Stack Overflow
Stack Overflow

Questions tagged [detours]

This tag is about the Microsoft Detours library for intercepting arbitrary Win32 binary functions on x86, x64, and ARM machines.

Detours is a library for intercepting arbitrary Win32 binary functions on x86, x64, and ARM machines.

245 questions
0
votes
0 answers

Windows DLL Backwards Compatibility

I am using MS detours 3.0 Express to create a DLL that detours a function of an application. I have used StudPE to enter the dll API and hook it to the application. Everything works fine except for it won't work on windows XP. Windows 7 works fine…
madziikoy
  • 1,447
  • 7
  • 22
  • 32
0
votes
2 answers

MS Detours Express 3.0 is not hooking CreateFile win32 API function properly

I am trying to hook win32 API function "CreateFile" using MS Detours, but when I test it by opening a *.doc file using MS Word, The CreateFile call for DLLs and font files and directories loaded by MS Word are redirected to my detoured function but…
Ahsan Raza
  • 385
  • 2
  • 10
0
votes
2 answers

Cannot get ::WideCharToMultiByte to work

I've got a DLL for injection. This is injected via CBT-hook. Now, when the desired process is encountered via CBT, I've detoured WinAPI's ExtTextOutW with my own. The specification of ExtTextOutW is: BOOL ExtTextOutW(HDC hdc, …
nhaa123
  • 9,570
  • 11
  • 42
  • 63
0
votes
1 answer

Detour Identifier not found

I'm getting the error error C3861: 'DetourTransactionBegin': identifier not found error C3861: 'DetourUpdateThread': identifier not found error C3861: 'DetourAttach': identifier not found error C3861: 'DetourAttach': identifier not found error…
madziikoy
  • 1,447
  • 7
  • 22
  • 32
0
votes
1 answer

Deviarev2 Hook API: Hook into existing process winapi calls?

I want to use Deviare V2 API to intercept winapi calls from a test application. The problem is the hooks and the system calls are in the same process and for this reason the calls aren't intercepted. If I open separate processes for each of them…
Dan Ochiana
  • 3,340
  • 1
  • 30
  • 28
0
votes
1 answer

CreateProcessWithDLLEx-Hooked process starts but can't resume

Im trying to get a basic hook going using microsoft detours. My program is able to successfully run CreateProcessWithDllEx and inject a dll. However, I cannot seem to resume the actual hooked program. I am using notepad for testing and I can see…
emist
  • 137
  • 1
  • 2
  • 8
0
votes
2 answers

appcrash when detouring LoadLibraryA

I detoured LoadLibraryA, in order to block the function from being called into my app. It is meant to block'dll injection'. Please refer to the well-known CDetour library if you've never seen these. It hooks the load library function and even…
Vinicius Horta
  • 233
  • 2
  • 13
0
votes
3 answers

Virtual functions and detouring

I've been programming with detours lately and all that comes with it. I have detoured a lot of different functions; thiscall, stdcall, cdecl, virtual functions etc. But there is one thing I haven't managed (which might not even be possible), and…
Elliott Darfink
  • 1,153
  • 14
  • 34
-1
votes
1 answer

Why does SymInitialize() invoke CreateFile()?

Firstly, I want to hook CreateFile() and rewrite it. Then I want to recode the callstack of my new CreateFile() function. But when I use SymInitialize() to Initialize a handle, it falls into an endless loop. Through my debug, the reason is…
GuangJun Liu
  • 39
  • 7
-1
votes
1 answer

problem with detour and DLL injection Win32 Exception: 0xc0000005

I had follow Guided hacking video about How to detour. i tried to detour code that decrease armor after shoot in AssaultCube game. That piece of assembly code is (viewed in Cheat Engine): (0x004637E9)ac_client.exe+637E9 FF 0E -…
dauhuong68
  • 19
  • 1
  • 7
-1
votes
1 answer

Trying to write a DLL for wallhack usw

I'm trying to write a DLL file that I can inject into a game. I'm pretty far but when I try to compile the code I always get the error Error LNK2001 Unresolved external symbol "" unsigned char * __cdecl Detours :: X86 :: DetourFunction (unsigned…
Baba Boi
  • 3
  • 2
-1
votes
1 answer

Is there a way to improve the hooking functionality in this library

Link: https://github.com/xcvd/Detours In the Hooks.cs we call the original function. In this library it is done by reversing the bytes of the hooked address back to the original bytes. The problem here is if you have 1000's of calls every 500ms or…
Darkestkiller3
  • 1
  • 2
-1
votes
2 answers

Could I create a function based on another function at runtime?

I'm playing with Microsoft's Detours to hook api, for example, I can change what happens when MessageBoxA is called in this way: int (WINAPI* pMessageBoxA)(HWND, LPCTSTR, LPCTSTR, UINT) = MessageBoxA; int WINAPI MyMessageBoxA(HWND hWnd, LPCTSTR…
wong2
  • 34,358
  • 48
  • 134
  • 179
-1
votes
1 answer

Problem at detouring ShellExecuteEx, Any Idea?

I have a process X that I inject my DLL into to detour some functions, and make some memory patches. I need to detour ShellExecuteEx(), because this process runs other processes, and then I need to inject my DLL into the child processes, too. My…
José Armando Fuxá Núñez
  • 3
  • 3
-1
votes
1 answer

Why DetourFindFunction() fails to find the address of a function?

Microsoft's Detour FAQ documentation indirectly says that statically linked function cannot be detoured under question Why don't I see any calls to my detour of malloc? But I am able to detour my own statically linked library functions by finding…
SolidMercury
  • 973
  • 6
  • 15
1 2 3
16
17