Location:
Search - Detours api
Search list
Description: 微软提供的截取Win32 API函数的开发包和例子1.5版本
Platform: |
Size: 604983 |
Author: |
Hits:
Description: 微软提供的截取Win32 API函数的开发包和例子
Platform: |
Size: 586190 |
Author: |
Hits:
Description: 微软提供的截取Win32 API函数的开发包和例子detours-src-1.2.rar-interception of the Microsoft Win32 API function and the development kits example detours - src - 1.2.rar
Platform: |
Size: 503511 |
Author: jerry |
Hits:
Description: 利用detours库对系统API进行拦截,VC++源码
Platform: |
Size: 55974 |
Author: zzq |
Hits:
Description: 微软提供的截取Win32 API函数的开发包和例子1.5版本-SDK and example in 1.5 version of hooking Win32 API which are provided by Microsoft
Platform: |
Size: 605184 |
Author: 站长 |
Hits:
Description: 微软API截获库,该代码也包含在MSDN的例子中。-intercepted the Microsoft API, the code also included in the MSDN examples.
Platform: |
Size: 609280 |
Author: fishxz |
Hits:
Description: 我在XP下用过detour,也是用钩子将dll注入到其他进程进行API拦截,当时拦截的是 ShowWindow以及文件操作的一些API,感觉没什么问题阿.你可以先用Detour拦截一下其他的API试试,比如 CreateProcess,这个API我拦截过,Detour能拦截的
-I used the XP detour. also used to hook dll injected into other processes API interception, then intercept the ShowWindow and some file manipulation API, A feeling no problems. You can use Detour to intercept a few other API try. For example CreateProcess, I intercept the API that can intercept the Detour
Platform: |
Size: 2048 |
Author: byron |
Hits:
Description: 微软公司的拦截api开发包:
All Detours functions are compatible with all x86 version of Windows NT,
Windows 2000, and Windows XP. However, under Windows 95, Windows 98, and
Windows ME, the DetourFunction* APIS do not work unless the program is
running under a debugger (the process was created with the DEBUG_PROCESS flag
on the call to the CreateProcess* APIs). Since most programs are not typically
run under a debugger, the DetourFunction* APIs do not work for most programs
on Win9x platforms.-Microsoft's interception api development kits : All Detours functions are compatible with all x 86 version of Windows NT, Windows 2000, and Windows XP. However, under Windows 95, Windows 98 and Windows ME,* DetourFunction the APIS do not work unless the program is running under a debugger (the proces 's was created with the flag on the DEBUG_PROCESS call to the CreateProcess* APIs). Since most pr ograms are not typically run under a debugger. the DetourFunction* APIs do not work for most pr ograms on Win9x platforms.
Platform: |
Size: 529408 |
Author: 摩尔 |
Hits:
Description: 微软提供的截取Win32 API函数的开发包和例子detours-src-1.2.rar-interception of the Microsoft Win32 API function and the development kits example detours- src- 1.2.rar
Platform: |
Size: 502784 |
Author: jerry |
Hits:
Description: 微软提供的截取Win32 API函数的开发包和例子 1.5版-Microsoft Win32 API function interception Development Kit version 1.5 and examples
Platform: |
Size: 529408 |
Author: rivershan |
Hits:
Description: 开始,运行输入 sigverif
通过检查数字签名就知道是不是ms的了。
主要使用Win32API实现验证应用或驱动程
WinVerifyTrust API。如果该API被Hook有没有其他方法验证应用或驱动程序是否通过微软签名?如果仅仅是被挂钩了IAT,那么可以直接通过函数指针调用。
如果是像Detours那样用jmp改写了函数头,可以通过读取WinTrust.dll中WinVerifyTrust的实现位置,恢复函数头的机器码。
不知道使用CryptoAPI,再使用指定的Microsoft证书
是不是更好一点,不容易被欺骗
怕调api被hook的话,自己将验证的代码写出来,用openssl应该容易点。-Start, Run enter sigverif by checking the digital signature is not on the know of the ms. Win32API realize the main use of the application or driver to verify WinVerifyTrust API. If the API was Hook has no other way to verify whether the application or driver through Microsoft Signed? If merely being linked to the IAT, you can call directly through the function pointer. If it is used as the Detours as to alter the function jmp head, can be read in WinVerifyTrust Wintrust.dll realize the location, the restoration of function of the binary header. Do not know the use of CryptoAPI, and then use the specified certificate is not Microsoft a little better, not easy to be deceived by fear api tune hook, then he would write the code to verify, using openssl should be easy points.
Platform: |
Size: 200704 |
Author: 齐欢乐 |
Hits:
Description: 利用detours库对系统API进行拦截,VC++源码-Use detours library API to intercept the system, VC++ Source
Platform: |
Size: 55296 |
Author: zzq |
Hits:
Description: Detours是一强大的工具,提供了简单易用的函数接口来拦截(Hook)WIN32 API调用和为一个已在运行的进程装入一个D-Detours is a powerful tool that provides easy-to-use interface to intercept function (Hook) WIN32 API calls and as a process is already running into a D
Platform: |
Size: 63488 |
Author: sony |
Hits:
Description: 用Detours库截获CreateFileW,实现对该API的挂钩.初学者可以学习一下Detours库的调用使用方法.-Intercepted using Detours library CreateFileW, realize the linkage of the API. Beginners can learn about Detours library calls to use.
Platform: |
Size: 2916352 |
Author: wxb |
Hits:
Description: 使用detours拦截Windows API-The use of detours to intercept Windows API
Platform: |
Size: 4886528 |
Author: lb |
Hits:
Description: 能截获Windows API的代码,并引入你自己的程序,欢迎下载-Capable of intercepting Windows API code, and to introduce your own program, please download the
Platform: |
Size: 561152 |
Author: 赵磬 |
Hits:
Description: 截取所有系统API,需要DDK。挺久的一个MS的系统编程示例。-Intercept all system API
Platform: |
Size: 358400 |
Author: lufei |
Hits:
Description: 一个使用detours进行API拦截的程序,使用VC++ 6.0开发。-a program using detours to hook windows apis.
Platform: |
Size: 46080 |
Author: hailongxl |
Hits:
Description: 微软的API拦截的函数库,detours教材,适用于WindowNt系统-detours API
Platform: |
Size: 605184 |
Author: asa |
Hits:
Description: detour源码,hook使用,但是我自己的程序hook了,但是其他程序没有用-detour source code,used to hook api
Platform: |
Size: 843776 |
Author: hehe |
Hits: