0

I'm currently trying to hook the "MessageBeep" function in user32.dll by using EasyHook. If im running [this example][1] everything seems to work fine. But if I replace the thread-ID in lines 52 and 60 with the thread-ID of my test application the hook does not apply for the ohter program.

Why is the SetExclusiveACL-Method not accepting any other thread-Ids? e.g.

hook.ThreadACL.SetExclusiveACL(new int[] { 8788 });

I'm using the following Code to retrieve the thread-ID of my test application and to verify if the hook works on the MessageBeep function:

Sub Main()
   While True
      Console.WriteLine(GetCurrentThreadId().ToString)
      MessageBeep(&H40)
      If Console.ReadKey().KeyChar = "c"c Then
          Console.Clear()
      End If
   End While
End Sub
Klinger
  • 4,900
  • 1
  • 30
  • 35
user4841702
  • 43
  • 6
  • What do you mean by 'other program'? – Kim Hoang Dec 21 '16 at 00:56
  • I've got two applications: 1. example provided by EasyHook developers 2. my test program in vb.net with the code shown above In the original example the thread-ID passed to SetExclusiveACL(new int[] { 0 }); ist zero (which means the hook applies to the current thread).I want to apply the hook to any thread-ID but I don't manage to get this working – user4841702 Dec 21 '16 at 01:02
  • 1
    So you mean that you set up the hook for MessageBeep in Application A. You call MessageBeep in Application B. And you expect the your hook function in Application A will get executed? – Kim Hoang Dec 21 '16 at 01:26
  • Yes. If I use the thread-ID of Application B while setting up the hook, I want the hook to be executed instead of the original MessageBeep function. Isn't this the point of using hooks? I appreciate your help by the way :) – user4841702 Dec 21 '16 at 08:15
  • 1
    I think you misunderstand the hook. You can only hook the function of current process. If you want to hook to a target process, you need to inject your DLL into target process, EasyHook already provide the way to do it. And inside that injected DLL, you can set the LocalHook for MessageBeep. – Kim Hoang Dec 21 '16 at 08:17
  • Is there any example for injecting DLL code in applications on the EasyHook website? And how do programs like RunAsDate (by NirSoft) work? – user4841702 Dec 21 '16 at 08:21
  • 1
    Check my answer below. I already provide a tutorial on codeproject – Kim Hoang Dec 21 '16 at 08:24

1 Answers1

1

If you want to hook to a target process, you need to inject your DLL into target process, EasyHook already provide the way to do it. And inside that injected DLL, you can set the LocalHook for MessageBeep. Below is sample code to do the injection using RemoteHooking.Inject

//create channel to send text data and log
RemoteHooking.IpcCreateServer<LogChannel>(ref _logChannelName, WellKnownObjectMode.Singleton);

RemoteHooking.IpcCreateServer<TextDataChannel>(
     ref _textDataChannelName, WellKnownObjectMode.Singleton);

CommandChannel = new Common.IPC.CommandChannel();

string filePath = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location) + "\\" + INJECT_DLL_NAME;
RemoteHooking.Inject(processID,InjectionOptions.DoNotRequireStrongName,
               filePath,
               filePath,
                _logChannelName, _textDataChannelName, CommandChannel.PipeName, _pendingMsgType);

Updated: you can refer to this link https://www.codeproject.com/Articles/27637/EasyHook-The-reinvention-of-Windows-API-hooking

Kim Hoang
  • 1,338
  • 9
  • 24