Highest Voted 'detours' Questions

22

votes

4 answers

How does Microsoft Detours work and how do I use it to get a stack trace?

I am new to Microsoft Detours. I have installed it to trace the system calls a process makes. I run the following commands which I got from the web syelogd.exe /q C:\Users\xxx\Desktop\log.txt withdll.exe /d:traceapi.dll C:\Program…

windows detours

asked Dec 22 '10 at 09:00

Bruce

33,927
76
174
262

10

votes

1 answer

Microsoft Detours - DetourUpdateThread?

I have a few quick questions about the Microsoft Detours Library. I have used it before (successfully), but I just had a thought about this function: LONG DetourUpdateThread(HANDLE hThread); I read elsewhere that this function will actually suspend…

c++ windows multithreading detours

asked Apr 14 '10 at 10:30

pault543

201
2
7

9

votes

6 answers

What is the recommended way to hook Win32 APIs for a commmercial application?

What is your recommendation for an API hooking library or code to be used in a commercial application? I have looked at Microsoft Detours which seems to be very good, but definitely is out of budget for the profit I am expecting out of my…

winapi api hook detours

asked Jul 06 '09 at 17:13

user133790

8

votes

1 answer

Detouring and GCC inline assembly (Linux)

I'm programming extensions for a game which offers an API for (us) modders. This API offers a wide variety of things, but it has one limitation. The API is for the 'engine' only, which means that all modifications (mods) that has been released based…

linux gcc assembly hook detours

asked May 02 '12 at 19:08

Elliott Darfink

1,153
14
34

7

votes

3 answers

What is the point of VirtualProtect when any process, including malware, can use it?

I understand that the VirtualProtect function changes the permissions on a page in memory without question. Surely this ends up with no immediate purpose when any running process is able to use it? For example, someone could easily write a piece of…

c++ c memory hook detours

asked May 04 '15 at 14:06

Timothy Hanes

297
1
5
17

7

votes

2 answers

C++ Function Hook (memory address only)

I have a memory address, its the memory address of a function in another program (one of its dlls). I am already loaded into the program via DLL injection. I already have the bass address, and the actual location of the function each time the…

c++ hook detours

asked Oct 23 '12 at 08:22

User

659
2
12
29

6

votes

2 answers

Detours Hook in external process for "empty" function does not work

Im hooking functions in an external process via their function offset. That works well for the functions im hooking so far - however i have found a "debugLog(char...)" function that still exist in the binary but doesnt do any printing - it looks…

c++ assembly detours

asked Aug 20 '11 at 11:29

Steve

738
1
9
30

6

votes

5 answers

Detours alternative for Registry interception

I'm looking for a way to intercept and redirect reads to a certain registry keys. Naturally, Detours can do it. But I need it for a commercial application and MS $10K license fee is a bit too steep. Are there any alternatives ?

windows winapi registry detours

asked Feb 04 '11 at 07:37

Demiurg

1,597
8
26
40

6

votes

0 answers

Need to call original function from detoured function

I'm using Detours to hook into an executable's message function, but I need to run my own code and then call the original code. From what I've seen in the Detours docs, it definitely sounds like that should happen automatically. The original…

c++ hook detours

asked Mar 23 '10 at 00:31

ssube

47,010
7
103
140

6

votes

1 answer

C++ and FULLY dynamic functions

I have a problem with detours. Detours, as you all know, can only move among 5 bytes of space (i.e a 'jmp' call and a 4 byte address). Because of this it is impossible to have the 'hook' function in a class (a method), you cannot supply the 'this'…

c++ assembly this detours cdecl

asked May 04 '12 at 15:17

Elliott Darfink

1,153
14
34

5

votes

2 answers

C++ - Detours WinSock Hooking

What I am trying to do is use the Detours library to hook into an applications WinSock2 send() and recv() functions (a packet logger). While it does work for the send() function, it does not, however, work for the recv() function. Here is my…

c++ winsock recv hook detours

asked Apr 29 '09 at 13:13

xian

4,657
5
34
38

5

votes

2 answers

Hooking GetTickCount with C++

I'm not great at C++, more of a C# and PHP guy. I've been assigned a project that requires me to use GetTickCount and hooking into an application. I need some help as for some reason it's not working as planned... Here is the code for hooking, I…

c++ winapi hook detours gettickcount

asked Jan 28 '11 at 01:23

E3pO

493
1
9
21

5

votes

1 answer

Hook a managed method at runtime in c#

I have a sealed class with a public method inside an assembly, I would like to add a logging system but unfortunatley I don't have the sources. So I was trying detour this method on a specific logging method and calling the original one on exit. The…

c# methods hook managed detours

asked Feb 04 '16 at 16:47

Luca Bottani

93
1
9

5

votes

2 answers

Compilation of detours on vs2012 (Windows 8.1)

Using the visual studio 2012 command tools (i.e. in the 'native tools command prompt' command console) I have run vcvars32.bat, and navigated to *c:\program file(x86)\Microsoft Research\Detours Express 3.0*. On running nmake in this directory, it…

visual-studio-2012 nmake detours

asked Feb 06 '14 at 00:35

wibble

635
1
5
16

4

votes

2 answers

Compiling Microsoft Detours for 64-bit

The detours package claims to support 64-bit but I don't see a way to compile 64-bit binaries: Detouring 32-bit and 64-bit Processes Using nmake all compiles only 32-bit stuff: >dir Volume in drive D is Volume Volume Serial Number is XXXX-XXXX …

c++ windows visual-studio detours

asked Jun 23 '18 at 18:32

BullyWiiPlaza

17,329
10
113
185

Questions tagged [detours]