Stack Overflow
Stack Overflow

Questions tagged [detours]

This tag is about the Microsoft Detours library for intercepting arbitrary Win32 binary functions on x86, x64, and ARM machines.

Detours is a library for intercepting arbitrary Win32 binary functions on x86, x64, and ARM machines.

245 questions
1
vote
1 answer

Detouring and using a _thiscall as a hook (GCC calling convention)

I've recently been working on detouring functions (only in Linux) and so far I've had great success. I was developing my own detouring class until I found this. I modernized the code a bit and converted it to C++ (as a class of course). That code is…
Elliott Darfink
  • 1,153
  • 14
  • 34
1
vote
1 answer

Detours capture texture

There is a racing game, I need to collect telemetry and statistics. And to add an additional HUD I compiled the Detours. And could make the hook to change the name of the application window.Like: LRESULT (WINAPI * TrueSendMessageW)(HWND hWnd, UINT…
Echeg
  • 2,321
  • 2
  • 21
  • 26
1
vote
1 answer

Where inside injected DLL to loop?

So I've got an application that starts another application with my DLL injected (with Detours). The entry point is DllMain. I can't do much from DllMain, and certainly cannot loop. So how do I call my DLL monitor functions every x seconds? I read…
Eric
  • 3,773
  • 3
  • 29
  • 29
0
votes
2 answers

Lnk error 2019 and 1120

I am having trouble building the solution for detours. I am getting errors like: error LNK2019: unresolved external symbol _DetourCopyInstruction@20 referenced in function _DetourAttachEx@20 and error LNK1120: 1 unresolved externals. What…
SLOVAK81
  • 43
  • 5
0
votes
1 answer

Copy contents of a routine to another location in memory

I want to copy the routine code in memory to another location. For e.g. procedure OldShowMessage; begin ShowMessage('Old message..'); end; Say i want to copy the routine to another location in memory. I have declared something like var …
Rahul W
  • 833
  • 11
  • 26
0
votes
1 answer

Reducing non-determinism with Detours?

I was wondering if it is possible to use hooking (like Detours) to remove non-determinism in an arbitrary application. We can assume single-thread applications (to ignore non-determinism caused by races and scheduling). My first guess was to…
cloudraven
  • 2,484
  • 1
  • 24
  • 49
0
votes
1 answer

How to use Detour hook and modify C++ console (cout) output?

Print.cpp #include #include int main() { while (true) { std::cout << "Hello World!\n"; Sleep(500); } } Hook.cpp #include "pch.h" #include #include #pragma…
Relaxing
  • 33
  • 4
0
votes
0 answers

Is there the way to add an extra custom code before jump instruction while using MS Detours?

As known, MS Detours library copies a few set of starting instructions of the hooked function to the trampoline, and places the jump instruction to hook function. I need to add some extra custom code before this jump. Is there a legal documented way…
Alex Martynov
  • 1
  • 1
0
votes
0 answers

Python for windows api hooking

Is it possible to write the Windows API hook / DLL injection in Python (in conjunction with MS Detours or Easyhook as a framework)? I can't find really information about it, it seems that most of the people has written this code in C++ or C#?
Questions123
  • 25
  • 5
0
votes
0 answers

API call hooking with Detours/Inline hooking

I want to hook certain API calls, e.g. CreateFile (or NtCreateFile if I hook ntdll.dll), but there are some issues. I can use several methods to achieve this goal, e.g. DLL injection, Inline hooking etc. But I think the most pragmatic way would be…
Moooz
  • 15
  • 5
0
votes
1 answer

Hooking NtWriteFile with MS Detours

I try to hook into NtWriteFile. Below you find a stripped version of the code I wrote for a dll. The idea is to load the resulting dll with the withdll.exe of MS Detours. With some debugging I found that MyNtWriteFile gets indeed called but then…
johannes
  • 11
  • 2
0
votes
0 answers

Memory reading not working when hooking WIN32 API functions

I'm trying to inject the DLL into my other program and hook the win32 API function SetConsoleTitle so I can read what parameters are being passed. Everything seems to work except that the strings appear to be unreadable. When I was hooking my…
cevapikodferhatovica
  • 1
  • 2
0
votes
0 answers

I want to hook win32API CreateFileW by detours and print callstack information captured by CaptureStackBackTrace

I use detours to hook win32 api CreateFile and use CaptureStackBackTrace to get callstack information. and then resolve symbol by SymFromAddr api. but the result shown in terminal is only error 126 and error 184. And I only invoke ShowTraceStack…
GuangJun Liu
  • 39
  • 7
0
votes
0 answers

How to hook according WMI function in fastprox.dll?

Below is a block of C# code , I want to hook (ms-detours) the enumerating part: var wql=new WqlObjectQuery(queryString); using(var searcher =new ManagementObjectSearcher(scope,wql)) { using(var records=searcher.Get()) { **foreach(var record…
H Marcus
  • 21
  • 4
0
votes
1 answer

unresolved external symbols in Detours Library? (Detours::X64::DetourFunction, Direct3DCreate9)

so i was following along an dll injection tutorial on yt, and it gave me some errors when trying to compile. 1.unresolved external symbol "unsigned __int64 __cdecl Detours::X64::DetourFunction(unsigned __int64,unsigned __int64,enum…
dead gunner
  • 35
  • 5
1 2 3
16 17