Comments (1)
The code in this repository doesn't handle assembly code with relative jumps very well. In fact, it can easily encounter problems in the kernel because you simply can't request an address that's only 2GB away from the hooked position in the kernel . So once there is a four-byte relative jump like 0x0f 0x8x xx xx xx xx, it can't relocate.
I've written a toy before that can solve this problem, https://github.com/smallzhong/kernelhook. I specifically adapted the code to handle relative jumps like 0xex xx, 0x0f 0x8x xx xx xx xx, 0xe8(0xe9) xx xx xx xx, etc., which can solve this problem.
However, my code is a toy, and it can't be used in a real production environment. In fact, the reason I wrote this toy is because I couldn't find a complete open-source repo that could adapt to these relative jumps in the kernel.
from hooklib.
Related Issues (18)
- External dep(Zydis) is not resolved HOT 1
- how to fix HOT 1
- please help HOT 4
- win10 KiDispatchException HOT 23
- help ASAP HOT 1
- cant find dynamic library in current folder
- This project doesn't contain the Configuration and Platform combination Release|x64 HOT 2
- is my test doing good? xD i dont know what im looking at HOT 6
- Breaks on W11 HOT 2
- windows 10 1809 page_fault_in_nonpaged_area HOT 4
- win 11 22000 bsod HOT 5
- Странный баг HOT 14
- [Help]HookLib.lib(HookLib.obj) : warning LNK4257: Object file was not compiled for kernel mode
- Problem with hooking windows api HOT 3
- StopProcessors or ResumeProcessors freezes windows 10 HOT 1
- Build failed due to identifier "_Original" and "_State" is not defined HOT 1
- Сделать хук для другого процесса
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hooklib.