Menu
How do I go about hooking/redirecting a function in a DLL (say, CreateThread from Kernel32.dll) loaded in the current process?
(I don't have control over which pieces of code call CreateThread, so it's not like I can just have the code something else instead.)
The language doesn't matter much; I'm guessing C/C++ would be the best choices for this.
Update:
I forgot to mention: I'm not looking for solutions that require the bundling of extra libraries into my program; I was looking for a manual way of doing the hooking (such as by rewriting the address of the function), not for using an external library to do this.
But thanks to those who mentioned an external library; sorry I didn't say this earlier.
682
there's MS library for this: Detours
196
(This most likely would have been more appropriate as a "comment" under the "Detours" answer, but, as my "reputation" isn't enough yet to add comments I guess, let me post it as an answer)
This post under this thread ("DirectShow question") mentions a replacement/home-grown alternative to Detours (with some rough code example as well) by Alessandro Angeli.
I've actually first found it quoted in another thread ("problem in hooking cocreateinstance") while also searching for COM component creation hooking/tracing (This second thread is more focused on cross-process hooking though).
Let me also add a link for WinAPIOverride32 (by Jacquelin Potier) for convenience here as well. It seems to have "developer designed GUI" :) but, no complaints at all as it is open source (as mentioned above).
37
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
