Hooking(Message Hooking / API Hooking)


Hooking
- Reverse engineering core technology
- techniques that interchange or intercept function calls, messages, events, etc.
- Development of Hook code for bug fix or improvement (source code X)
- Development of Hook code to freely manipulate executable file and process memory

Hooking Advantages
- execution of user's hook code before/after API call, Message forwarding (additional function)
- Possible to peek or manipulate the return value of API function / parameter passing through hooking function
- Cancels "Send Event", "Call API" or change the execution flow to user code
=> free calling depending on the situation

• Most Popular Hooking
- Message Hooking
- API Hooking

• Hooking points
- IAT (import addres table): A table of which functions in a library refer to which functions.
 => Changing the API address to a hooking function,

- Code: Directly access the API real address from the system library mapped to process memory, and modify the code directly

 - Export Address Table (EAT): A mechanism to use functions provided by library files in other programs: message / API hooking


#C #C++ #Linux #Embedded #Hooking Example #Hooking #Message Hooking
By -
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Apartment Buying Guide 2025: Shocking Red Flags You Should NEVER Ignore!

 🏙️ Apartment Buying Guide 2025: Shocking Red Flags You Should NEVER Ignore! 🚨 Are you thinking about buying an apartment in 2025? 🏢  It’...