How to hook api calls in another application

Question

I am trying to hook the ExtTextOut and DrawTextExt GDI method calls of another application.

I know that I need to Use GetProcAddress to find the address of those methods in gdi32.dll, and overwrite the address in the process I want to hook with the address of my function. Then in my function I do what I need, then call the original function.

I want to make this hook functionality available to .net applications, and apparently this is do-able by creating an 'intermediate' unmanaged dll that does the hooking, and is capable of firing a event on the .net side, so that the new function can bet written in the managed environment. I'm just not sure how to implement this. Does anyone have any code samples or links to information?

Answer 1

I would recommend Microsoft's Detours (C++ x86 only) or EasyHook (C++ & C#, x86/x64).

http://easyhook.codeplex.com/

I've used it before, works pretty well. You have to pass a function or address and where you want it redirected to, and you can have all calls (for all processes or a specific one) sent into your function. The tutorials cover most of the basics, but I can edit code into this answer if you'd like.

A bit of trivia is that it also works the other way. Pass a pointer to your function and you can redirect calls into external code. Makes for some interesting integration with old apps or closed-source ones.

Answer 2

You can use Deviare API Hook, use DeviareCSharpConsole that is a tool that is in the package that let you hook any API and see parameter values in a treeview-like control. The only trick that it needs in Windows7 is to be load as admin, I reported.

Answer 3

How I Built a Working Poker Bot has samples of injecting code and hooking gdi events.