Recent

« previous next »
Pages: 1 2 [3]

Author Topic: Windows API Hooking/DLL Injection/Function Hooking - Need some pointers  (Read 2126 times)

tooknox

  • New Member
  • *
  • Posts: 40
Re: Windows API Hooking/DLL Injection/Function Hooking - Need some pointers
« Reply #30 on: May 11, 2026, 05:38:12 pm »
I think you didn't read the whole thread. I have already made it work, wrote my own version of it along with others and the real code is attached on the thread too. Also Please read @Khrys' commentary on your code :)

I am just ALSO trying the MS Detour Library to see if it works and links properly with free pascal. To consolidate all the different ways (In terms options, I understand that it's just simple patching in the background)  to do hooking just for academic reasons (I also mentioned this in a previous comment)
« Last Edit: May 11, 2026, 07:45:06 pm by tooknox »
Logged

tooknox

  • New Member
  • *
  • Posts: 40
Re: Windows API Hooking/DLL Injection/Function Hooking - Need some pointers
« Reply #31 on: May 11, 2026, 08:25:10 pm »
Just to update,

I have been in touch with @Coldzer0, and he has just pushed a commit (fixed a linker bug) that makes linking Microsoft "detour.lib" successful. I will create and share a separate MSDetoursPayloadDLL as it won't compile with the current FPC; the changes are yet to be merged.

https://gitlab.com/Coldzer0/FPC (commit 91d9a596c892a4af04680e74a46fd35ca8b68eab)
Or
https://gitlab.com/freepascal.org/fpc/source/-/merge_requests/1385/diffs?commit_id=91d9a596c892a4af04680e74a46fd35ca8b68eab


The payload DLL builds successfully and the function hooks without any issues. I will add the code here too in some time :)

This marks the completion of my hooking adventure. I hope his PR gets merges as soon as possible.

Thanks @Coldzer0 you have been awesome

Thanks to @Khrys and @Thaddy too :)
« Last Edit: May 13, 2026, 03:05:28 pm by tooknox »
Logged

tooknox

  • New Member
  • *
  • Posts: 40
Re: Windows API Hooking/DLL Injection/Function Hooking - Need some pointers
« Reply #32 on: May 12, 2026, 06:49:16 am »
Here is the code

1. Checkout MS Detours library from GitHub and build the library
2. Checkout @ColdZer0's latest commit (mentioned above) from GitLab and build FPC.
3. Add the new compiler path(s) to Lazarus and you should be able to build the project.
4. Use the TargetCBinary and FPCDLLInjector from previous comments to test function hooking.

Note: I have only defined external functions absolutely needed for hooking, detours library has tons of APIs. You can look at detour.h and define others if you want to experiment. It has APIs to find target functions, to insert payload in new process etc. Argument types are simple and easily translated from c++ to pas.

I have included the DLL in the zip in case you don't want to build stuff.

Edit: Figured out a way to get (runtime) address of any target function in any binary dynamically (assuming the symbols/debug file exists).

https://forum.lazarus.freepascal.org/index.php?topic=74031.msg582712#msg582712

works flawlessly
« Last Edit: May 14, 2026, 05:13:16 pm by tooknox »
Logged
Pages: 1 2 [3]
« previous next »
 

TinyPortal © 2005-2018