Search Results

Search found 1 results on 1 pages for 'desaiparth'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 1/1 | 1 

  • Error while Trying to Hook "TerminateProcess" Function. Target Process crashes. Can anyone help me

    - by desaiparth
    Debugging with visual studio 2005 The following Error Displayed :Unhandled exception at 0x00000000 in procexp.exe: 0xC0000005: Access violation reading location 0x00000000. And Thread Information: 2704 Win32 Thread 00000000 Normal 0 extern "C" VDLL2_API BOOL WINAPI MyTerminateProcess(HANDLE hProcess,UINT uExitCode) { SetLastError(5); return FALSE; } FARPROC HookFunction(char *UserDll,FARPROC pfn,FARPROC HookFunc) { DWORD dwSizeofExportTable=0; DWORD dwRelativeVirtualAddress=0; HMODULE hm=GetModuleHandle(NULL); FARPROC pfnOriginalAddressToReturn; PIMAGE_DOS_HEADER pim=(PIMAGE_DOS_HEADER)hm; PIMAGE_NT_HEADERS pimnt=(PIMAGE_NT_HEADERS)((DWORD)pim + (DWORD)pim-e_lfanew); PIMAGE_DATA_DIRECTORY pimdata=(PIMAGE_DATA_DIRECTORY)&(pimnt-OptionalHeader.DataDirectory); PIMAGE_OPTIONAL_HEADER pot=&(pimnt-OptionalHeader); PIMAGE_DATA_DIRECTORY pim2=(PIMAGE_DATA_DIRECTORY)((DWORD)pot+(DWORD)104); dwSizeofExportTable=pim2-Size; dwRelativeVirtualAddress=pim2-VirtualAddress; char *ascstr; PIMAGE_IMPORT_DESCRIPTOR pimexp=(PIMAGE_IMPORT_DESCRIPTOR)(pim2-VirtualAddress + (DWORD)pim); while(pimexp-Name) { ascstr=(char *)((DWORD)pim + (DWORD)pimexp-Name); if(strcmpi(ascstr,UserDll) == 0) { break; } pimexp++; } PIMAGE_THUNK_DATA pname=(PIMAGE_THUNK_DATA)((DWORD)pim+(DWORD)pimexp-FirstThunk); LPDWORD lpdw=&(pname-u1.Function); DWORD dwError=0; DWORD OldProtect=0; while(pname-u1.Function) { if((DWORD)pname-u1.Function == (DWORD)pfn) { lpdw=&(pname-u1.Function); VirtualProtect((LPVOID)lpdw,sizeof(DWORD),PAGE_READWRITE,&OldProtect); pname-u1.Function=(DWORD)HookFunc; VirtualProtect((LPVOID)lpdw,sizeof(DWORD),PAGE_READONLY,&OldProtect); return pfn; } pname++; } return (FARPROC)0; } FARPROC CallHook(void) { HMODULE hm=GetModuleHandle(TEXT("Kernel32.dll")); FARPROC fp=GetProcAddress(hm,"TerminateProcess"); HMODULE hm2=GetModuleHandle(TEXT("vdll2.dll")); FARPROC fpHook=GetProcAddress(hm2,"MyTerminateProcess"); dwAddOfTerminateProcess=HookFunction("Kernel32.dll",fp,fpHook); if(dwAddOfTerminateProcess == 0) { MessageBox(NULL,TEXT("Unable TO Hook Function."),TEXT("Parth"),MB_OK); } else { MessageBox(NULL,TEXT("Success Hooked."),TEXT("Parth"),MB_OK); } return 0; } Thanks in advance for any help.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

1