Thread: adding code to kernel32.dll
View Single Post
  #10  
Old 01-13-2005, 19:37
omidgl omidgl is offline
Friend
  
Join Date: Jul 2004
Posts: 86
Rept. Given: 10
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 0
Thanks Rcvd at 5 Times in 5 Posts
omidgl Reputation: 4
amigo :
I don't know what you are going to do by that change. But maybe there are some cleaner ways to do that.
If you are going to change some API behavior or execution... Then it's better to use a filter between Kernel32.dll and Ntdll.dll (Using API redirection/SPYing), so that you can take the control and do what you want to response to API calls from User-Mode programs and return them what you want. By using that method you can remove yourself at any time and take back the system behavior to its normal state.

Regards
OMID
Reply With Quote