Click here to Skip to main content
Click here to Skip to main content
Search within:



 
Comments & Discussions (154)

APIHijack - A Library for easy DLL function hooking.

By , 15 Sep 2000
 
  • Download source files and demo project - 102 Kb

    Introduction

    Based on DelayLoadProfileDLL.CPP, by Matt Pietrek for MSJ February 2000. This code is intended to be included in a DLL inserted through a global Windows Hook (CBT hook for example). It will replace functions from other DLLs (e.g. DDRAW.DLL) with functions from your DLL.

    Functions are hooked by passing a parameter structure to the HookAPICalls() function as follows:

    SDLLHook D3DHook = 
{
    "DDRAW.DLL",
    false, NULL,    // Default hook disabled, NULL function pointer.
    {
        { "DirectDrawCreate", MyDirectDrawCreate },
        { NULL, NULL }
    }
};

BOOL APIENTRY DllMain( HINSTANCE hModule, DWORD fdwReason, LPVOID lpReserved)
{
    if ( fdwReason == DLL_PROCESS_ATTACH )  // When initializing....
    {
        hDLL = hModule;

        // We don't need thread notifications for what we're doing.  Thus, 
        // get rid of them, thereby eliminating some of the overhead of 
        // this DLL
        DisableThreadLibraryCalls( hModule );

        // Only hook the APIs if this is the right process.
        GetModuleFileName( GetModuleHandle( NULL ), Work, sizeof(Work) );
        PathStripPath( Work );

        if ( stricmp( Work, "myhooktarget.exe" ) == 0 )
            HookAPICalls( &D3DHook );
    }

    return TRUE;
}

    Now all that remains is to get your DLL loaded into the target process.

    • License

    This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

    About the Author

    		 Wade Brainerd
    United States United States
    Member
    No Biography provided

    Article Top
     
    Sign Up to vote   Poor Excellent
    Add a reason or comment to your vote: x
    Votes of 3 or less require a comment

    Comments and Discussions

     
    Hint: For improved responsiveness ensure Javascript is enabled and choose 'Normal' from the Layout dropdown and hit 'Update'.
    You must Sign In to use this message board.
    Search this forum  
        Spacing  Noise  Layout  Per page   
    First PrevNext
    QuestionNon-Debug applications can be hooked too ?memberRyouku12 Jul '09 - 18:17 
    GeneralProblem when trying to hook text functionsmemberRoey C31 Mar '08 - 9:25 
    GeneralIt does not work for me.memberAchilleas Margaritis27 Nov '07 - 23:09 
    GeneralRe: It does not work for me.memberMXT320 Jan '12 - 7:42 
    Generalnot imported by name?!memberParallan3 Nov '07 - 23:27 
    QuestionHow to hook user defined DLL ?membermahesh kumar s3 Jul '07 - 1:46 
    Generalmonitoring dll function callsmembermahesh kumar s28 Jun '07 - 4:04 
    Questionthis trick doesn't work with all programs, nor?member6r15u30 Jan '07 - 2:10 
    QuestionAPIHijack is outmoded?memberplayer.24 Jul '06 - 22:51 
    GeneralCompile with Visual Studio 2003memberP Gibson7 Jul '06 - 1:30 
    GeneralHooking LoadLibraryAmemberRed XIII28 Jun '06 - 0:58 
    GeneralVB.Net and APIHijackmemberVitoto12 Jan '06 - 5:36 
    GeneralThe demomembertriplebit21 Nov '05 - 1:07 
    GeneralThe demomembertriplebit21 Nov '05 - 1:06 
    GeneralPurely excelent...memberNick Z.3 Nov '05 - 14:21 
    AnswerRe: Purely excelent...memberNguyen Duc Minh19 Nov '05 - 20:01 
    Questionhow to hook copy,cat,past operationsmemberAl_Shakhly1 Nov '05 - 22:15 
    GeneralRetreiving variablememberKrisse14 Aug '05 - 4:04 
    GeneralHooking dynamicly loaded DLLs functionsmemberseybold23 May '05 - 22:33 
    GeneralRe: Hooking dynamicly loaded DLLs functionsmemberdchris_med14 Feb '06 - 3:16 
    GeneralLooking like a atlternative of DsSubCls.dllmemberThatsAlok3 Dec '04 - 19:10 
    GeneralHooked function address is replaced by Original onememberkeenalex23 Sep '04 - 20:07 
    GeneralRe: Hooked function address is replaced by Original onememberGareth Haslip11 Oct '04 - 2:32 
    GeneralRe: Hooked function address is replaced by Original onemembersturlamolden12 Oct '06 - 12:58 
    GeneralCallbacks from insidememberK-ballo20 Aug '04 - 14:34 
    Last Visit: 31 Dec '99 - 18:00     Last Update: 24 May '13 - 1:13Refresh1234567 Next »

    General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

    About Article
    This library allows you to replace functions in other DLLs with functions from your own DLL.
    Type Article
    Licence CPOL
    First Posted 15 Sep 2000
    Views 538,066
    Downloads 8,155
    Bookmarked 162 times
    Top News

    The Next Version of Android - Some of What's Coming

    Get the Insider News free each morning.
    Related Videos
    C# .NET Programming - 0605 Math Library Functions
    jQuery: Drag & Drop Part 1
    Using Window Messages to Implement Global System Hooks in C#
    Easy way to set up global API hooks
    API hooking revealed
    Global System Hooks in .NET
    Hot Patching Made Easy
    API Hooking with MS Detours
    DLL Injection and function interception tutorial
    Screen Event Recorder DLL/Application
    RemoteLib - DLL Injection for Win9x & NT Platforms
    System Wide Hooking for the WM_CHAR Message
    API Hooking (LoadLibrary)
    Hooks and DLLs
    Powerful x86/x64 Mini Hook-Engine
    Sweep the Minesweeper
    Visual Leak Detector - Enhanced Memory Leak Detection for Visual C++
    Three Ways to Inject Your Code into Another Process
    Injection into a Process Using KnownDlls
    An MFC extension library to enable DLL plug-in technology for your application using MESSAGE_MAPs
    Intercepting Calls to COM Interfaces
    Windows Live Messenger Plug-in Development Bible
    Permalink | Advertise | Privacy | Mobile
    Web04 | 2.6.130523.1 | Last Updated 16 Sep 2000
    Article Copyright 2000 by Wade Brainerd
    Everything else Copyright © CodeProject, 1999-2013
    Terms of Use
    Layout: fixed | fluid