFile(void* filename);

32 bit.

MechanicalPen
@MechanicalPen
Here's the rest of the relevant code, in case it helps. audioOpenFromFileAddress = LocalHook.GetProcAddress("sfml-audio-2.dll", "?openFromFile@InputSoundFile@sf@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z"); smfl_loadFromFile = Marshal.GetDelegateForFunctionPointer<SmflAudio2_SoundBuffer_loadFromFile>(audioOpenFromFileAddress);