This is my first post in stackoverflow, eventhough I'v been reading here for more than a year.
I would like to ask some questions about function hooking, and would be really glad to have some answers. Say I created an executable and I would like to hide it in the list of the task manager so it would be invisible. I could hook the function in the task manager that is in charge of displaying all the running processes. I know that in order to do such a thing I would need to start by injecting my own DLL to taskmgr.exe, and taking over the required function using one of many techniques.
My question are the following:
1.How could I get the name of my requested function ? Would I disassemble taskmgr.exe and search there ? I would like to hear a little more about techniques from this kind.
2.Say I know my function name, how could I get its run time address in order to invoke my hook ? Is the address I will find while disassembling the exe the same as the run time address ? If not, how would I find it ?
3.A general question about hooking functions, Say I hook windows messagebox function, and would override it so that each message that should be printed would print "ABCDEF", Would that affect each process that uses the messagebox function or only my process ? Would love to get an explanation about this issue.
Thanks alot in advance :)
Michael.
