#1
|
|||
|
|||
x86 Inline hooking engine (using trampolines)
BasicHook is x86 Inline hooking engine (using trampolines)
Hooks functions using 32-bit relative jump, writing is done atomically to avoid race conditions. Uses hde32 from instruction length disassembly. PHP Code:
|
The Following User Gave Reputation+1 to sh3dow For This Useful Post: | ||
niculaita (02-13-2015) |
#2
|
||||
|
||||
Another similar project is MinHook:
Code:
https://github.com/TsudaKageyu/minhook |
The Following User Says Thank You to atom0s For This Useful Post: | ||
nimaarek (09-09-2017) |
#3
|
|||
|
|||
Today¡¯s post presents several ways of API hooking under the x86 instruction set.
Inline Hooking for Programmers A lot of my articles have been aimed at giving a high-level insight into malware for beginners, or those unfamiliar with specific concepts. Today I've decided to start a new series designed to familiarize people with malware internals on a programming level. |
The Following User Gave Reputation+1 to For This Useful Post: | ||
niculaita (02-13-2015) |
The Following User Says Thank You to For This Useful Post: | ||
sh3dow (10-01-2015) |
#4
|
|||
|
|||
The Following User Gave Reputation+1 to omidgl For This Useful Post: | ||
niculaita (02-13-2015) |
The Following User Says Thank You to omidgl For This Useful Post: | ||
nimaarek (09-09-2017) |
#5
|
|||
|
|||
Two other open-source projects you might want to look into are :
Deviare Hooking Engine Info http://blog.nektra.com/main/2015/04/07/deviare-hooking-engine-is-open-source-and-deviare-in-proc-supports-net-hooking/ Github https://github.com/nektra/Deviare2 Blackbone Info https://github.com/DarthTon/Blackbone Github https://github.com/DarthTon/Blackbone/tree/master/src/BlackBone/LocalHook |
Tags |
hook, inline hook, x86 |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
API Hooking | thomasantony | General Discussion | 5 | 04-22-2005 11:44 |
API-hooking | MaRKuS-DJM | General Discussion | 11 | 03-25-2005 13:27 |