Location:
Search - delphi hook api
Search list
Description: NtCreateProcessEx(HookAPI)
Platform: |
Size: 977920 |
Author: Tiam |
Hits:
Description: 通过api和键盘钩子彻底屏蔽任务栏和开始菜单.txt/?ü齛pi和键盘钩子彻底屏蔽任务栏和开始菜单.txt/通过api和键盘钩子彻底屏蔽任务栏和开始菜单.txt-through api and keyboard hook completely shielding the task bar and start menu. Txt/api and through keyboard hook son completely shielding the task bar and start menu. txt/api and through keyboard hook completely shielding the task bar and start menu . txt/api and through keyboard hook completely shielding the task bar and start menu. txt
Platform: |
Size: 1024 |
Author: lin |
Hits:
Description: HookAPI 1.63 很牛B的东西啊-HookAPI 1.63 am cattle B. things ah
Platform: |
Size: 1273856 |
Author: 蓝帝 |
Hits:
Description: 一个利用dll注入拦截OpenProcess,禁止强行关闭程序的例子-Dll into the interception of a use OpenProcess, prohibition of forced closure procedure example
Platform: |
Size: 358400 |
Author: 天一 |
Hits:
Description: 一个标准的HOOKAPI类!有了他在对别的程序进行HOOKAPI处理的时候就不用那么麻烦了啊!-A standard type HOOKAPI! With him on the other procedures when dealing with HOOKAPI not need so much trouble, ah!
Platform: |
Size: 3072 |
Author: |
Hits:
Description: 系统钩子与API截获,拦截NoCtrl+Alt+Del方法2-Hook and API interception, interception NoCtrl+ Alt+ Del Method 2
Platform: |
Size: 197632 |
Author: Hou |
Hits:
Description: 开始,运行输入 sigverif
通过检查数字签名就知道是不是ms的了。
主要使用Win32API实现验证应用或驱动程
WinVerifyTrust API。如果该API被Hook有没有其他方法验证应用或驱动程序是否通过微软签名?如果仅仅是被挂钩了IAT,那么可以直接通过函数指针调用。
如果是像Detours那样用jmp改写了函数头,可以通过读取WinTrust.dll中WinVerifyTrust的实现位置,恢复函数头的机器码。
不知道使用CryptoAPI,再使用指定的Microsoft证书
是不是更好一点,不容易被欺骗
怕调api被hook的话,自己将验证的代码写出来,用openssl应该容易点。-Start, Run enter sigverif by checking the digital signature is not on the know of the ms. Win32API realize the main use of the application or driver to verify WinVerifyTrust API. If the API was Hook has no other way to verify whether the application or driver through Microsoft Signed? If merely being linked to the IAT, you can call directly through the function pointer. If it is used as the Detours as to alter the function jmp head, can be read in WinVerifyTrust Wintrust.dll realize the location, the restoration of function of the binary header. Do not know the use of CryptoAPI, and then use the specified certificate is not Microsoft a little better, not easy to be deceived by fear api tune hook, then he would write the code to verify, using openssl should be easy points.
Platform: |
Size: 200704 |
Author: 齐欢乐 |
Hits:
Description: 钩子与API截获,usb端口监听根据需要对U盘进行读写-Hooks and API interception, usb port monitor in accordance with the need for disk read and write U
Platform: |
Size: 519168 |
Author: yangj |
Hits:
Description: VC实现32位Windows 9x 陷阱式API Hook-VC realize 32-bit Windows 9x trap-style API Hook
Platform: |
Size: 183296 |
Author: qsn |
Hits:
Description: 游戏加速器源代码。涉及API hook和detour lib的使用。-Game accelerator source code. API hook and involves the use of detour lib.
Platform: |
Size: 50176 |
Author: sunxun |
Hits:
Description: DELPHI编写的HOOK API实现DLL全局钩子启动记事本的程序-DELPHI prepared HOOK API to achieve the overall hook DLL procedures start Notepad
Platform: |
Size: 337920 |
Author: csdner |
Hits:
Description: delphi中HOOK API 函数的例子,包含完整源代码-HOOK API functions in delphi example, complete source code
Platform: |
Size: 573440 |
Author: 王冬强 |
Hits:
Description: 编程语言:delphi或者vc.(建议vc)
编程知识:hook技术,一些常用的api,dll,等。(如果,不了解先去看看资料)
工具:wpe,自己做的一个封包工具,进制转换器自己做个比较好。
外挂方法1.键盘鼠标模拟mouse_event等函数解决.
2.读取内存,看数据.
3.截取网络封包进行分析。(怎么封包解密:同一个动作截取n次比较,找出共同)
资料 网上的传奇挂机原代
-Programming Language: delphi or vc. (Recommended vc) programming knowledge: hook technology, some commonly used api, dll, and so on. (If you do not understand first went to see the information) tool: wpe, myself, a packet tools, hex converter itself to be a relatively good. Plug-in method 1. Keyboard and mouse functions such as analog mouse_event resolved. 2. Read memory, see the data. 3. Interception of network packets for analysis. (How to decrypt packets: an action interception of n times the same comparison, to find common) information on the Net Primary legendary hook
Platform: |
Size: 65536 |
Author: sfmadman |
Hits:
Description: 用Delphi写的API钩子,截获API函数-Using Delphi to write the API hook, intercepted API functions
Platform: |
Size: 174080 |
Author: zensst |
Hits:
Description: API, delphi, windows, hook + macros system example.
Platform: |
Size: 302080 |
Author: DSgfdsf |
Hits:
Description: Delphi写的Winsocet HOOK程序示例。程序简单示范了HOOK API 的原理。并截获了HOOK程序的发送,接收数据包。-Winsocet HOOK program written in Delphi example. The program simply demonstrates the principle of the API HOOK. And intercept HOOK program to send and receive packets.
Platform: |
Size: 214016 |
Author: newhua |
Hits:
Description: 用过卡巴斯基的朋友都知道,卡巴斯基的进程是无法杀掉的,在任务管理器中杀卡巴进程的话,会弹出一个消息框提示拒绝访问!那么这是怎么实现的呢?很简单,就是使用了HOOK API的方法。
我用delphi来写程序好了,先写个dll。-Used Kaspersky' s friends all know, the the Kaspersky process is unable to kill the, Kabbah process in the Task Manager to kill, will pop up a message box prompts denied access! So this is how to achieve it? Very simple, is to use the method of HOOK API. Delphi write programs well, the first to write a dll.
Platform: |
Size: 5120 |
Author: yjj |
Hits:
Description: 微软Detours钩子库的DLL版。采用VS2012重新编译,生成stdcall的DLL,方便其他开发工具调用。已经测试了可以在Delphi中调用成功。-Microsoft Detours hook API, DLL version . Recompiled using VS2012 to generate stdcall functions, facilitate other development tools called. Have tested can be successfully invoked in Delphi.
Platform: |
Size: 49152 |
Author: Chris Liu |
Hits:
Description: HookApiLib, Hook Api Library for Delphi 7+
Platform: |
Size: 6144 |
Author: dizdar78 |
Hits:
Description: 对应用程序发送和接收的网络数据进行拦截,HOOK目标进程的发送和接收的API函数,原理是利用消息钩子将DLL中的代码注入到目标进程中,再用GetProcAddress得到API函数入口地址,将函数入口址改为自己 定义的函数入口,这样就得到了API函数的相应参数,处理完后,再改回真实API函数入口地址,并调用它。- U5BF9 u5E9 u7281 u7R3 u7R0 U53D1 u9101 u5A1 u6A1 u7681 u7681 u6681 u6681 u6681 u6168 U 5230 u76EE u6807 u8FDB u7A0B u4E2D, u518D u7528GetProcAddress u5F97 u52301 U81EA u5B9 u5B9 u5B09 u5F9 u5R09 u5139 U5B8C u540E u5183 u653 u653 u53E
Platform: |
Size: 203776 |
Author: liuweidong |
Hits: