View Full Version : "Systemwide Windows Hooks without external DLL"
disavowed
April 9th, 2004, 09:05
This article is about a year old, but the information contained in it is new to me. Maybe some of you will also find it interesting:
http://rattlesnake.at.box.sk/newsread.php?newsid=193 ("http://rattlesnake.at.box.sk/newsread.php?newsid=193")
JimmyClif
April 9th, 2004, 09:48
What does declspec(dllexport) do ? Have to wait to get home to have a look at that.
Another way would be to use PEBundle
Thanks for sharing, disa!
disavowed
April 9th, 2004, 17:12
allows you to export functions from an .exe
check the exports of system32\ntoskrnl.exe to see an example
evaluator
April 10th, 2004, 01:32
ntoskrnl.exe is DRIVER
>allows you to export functions from an .exe
good.
greatly helps when EXE will loaded as library by other process.
>check the exports ntoskrnl.exe
ntoskrnl.exe is DRIVER
mmk
April 10th, 2004, 07:41
Quote:
[Originally Posted by evaluator]>check the exports ntoskrnl.exe
ntoskrnl.exe is DRIVER |
But a driver can also export funcs/vars. If you check ntoskrnl.exe you'll see that its export dir is present. Other drivers can link to it.
evaluator
April 10th, 2004, 12:39
what then?
ntoskrnl.exe is driver.
Powered by vBulletin® Version 4.2.2 Copyright © 2018 vBulletin Solutions, Inc. All rights reserved.