Stack Overflow
Stack Overflow

Questions tagged [easyhook]

Use this tag when your code uses the EasyHook open-source library that supports hooking unmanaged APIs with managed code.

Use this tag when your code uses the EasyHook open-source library that supports hooking unmanaged APIs with managed code.

EasyHook makes it possible to extend (via hooking) unmanaged code APIs with pure managed functions, from within a fully managed environment on 32- or 64-bit Windows. EasyHook supports injecting assemblies built for .NET Framework as well as native DLLs.

108 questions
3
votes
1 answer

Windows - How can I inject code in the kernel of a application before it starts?

I want to make a malware analysis software and I have to inject code into different kernel32 functions of the process, like Sleep to overwrite any sleeps the malware attempts to make, ExitProcess to dump the memory before getting the process killed…
user7111260
3
votes
1 answer

EasyHook is not intercepting any recv calls

I have been trying to hook calls to 'recv' from Chrome and Firefox using EasyHook. However, this isn't working - it does not fail with any errors, but also no packets are being caught. I have tried the example program with 'CreateFile' hooks, and…
user5182794
3
votes
1 answer

EasyHook Inject - ArgumentException "The given 32-bit library doesn't exist"

I'm trying to inject a dll using EasyHook's RemoteHooking.Inject(pid, InjectionOptions.Default, debug_dllPath_32, debug_dllPath_64, channel); Unfortunately this throws an ArgumentException "STATUS_INVALID_PARAMETER_4: The given 32-Bit library does…
coffeeandtv
  • 33
  • 3
3
votes
2 answers

Unload injected DLL by EasyHook

I have tried to inject the DLL into another process by using EasyHook, but when the host process is shut down, the EasyHook and other injected DLLs are still in process. Does anyone know how to unload them from target process? Thanks.
duongkha
  • 71
  • 6
3
votes
1 answer

Easyhook 32 bit application

I'm using EasyHook to intercept registry calls. In more detail, I use RegQueryValue to intercept the call that reads a key from registry and change its value with something else. The relevant code looks…
L-Four
  • 13,345
  • 9
  • 65
  • 109
3
votes
0 answers

Hooking Windows text draw APIs

I am trying to hook all draw text APIs in Windows by hooking TextOut,DrawText,ExtTextOut, BitBlt. However, I see that there is strange thing that it is not consistent between machines. I see the the draw text APIs in some machines by my tool as well…
duongkha
  • 71
  • 6
3
votes
0 answers

Can't hook ICorJitCompiler:compileMethod from Managed Code whith EasyHook

I've been trying for long now to hook ICorJitCompiler:compileMethod from Managed Code in v4.0 using EasyHook LocalHook.Create. I've obtained the function pointer from unmarshalling an structure like this: public static class NativeJitInterop { …
Manfred Diaz
  • 31
  • 1
2
votes
1 answer

How to Unregister EasyHook.dll, EasyHook64.dll, and EasyLoad64.dll

I'm using EasyHook dlls & performing DoDragDrop API hooking, everything is working fine, but how to release following 3 dlls 1.EasyHook.dll 2.EasyHook64.dll 3.EasyLoad64.dll these dlls are hooked to explorer.exe even after closing my application,…
Krish
  • 376
  • 3
  • 14
2
votes
3 answers

Easyhook fires "Unable to install assembly in the GAC" error on vs2010

I'm still trying to run my easyhook exercize. right now, i get this error: System.ApplicationException: Unable to install assembly in the GAC. This usually indicates either an invalid assembly path or you are not admin. at…
kaharas
  • 597
  • 2
  • 17
  • 39
2
votes
0 answers

hooking DoDragDrop() function from Ole32.dll library using EasyHook

"Ole32","DoDragDrop" function Hooking to the explorer is successful but whenever i drag a file in explorer my DoDragDropHook function is not calling, am new to the hooking concepts and i trying for this from last 3 months but till now no proper…
Dilip
  • 21
  • 2
2
votes
1 answer

EasyHook and communication

Using EasyHook I have set up the following structure: APP <--> Interface <--> DLL I am trying to run some code inside the injected DLL when I press a button in the APP. I managed to get the DLL to send messages outside using this…
Eliza
  • 23
  • 3
2
votes
1 answer

EasyHook - CRT Debug Assertion Failed - "Buffer too small"

I have an injector which calls the following (abridged) code: var processes = Process.GetProcessesByName("target"); /* ... */ var process = processes[0]; /* ... */ process.Kill(); RemoteHooking.CreateAndInject(process.MainModule.FileName,…
Christian Ivicevic
  • 10,071
  • 7
  • 39
  • 74
2
votes
0 answers

How do I use EasyHook to change a System.Management method's result?

I've been working on making a C# DLL which to be injected into a specific target application which is also written in C#. The goal is to manipulate the output of several functions of the .NET framework. I was successful in changing the value of…
HoLLy
  • 31
  • 1
  • 7
2
votes
0 answers

Hook URL-Navigating with Run (Win + R) method?

Is there any way to hook specific URL navigating with "Run" method (Win + R)? It means, if user opened "http://osu.ppy.sh/b/000000" with something like Process.Start() or etc, then my application cancel Browser navigating, and doing some stuffs…
MineSky
  • 97
  • 1
  • 11
2
votes
2 answers

How to convert c++ QString parameter to c# string

I'm trying to hook the QPainter::drawText function in another application by injecting my DLL and detour the QPainter::drawText function to my own application. I'm doing this because the other application does not expose a usable API and I want to…
Bart van der Vliet
  • 21
  • 6
1
2
3 4 5 6 7 8