From: memger on 8 Oct 2008 19:18 mikfig wrote: > Just a newbie win32 coder question? Are hooks what is used for > programs like trainers, process managers, etc to "hook" onto a > process? > in this context, hooks refer to the concept of redirecting control flow from e.g. proprietary APIs to a replacement function. You could for instance hook into the CreateFileA/W of a given process in order to block it from opening certain files (although its impossible to implement this securely in usermode only). For an example on how it works see http://newgre.net/node/5 or read the detours paper available from MS research: http://research.microsoft.com/~galenh/Publications/HuntUsenixNt99.pdf
From: mikfig on 9 Oct 2008 18:10 On Oct 8, 4:18 pm, memger <Dr.Schwa...(a)evilscientists.de> wrote: > mikfig wrote: > > Just a newbie win32 coder question? Are hooks what is used for > > programs like trainers, process managers, etc to "hook" onto a > > process? > > in this context, hooks refer to the concept of redirecting control flow > from e.g. proprietary APIs to a replacement function. You could for > instance hook into the CreateFileA/W of a given process in order to > block it from opening certain files (although its impossible to > implement this securely in usermode only). For an example on how it > works seehttp://newgre.net/node/5or read the detours paper available > from MS research:http://research.microsoft.com/~galenh/Publications/HuntUsenixNt99.pdf Hmm...interesting. Thanks
First
|
Prev
|
Pages: 1 2 Prev: OleCreatePictureIndirect doesn't like 32bpp icons?! Next: Help with SetupInstallFromInfSection |