Highest Voted 'detours' Questions

4

votes

5 answers

Can I redirect .NET method calls to a new method at runtime?

Suppose I have the following .NET classes: public class C { public void M() { .... } } and public class D { public void N() { .... } } These 2 classes reside in different namespaces, in different assemblies.…

.net hook detours

asked Jun 29 '10 at 22:49

user90784

4

votes

2 answers

How Delphi Interop with Detours Library?

I'm looking for Delphi samples, but I can find only the C++ sample codes. For example, how to define the below hook in Delphi? DETOUR_TRAMPOLINE(int WINAPI SetScrollInfoT(HWND, int, LPCSCROLLINFO, BOOL), SetScrollInfo)

delphi detours

asked Mar 02 '13 at 06:31

Leo.W

299
1
7
21

3

votes

3 answers

Inject sleep() into a function of an external process

I know how to inject a DLL into a running process and also how to utilize functions used internally by the process e.g. void__stdcall remoteMethod(unsigned short id) { typedef void (__stdcall *pFunctionAddress)(unsigned short); pFunctionAddress…

c++ c dll inject detours

asked Aug 19 '11 at 15:25

Steve

738
1
9
30

3

votes

3 answers

C++/Windows API - Unable to find CreateWindow

Here's the start of my program in Visual C++ 2010 Express: #pragma comment(lib, "detoured.lib") #pragma comment(lib, "detours.lib") #include #include HWND (WINAPI *pCreateWindow)(LPCWSTR lpClassName, …

c++ c winapi detours

asked Mar 23 '11 at 21:20

MikeRand

4,788
9
41
70

3

votes

2 answers

How to hook usercall, userpurge (__spoils) functions?

Know anybody something about hooking __usercall type of functions? I hooking successfully __thiscall, __stdcall and __cdecl calls but this is enough for me. Know anybody hooking library for __usercall's or how to hook this type of functions using…

c hook reverse-engineering detours usercall

asked Nov 04 '10 at 16:45

Svisstack

16,203
6
66
100

3

votes

0 answers

what happened to microsoft detours, it's not working

This code compiled and worked a few years ago. It doesn't work anymore, and I'm still using detours v2.1, I've only upgraded the compiler from (I believe) VS 2010 to now (2013 & 2015). Note that I'm adding a hook at the middle of a function, not at…

c++ detours

asked Jun 14 '16 at 06:26

Gam

1,254
1
9
18

3

votes

2 answers

Microsoft Detours - unable to hook __thiscall function

I am trying to hook an undocumented function which has the signature: (void(__thiscall*)(int arg1, int arg2))0x6142E0; I have looked at the detours sample "member" where it explains: By default, C++ member functions use the __thiscall calling …

c++ assembly x86 detours

asked Dec 15 '15 at 23:19

Michael

892
2
10
28

3

votes

2 answers

Preventing a DLL file from loading into my process via MS Detours

I'd like to prevent a specific third-party DLL file from loading into my application's process at runtime. My initial attempt at this was using the MS Detours product. I have a 32-bit MFC application running on Windows 10 64-bit. I tested with the…

c++ windows hook dll-injection detours

asked Dec 09 '15 at 21:29

Nerdtron

1,486
19
32

3

votes

1 answer

C - Calling functions from external process without exported functions

I am trying to figure out how I can call a function without having it being exported. Okay so I have an exe file with "add" defined in it, This exe is a win32 console application and loads a DLL. The DLL also aims to use the add function from the…

c windows winapi external-process detours

asked Aug 01 '10 at 03:17

Tr41n

93
1
7

3

votes

1 answer

PE Format: Why the IAT can be empty, and a MS detours myth

To my knowledge the import address table (IAT) is a table of import functions. But lately I found that in some executables the IAT is empty: in IAT's directory, both VirtualAddress and Size are zero. To my surprise, An executable without IAT could…

portable-executable dll-injection detours

asked Nov 15 '15 at 15:47

amanjiang

1,213
14
33

3

votes

0 answers

MS Detours - DetourAttach on GetTickCount fails with ERROR_INVALID_BLOCK

I've been bumping my head against this for a while now. I've been using Microsoft Detours successfully except for this one case. I'm trying to hook WINBASEAPI DWORD WINAPI GetTickCount(VOID); from Kernel32.dll. DetourAttach always returns…

winapi hook detours

asked Sep 16 '15 at 07:15

RileyLabrecque

137
3
12

3

votes

1 answer

c++ d3d hooking - COM vtable

Trying to make a Fraps type program. See comment for where it fails. #include "precompiled.h" typedef IDirect3D9* (STDMETHODCALLTYPE* Direct3DCreate9_t)(UINT SDKVersion); Direct3DCreate9_t RealDirect3DCreate9 = NULL; typedef HRESULT…

c++ vtable hook detours direct3d

asked Mar 01 '10 at 17:56

Mango

97
1
6

3

votes

1 answer

Hooking ExtTextOut returns unexpected results

I'm trying to inject a dll into a software in order to detour it's ExtTextOut function. The injection and detouring works great (I'm using Microsoft Detours), but when I try to modify the ExtTextOut function, everything goes wrong. Here is my…

c++ winapi detours

asked Jan 16 '14 at 16:44

MyUsername112358

1,320
14
39

3

votes

0 answers

Detour on winsock recv doesn't return anything

I injected a dll into a server because I needed to block some bad packets that the server isn't discarding. Snippet from my code: #pragma comment(lib, "detours.lib") #pragma comment(lib, "Ws2_32.lib") #pragma comment(lib, "Mswsock.lib") (...) int…

c++ dll detours

asked May 09 '13 at 18:59

zikdaljin

95
2
5
14

3

votes

2 answers

C++ -- Detours (Win32 API Hijacking) -- Hijack Class Methods

I had no problems hijacking function with Detours for a long time... When I tried to hijack class methods (in my case IHTMLDocument2::write from mshtml.dll) I encountered endless problems (mainly type mismatching). As I didn't find any relevant…

c++ detours

asked Oct 25 '09 at 22:29

zakk

375
1
4
14

Questions tagged [detours]