Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Apr 19 01:55
    luckywuhan closed #361
  • Apr 19 01:55
    luckywuhan commented #361
  • Apr 19 01:54
    luckywuhan commented #361
  • Apr 15 13:53
    wangruoyi1996 commented #368
  • Apr 15 07:44
    spazzarama closed #358
  • Apr 15 07:44
    spazzarama commented #358
  • Apr 15 07:42
    spazzarama commented #368
  • Apr 15 07:41
    wangruoyi1996 commented #368
  • Apr 15 07:38
    spazzarama commented #368
  • Apr 15 07:36
    wangruoyi1996 commented #368
  • Apr 15 07:18
    spazzarama commented #367
  • Apr 15 07:16
    spazzarama commented #362
  • Apr 15 07:12
    spazzarama commented #361
  • Apr 15 07:08
    spazzarama closed #356
  • Apr 15 06:53
    spazzarama commented #368
  • Apr 15 06:53
    spazzarama commented #368
  • Apr 15 06:50
    spazzarama commented #368
  • Apr 15 05:07
    wangruoyi1996 commented #368
  • Apr 12 04:39
    wangruoyi1996 opened #368
  • Apr 12 02:53
    t-anh opened #367
Joel Van Eenwyk
@joelvaneenwyk
@spazzarama , FYI, i'm back to the grind and re-looking at formatting C#/C++ and this issue: EasyHook/EasyHook#275
Justin Stenning
@spazzarama
@joelvaneenwyk welcome back!
michael7845
@michael7845
appreciate the work you guys are doing on this library
impressive to see one 5 years old still getting updates
Justin Stenning
@spazzarama
Cheers @michael7845 not as often as i would like tho :) oh and this was on codeplex first, Christoph started it around 2005? and i started working on it in 2008.
michael7845
@michael7845
wow that's really old, gj for keeping it up dude
Rasta Mouse
@rasta-mouse
Hi all. At the risk of sounding really dumb, is there are more literature or examples for using the Easy Hook driver? I'm looking for something that can register a callback for PsSetCreateProcessNotifyRoutine and then load EasyHook's DLL.
Justin Stenning
@spazzarama
@rasta-mouse not really sorry, the driver is intended for kernel mode hooking, so probably not quite what you are after in that instance. People have certainly got it workjng but i dont support it as it is a fairly advanced topic within an already advanced topic. If you need a driver for the create process notify i would look at how to create a file system filter driver - this should give you the low level access you are after.
Rasta Mouse
@rasta-mouse
Cheers @spazzarama 👍
spacehamster
@spacehamster
is it possible to get line numbers to show up in stack traces with C# remote hooks?
Justin Stenning
@spazzarama
@spacehamster there might be a pull request for that i think, from axios?? Can’t remember exactly. I just have never got around to checking it out.
@spacehamster no pull request, this is the related issue: EasyHook/EasyHook#8
WENTION
@wention
Hi, i'm using setWindowsHook to inject my dll, and easyhook to hook APIs. But sometime it failed on LhInstallHook
image.png
and. show me dbgheap error
image.png
if it was my fault?
Call Stack: 
 EasyHook32.dll!542a3be6()    未知
 [下面的框架可能不正确和/或缺失,没有为 EasyHook32.dll 加载符号]    
 EasyHook32.dll!542a440d()    未知
 EasyHook32.dll!542a43aa()    未知
 EasyHook32.dll!542a6299()    未知
 EasyHook32.dll!5429e567()    未知
 EasyHook32.dll!5428dea9()    未知
 EasyHook32.dll!54290d32()    未知
 EasyHook32.dll!54291451()    未知
 KPHookDll.dll!doHook() 行 49    C++
 KPHookDll.dll!DllMain(HINSTANCE__ * hModule=0x544e0000, unsigned long ul_reason_for_call=1, void * lpReserved=0x00000000) 行 21    C++
James Stine
@LeonBlade
Not sure if people are really active here, but I'm curious if anyone has encountered a situation where EasyHook is already injected from another process.
Justin Stenning
@spazzarama
@LeonBlade once or twice, as long as the version is compatible it shooldnt cause issues, alternatively you can do a custom build that uses different dll names
James Stine
@LeonBlade
@spazzarama I run into an issue where it reports an unknown error code 15. I don't know if maybe I can do something with the already injected dll somehow to load in another library or something, I haven't looked into it yet. I know it's not supported natively though.
I'll have to double check if the versions are the same. I know when I tried initially easyhook64.dll wasn't being created so I'll just have to look into that as well.
James Stine
@LeonBlade
I tried with the same version of EasyHook as the one already injected but still no luck. "STATUS_INTERNAL_ERROR Unknown error in injected C++ completion routine. (Code: 15)" sadly.
Justin Stenning
@spazzarama
@LeonBlade I’m not convinced it being there already is the cause of the issue, could you try with something else you are able to inject jnto, and try injecting two different libraries from two test apps. Also check getting the error string from EasyHook.
James Stine
@LeonBlade
The error string seems to just be "Unknown error in injected C++ completion routine."
James Stine
@LeonBlade
@spazzarama I haven't tested another process to inject into, but I have verified that either or of my DLLs can be injected fine but not both at once as they both get the same error.
It is an older version of EasyHook though, so I'll try looking into updating them.
James Stine
@LeonBlade
Can't really do that, I'll have to keep trying something.
Justin Stenning
@spazzarama
If you are in control of them both, then can you not just load the 2nd from the first rather than trying to inject again?
James Stine
@LeonBlade
Not exactly, it's related to a modding system. The first one is injected at runtime. My secondary injection takes place after runtime as a separate project.
I was looking into injecting the DLL and calling easyload functions manually somehow but I haven't done a great deal of research into it yet.
Justin Stenning
@spazzarama
Once injected you can just use local hooks for additional hook, so the first always succeeds then, weird. If you prep a tedt the reproduces i can have a look
Prepare a test...
James Stine
@LeonBlade
I wasn't able to reproduce it with a console app injecting two separate DLLs with with two separate injections. There must be something unique with this setup.
James Stine
@LeonBlade

I am able to get a separate error when trying to do two separate injections in the process I'm attempting this on.

Unknown error code (-1073740008): The service is already registered. Use the service control manager to remove it! (Code: 1072)

James Stine
@LeonBlade
I don't think it really matters though given that it's not the main problem.
Praying
@Praying
How can I write a dll to hook the "OpenFileW" ?
with cpp
Jana Mohn
@Qibbi
@spazzarama in C#, what could cause a LocalHook to be collected without my code triggering it?
jackwolail
@jackwolail
any one here
Why is it that the first instruction is jmp, so it can't be hooked?
Why is it that the first instruction is jmp, so it can't be hooked?
jackwolail
@jackwolail
@spazzarama are you here?
jackwolail
@jackwolail
anyone here??
bgxb
@bgxb:matrix.org
[m]
Hello! With this library would be possible to make a custom open/save file dialog?
I mean, customize the open/save file dialog of an app that I don'thave the source code of.
Justin Stenning
@spazzarama
@Qibbi if it is collected by GC it will be freed, keep a reference alive
@jackwolail commented in your issue in github
@bgxb:matrix.org in theory yes, if you find the correct hook points