Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to hook an existing local process? #162

Closed
0xThiebaut opened this issue Dec 27, 2020 · 2 comments
Closed

How to hook an existing local process? #162

0xThiebaut opened this issue Dec 27, 2020 · 2 comments
Labels
question

Comments

@0xThiebaut
Copy link

I am looking to hook an existing local process but can't find any clear documentation on how to do so.

I have tried, without success:

  • Using CreateToolhelp32Snapshot to iterate threads followed by OpenThread to call DetourUpdateThread.
  • Using OpenProcess to call DetourUpdateProcessWithDll.

I checked #76 but feel the suggested approach is for the process itself. Is their any documentation on how Detours can be used for an existing local process?
@sylveon
Copy link
Contributor

sylveon commented Dec 27, 2020
edited
Loading

You will need to inject a DLL into the target process and can then use DetourUpdateThread in that injected DLL.

A few ways you can inject a DLL is by using SetWindowsHookEx, SetWinEventHook, or CreateRemoteThread + LoadLibrary.

@0xThiebaut
Copy link
Author

I went with CreateRemoteThread + LoadLibraryA. Thanks!

@ghost ghost locked as resolved and limited conversation to collaborators Jan 27, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sylveon @0xThiebaut