Microsoft Detours Pro v3.0
 

After a couple of request on pm i have decided to share it with community.

Detours Professional includes support for either 32-bit or 64-bit processes on x86 and other Windows-compatible processors.
Detours 3.0 includes the following new features over Detours 2.x:
Support for 64-bit code on x64 and IA64 processors (Professional Edition only).
Support for all Windows processors (Professional Edition only).
Removed requirement for including detoured.dll in processes.
Compatibility improvements for detouring APIs used by managed-code (MSIL) programs, especially on x64 processors.
Addition of APIs to enumerate PE binary Imports and to determine the module referenced by a function pointer.

Password is easy to get, i didn't wanted to be just copy paste.

Is it the same share here before? Right?

http://forum.exetools.com/showpost.php?p=102344&postcount=5

both

// Microsoft Research Detours Package, Version 3.0 Build_316

Yep, didn't notice that its all ready on forum.
Anyway now will be easier to find.

And even easier downloading here
http://ul.to/bs1r1j9j

For those who are like me member of this forum for 10+ years, and still don't have privilege to download attachments.
Come on, change these ridiculous policies. All it does is harm the forum. People seek other places to download.

any mirror? ul.to isnt accessible here

http://rghost.net/6qR6LYxv5

this detours source code?

Yes, Detours does not come precompiled in any edition. This includes the 32bit and 64bit code.

I have only used to Detours 1.5 before, and the documentation for 3.0 isn't great. So in case anyone struggles:

Retouring works the same, call DetourDetach as opposed to DetourAttach/DetourAttachEx

IChooseYou, that pushed me in a better direction with as you say lack of documentation in 3.0

Here is an example of hooking Win32 API without a trampoline since they are not always needed:
(Error checking code omitted for ease of reading.)

so good.

I got detours 3 source code from the open source .net framework code, but there is a nasty typo bug...and finally microsoft removed the leaked code form their open source site.

Yes. It's a really ridiculous policy.

Is it the password? It is not working for me

use this online site to decode bin to text

http://www.roubaixinteractive.com/PlayGround/Binary_Conversion/Binary_To_Text.asp

What is the correct password? It didn't work too !:confused:

I don't understand why he made it complicated. It seems b30wulf likes puzzles so much !

r9+LM+PWhcRk>'Q"Kghe is corect for me
use winrar v5.xx to desarchive from www.rarlab.com

Oh, mine was v5.00 beta 8.
Now the file was decompressed.

Yeah that is the password, but rather a different form of the password.

Hint: A solid, liquid or gas are just different forms of a substance :)

I am also pretty sure this is incomplete, going by what is in the express package. Thanks for the share anyway.

complicated? not so much I guess :)

Here is a bit of a Frankenstein package. I combined the pro from here with bits out of the express package to get a "more complete" pro version (i.e including syelog).

Hopefully it will be useful, and is the 2nd best thing to a full pro package :).

Download:
Password attached. Please don't just mirror the file/password.

I am fairly certain x amount of posts allow you to download...

source code for static libraries
 

But are the .lib files with source code as well?

It appears in the professional edition, they include pre-compiled libs. This was not the case in their past releases of Detours. So that was my mistake. I don't use/need the professional version of this so I never bothered to download and check the files included. I just went based on their previous releases in the past.

Hello

Any chance to download it without password?
I have no permission to access to donwloads.

Regards,

MinHook - The Minimalistic x86/x64 API Hooking Library for Windows
https://github.com/TsudaKageyu/minhook

Might be useful for someone looking for something similar to detours.

Detours Version 3.0 Build 341

https://www.microsoft.com/en-us/down....aspx?id=52586

Date Published:
6/12/2017

What happened to Detours? Now there is Detours Version 3.0 Build_343 which seems to include Pro features (and there is no mention of the Express version)

https://www.microsoft.com/en-us/download/details.aspx?id=52586

Try to download it - there is "Detours Version 3.0 Build_343" with x64 and ARM support
Previous version I had was restricted and was named "Express Version 3.0 Build_339"

When I download this I am getting a 512 KB file. I think that the .lib , includes and binaries folders are missing from this pack.

The "usual" Pro version should be around 8 MB in size if I recall correctly.

Detours Pro build 316(from this topic) is 218kb(rar), unpacked version is about 1MB
Express version doesn't include .lib, but includes many samples instead

The main reason why I asked is that in previous versions there were regions like
which are replaced by working code now, e.g.
Although it has always been this way:
Does this mean that these features are now supported in Detours Express?
I have no access to my working PC right now so I can't check it, can someone try to compile it?

It does appear that the newest express edition includes the 64bit features of Pro. Not sure if that is intentional or not since they did not include any info on the updates and did not update the MSDN page to include this change. Could have been an accidental release of the wrong package.

Looks like Microsoft has published the Detours 4.0.1 source code and relicensed it under MIT:

https://github.com/Microsoft/Detours

Looks like this includes the 64bit code as well so seems to be intentional. Guessing they gave up trying to sell it with all the free hooking libs out now that support both 32bit/64bit.

But I guess it is still the best lib in terms of completeness and documentation.

Best is subjective and opinion based. There are a lot of detouring libraries made by various people that are free, open source, and support both 32bit and 64bit which you can find via Google. MS Detours was one of the first more or less publicly used ones for a while, but there are better ones available and for free.

MS used to charge a lot of money for the 64bit version of this library, which is why a bunch of others decided to code their own and then share them for free.

Something else to keep in mind is that MS Detours is detected by a lot of anti-cheats and other protection setups as it is a commonly used library, so you may run into detection issues depending on what you use it for. Some anti-virus' will also flag things that use it.

ARM/ARM64/IA64 supported, plus X86/X64 ! Marvelous!