⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 subject_43856.htm

📁 vc
💻 HTM
字号:
🔍 
<p>
序号:43856 发表者:counter-bug 发表日期:2003-06-14 14:07:02
<br>主题:用detours截获API有通用性吗?
<br>内容:用detours截获API有通用性吗?<BR>是不是所有线程包括系统线程的API都可以截获?<BR>截获的程序要在什么地方加载?<BR>怎么才能让每个线程都加载截获的程序?
<br><a href="javascript:history.go(-1)">返回上页</a><br><a href=http://www.copathway.com/cndevforum/>访问论坛</a></p>
<hr size=1>
<blockquote><p>
回复者:Neil Gan 回复日期:2003-06-17 11:02:46
<br>内容:1. the biggest flaw of detour is that it has to be loaded before any futher threads are created in the process, or there would be serious sychronization problems<BR><BR>2.system threads locate in system processes, you can only inject a dll to these processes if your code is running under a system process.<BR><BR>3.detour lib modifies the assembler code for the target function, so every threads in the same process are affected. if you inject the dll to every process, you get control of all the threads.<BR><BR><BR>
<br>
<a href="javascript:history.go(-1)">返回上页</a><br><a href=http://www.copathway.com/cndevforum/>访问论坛</a></p></blockquote>
<hr size=1>
<blockquote><p>
回复者:counter-bug 回复日期:2003-06-17 17:51:56
<br>内容:我试着把DLL注入一些进程,但有些系统的进程注入不进去。<BR>我想做一个禁止存盘功能的,截获CreatFileA。但对于某些进程有效(如VC),有些却无效(如记事本,IE)。是不是他们创建文件没调用<BR>CreatFile这个API
<br>
<a href="javascript:history.go(-1)">返回上页</a><br><a href=http://www.copathway.com/cndevforum/>访问论坛</a></p></blockquote>
<hr size=1>
<blockquote><p>
回复者:dr0 回复日期:2003-06-17 20:25:12
<br>内容:but no silver bullet, detour intercepts api calls in memory, <BR>yes, you can also intercept them by modifying the binary disk file.<BR>if you uses detour, who does has its defects, if you uses pe modification,<BR>you also has its own defects
<br>
<a href="javascript:history.go(-1)">返回上页</a><br><a href=http://www.copathway.com/cndevforum/>访问论坛</a></p></blockquote>
<hr size=1>
<blockquote><p>
<font color=red>答案被接受</font><br>回复者:dr0 回复日期:2003-06-17 20:29:57
<br>内容:http://www.anticracking.sk/EliCZ/export.htm<BR>try this one, elicz claims that his new version api hooker is bug-free ,<BR>you can try it, but do not ask me how to use it, coz i have never used it
<br>
<a href="javascript:history.go(-1)">返回上页</a><br><a href=http://www.copathway.com/cndevforum/>访问论坛</a></p></blockquote>
<hr size=1>
<blockquote><p>
回复者:Justin Le 回复日期:2003-06-20 15:54:59
<br>内容:学习, dr0的宝还挺多。
<br>
<a href="javascript:history.go(-1)">返回上页</a><br><a href=http://www.copathway.com/cndevforum/>访问论坛</a></p></blockquote>

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -