Stack Overflow
Stack Overflow

Questions tagged [detours]

This tag is about the Microsoft Detours library for intercepting arbitrary Win32 binary functions on x86, x64, and ARM machines.

Detours is a library for intercepting arbitrary Win32 binary functions on x86, x64, and ARM machines.

245 questions
2
votes
2 answers

WriteFile hook doesn't catch writing to file operation

I have an app, which writes to files some text data. What I'm trying to do is to hook the writing process. I hooked with MS Detours, CreateFile, WriteFile and WriteFileEx functions. CreateFile catches creation/opening of these text files properly,…
Jakub Matczak
  • 15,341
  • 5
  • 46
  • 64
2
votes
1 answer

Detours - Hooking a Classes Member Function - Syntax for setting function offset of target?

For non class functions - I can simply declare the offset of the function to be detoured like: typedef int (_cdecl* SomeFunc)(char* pBuffer, int size); SomeFunc Real_SomeFunc = (SomeFunc)(0xCAFEBABE); ... DetourAttach(&(PVOID&)Real_SomeFunc,…
Steve
  • 738
  • 1
  • 9
  • 30
2
votes
1 answer

My trampoline won't bounce (detouring, C++, GCC)

It feels like I'm abusing Stackoverflow with all my questions, but it's a Q&A forum after all :) Anyhow, I have been using detours for a while now, but I have yet to implement one of my own (I've used wrappers earlier). Since I want to have complete…
Elliott Darfink
  • 1,153
  • 14
  • 34
1
vote
1 answer

Hook statically linked "malloc" function family

I am using Detours to hook malloc/free of any target .exe without the access of its source code. I have succeeded in hooking malloc/free which are dynamically linked from the .exe. I'm wondering whether Detours can be used to hook statically linked…
Infinite
  • 3,198
  • 4
  • 27
  • 36
1
vote
2 answers

Having trouble with microsoft detours

I'm trying to do some basic hooking with microsoft detours and I can't get it to work. I've used essentially the code that was posted in this thread: How can I hook Windows functions in C/C++? but no dice. I updated the send/receive functions in the…
Paavan M
  • 41
  • 1
  • 7
1
vote
0 answers

Is there a way to pass a file path with unicode characters to a function that only takes ANSI characters in C++?

TL;DR I'm trying to pass the path to a file (e.g. DLL), which contains unicode (UTF-16) characters, to a C++ function, which only supports the "A" variant, so it takes only ANSI characters. More precisely it's DetourCreateProcessWithDllEx resp.…
sp00n
  • 1,026
  • 1
  • 8
  • 12
1
vote
1 answer

Why is my detoured code, crashing with a NOP

Hi this is my first question so please treat me gently.I am detouring an exe, using MS detours and Visual Studio 2005, my dll gets loaded and my hook works a treat however when I try to extend my hook code something is going wrong and the whole…
Infromthecold
  • 43
  • 7
1
vote
1 answer

stack overflow, when i using Detours to intercept CreateFileW

i want to intercept win32 api CreateFileW, but i meet an error "stack overflow". i don't know what happend, can someone help me? error: Exception thrown at 0x00007FFA76204170 (KernelBase.dll) in detoursExample.exe: 0xC00000FD: Stack overflow…
GuangJun Liu
  • 39
  • 7
1
vote
1 answer

Microsoft Detour - Hook Function with an assembler "call" instruction

The first question on this board and already a pretty long one - i'm sorry for that (and hereby thank you all for the great tips i got from this platform). I'm trying to hook several functions (it's more or less plugin code, so the function I want…
TechMuc
  • 13
  • 1
  • 4
1
vote
1 answer

How to hook/convert __userpurge func to __stdcall or __cdecl?

Know anybody something about hooking __userpurge type of functions? I hooking successfully __thiscall, __stdcall, __cdecl, __usercall. How to hook this type of functions using translation to __stdcall or __cdecl? Function who i must hook at first…
Svisstack
  • 16,203
  • 6
  • 66
  • 100
1
vote
1 answer

c++ function hook(dll, asm)

I program a dll. In this dll, I want to hook another dll's function loaded into memory. This is the result of many hours of work: typedef int (__fastcall *def_cry)(int a,int b,int fromlen); def_cry Real_cry; int __fastcall custom_cry(int a,int b,int…
asm
  • 41
  • 2
1
vote
1 answer

How to include Microsoft detours library in visual studio

I am trying to use the detours library in a visual studio empty windows project. I cloned the repository (https://github.com/microsoft/Detours), I added the include directory into Project Properties / C/C++ / Additional Include Directories, and I…
Dyskord
  • 365
  • 5
  • 14
1
vote
1 answer

C++ function hook inside source code of DLL

I have the source code from a C++ DLL. This DLL is part of an applicaton. I want to hook a function loaded in memory by another DLL, so that my hooked function gets called by all other DLL's instead of the original function. I put this code in my…
captain hook
  • 11
  • 1
  • 2
1
vote
0 answers

Trampoline Hook GetVolumeInformationW on a simple HWID lock

I'm trying to hook GetVolumeInformationW on a simple HWID lock using trampoline hook to return a specific value for serial number(123456789). When I inject the dll the program crashes instantly. I tried to start hwid lock also from the programs 86…
justjoking
  • 11
  • 1
1
vote
1 answer

Why won't Vcl.Styles (RRUZ) install with Detours in Delphi 10.4.1 (latest)

I've just installed a new VM for Delphi 10.4.1 Sydney. My install path for Detours is C:\XE10\Detours My Install path for Vcl.Styles is C:\XE10\Styles Demos for the Detours work fine, but i noticed that the Detours unit is called "DDetours.pas"…
michael s.
  • 11
  • 1
1 2 3
16 17