|
There are two ways to accomplish this
1.Hooking IAT
you can patch the import address tables to your own functions, good for educational use only
2.Hooking at kernel level
you will have to write a kernel level device driver, which will monitor all file movement, you will need DDK and a LOT of heart
device drivers in 9x are .VXD files which are written differently than a .Sys(NT based device driver) so in order to support 9x system you will have to write a VXD file you will need 9x DDK for that and EVEN MORE HEART
and starting with windows XP microsoft has added extra protection bit (also known as WP bit) to protect kernel level hooking (which suggest that they don't really like ppl hooking in to kernel)
hope it helped
C makes it easy to shoot yourself in the foot; C++ makes it harder, but when you do, it blows away your whole leg
|
|
|
|
|
hi !
yup...it does thanks. Well the app i am talking has nothing illegal about it so don't worry Could you point me to a decent article about IAT or maybe a snippet of code??it would be of gr8 help i read up Ivo Ivanovs API hooking revealed but it didn't have enough information on IAT .
thankx for the reply !
Kane
|
|
|
|
|
Hi,
How do I get the authentication mode of a DSN in VC++ code.
I am trying something like this.
rc = SQLGetInfo(aDatabase.m_hdbc, XXX,(SQLPOINTER)buffer, sizeof(buffer), &size);
XXX - something/ I dont' know.
Can anybody help me out for this.
Thanks,
Prashant
|
|
|
|
|
Hai,
I Need to how to insert a JPG image file in the picture control of the MFC in VC++...Its supporting only BMP files...
I also need to know how to fetch data from registry and display it in my application.The function REGQUERYVALUE() is used for that but, i dono how the function parameter works....
Kindly help
bye
|
|
|
|
|
For displaying jpg images in ur app search CP for CPicture it's a nice class to display jpg in ur application
For registry support also try searching for CRegistry here.
C makes it easy to shoot yourself in the foot; C++ makes it harder, but when you do, it blows away your whole leg
|
|
|
|
|
I have to make a program like NotePad on Visiual Studio .NET 2003 using C++,but the problem i have is how to make Multiple UNDO.
Live isn't ForEver - LIVE IT
|
|
|
|
|
To make undoes, two steps:
1) define the scope about what's been done and to undo / redo. For example:
struct StepX
{
long PosFrom;
long PosTo;
ColorRef Col;
long Stroke;
};
2) use any of 'container' approach to store the steps. For example:
std::stack<StepX> or something similar.
<b>Maxwell Chen</b>
|
|
|
|
|
Think about "commands"
for example, when typing text, you can make each character or word an "Insert Command", undoing this, will trigger another command, "Delete Text Command" and its undo command is the "Insert Text" ... you see the pattern ...
Each command must know the context and must be "self sufficiant" as much as possible, for example, "Insert Command" will have the text, and the position of insertion.
You need to implement a stack of commands ( written in the other answer ), on which you push and pop the commands.
From There, you can easilly implement the redo .
Maximilien Lincourt
Your Head A Splode - Strong Bad
|
|
|
|
|
In some cases, multiple undo's are too complicated to make like the 2 previous messages said, expecially, when deleting part of some complex structure. If you're dealing with text, which doesnt grow enormously, you could also keep a copy in memory of previous operations. If you specify a, lets say, 10 maximum number of undo's and the text doesnt exceed 50k, that wouldnt be such a bad approach, although its pretty ugly
The method exposed before is much more neat and works for very large structure operations, but can also be difficult to implement.
|
|
|
|
|
Please tell me on, how do I change the caption (name) of dialog window at runtime. I thank in advance.
cheers
mughi
|
|
|
|
|
There is more than way to do that. The easyest one I think is SetWindowText(). Search the MSDN for this function, you'll find the details.
johnnyl
|
|
|
|
|
Thanks a lot. Got it working.
cheers
mughi
|
|
|
|
|
I build a dialog application using VC++, and I want to deal with the keyboard message. but the ON_KeyDown fuction can't work, it can't be called by framework at all. then I find that I can deal with keyboard message in the PreTranslateMessage function, but it just like odd. I think it must have a better method.
thanks
laia
|
|
|
|
|
KEYDOWN works with dialogs. You can try it with an epty dialog (no controls on it, not even OK and Cancel) and see the function gets called. But if you place any controls on the dialog the messege doesn't get sent to the dialog no more, it gets sent to a control on the dialog. That's why your function doesn't get called.
PreTranslateMessage works fine, I don't think it's odd. But if you find a better way please share .
johnnyl
|
|
|
|
|
HI.
I have captured an AVI file with Cam and TV tunner..
But AVI files take More Space on Harddisk.
Now Plz Tell me Which Format Take Low Space OnHardDisk
And Provide a Normal Result ( MAy be Not Much Fine
But Clearly I can See It hahaha).
HOw Can i Convert AVI file TO That Format PLz REply
thanx
|
|
|
|
|
Try to convert MPEG,
it provides highest compression ratio and best quality
|
|
|
|
|
hello everyboy!
I making an application in which i have to make image from some memory location of array. The image is not been loaded from any pyhsical file.
it is been placed in memory be some other application but i have the memory referance.
i do not know how can i make image of that memory and dispaly that on a form?
Please Help.
THANKS IN ADVANCE.
|
|
|
|
|
There is a useful class named CBitmap,
DWORD CBitmap::SetBitmapBits(DWORD dwCount, const void* lpBits);
This member function should be helpfull
|
|
|
|
|
Send your answers to mikeza123@comcast.net
1. When a decryption section is added to a PE what is changed and must be restored for the program to function properly after dumping?
2. What exactly does it mean to dump a program?
3. What is an OEP and what should you look for when finding one?
4. What does IAT stand for and what is its member index in the Optional Header?
5. What API imports should you look for when looking for email sending functionality?
6. What ring must you be in to access debug registers?
lets see how smart yall are
|
|
|
|
|
None do I know. I feel like an idiot...
Maxwell Chen
|
|
|
|
|
Wots the first prize
It's not a bug, it's an undocumented feature. suhredayan@omniquad.com
messenger :suhredayan@hotmail.com
|
|
|
|
|
test my knowledge or yours ?
anyway, I don't have a clue ...
Maximilien Lincourt
Your Head A Splode - Strong Bad
|
|
|
|
|
1. Ha!, this is a trick question, you shouldn't actually dump a program, because it may contain sectors that won't get broken down over time, and that could cause a major environmental catastrophe.
2. That's when programmers of questionable quality hauls aged programs out in deep sea and throws them out to pollute the local environment.
3. An OEP is a little critter living in the forests south of Neverwinter, if you find one, you should look for its cave, because they are usually loaded with weapons and stuff...
4.I refuse to answer this question, because i despise everything IAT stands for...
5. The ones that are concerned about sending emails.
6. , now that's a dirty question, this should be in the soapbox.
So, how did I do?
"After all it's just text at the end of the day. - Colin Davies
"For example, when a VB programmer comes to my house, they may say 'does your pool need cleaning, sir ?' " - Christian Graus
|
|
|
|
|
ARG YA'LL FAILED....Lol nice try, took me a while to answer them to
|
|
|
|
|
Hope So i Failed Too!
"Opinions are neither right nor wrong. I cannot change your opinion. I can, however, change what influences your opinion." - David Crow
cheers,
Alok Gupta
|
|
|
|