Menu
Can anyone explain how does one program hook into and modify behavior of other programs in Windows?
How is it even possible? Don't windows programs protect themselves from other programs going into their memory, etc? (I don't know the internals how it works so I just said "into their memory" -- I bet it's more complex than that.)
Also does modern Windows like Windows 7 still allow it?
Thanks, Boda Cydo
761
There are several different ways to hook into and modify the behavior of other programs.
For example, you can directly write to another program's memory (WriteProcessMemory) or you can inject a thread into another program's memory (CreateRemoteThread). This presumes you have some rights to control that other program.
You can also inject a window hook via SetWindowsHookEx. This presumes you are running in the user's session at the same or higher integrity level of the program you are injecting into.
This is still allowed for several reasons. Without a way to modify behavior of other programs you would not be able to implement a debugger. Windows hooks are used by testing programs, accessibility programs, programs that change the look and feel of Windows, etc.
90
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
