Managed EXE hooking Unmanaged EXE

Sep 1, 2011 at 12:36 AM

Hi,

I am still new to EasyHook and it is very hard to find examples of step by step usages. So I figured this would be the best place to ask..

(PROCESS A)(Unmanaged)

(PROCESS B)(Managed)

------------------------------

My goal is to hook TextOutA() in Process A and Parse the text in Process B; Now I have tried all the samples I can find, but I just can't seem to get it to work for me.

My assumption is that I can do the complete remote hook from my process (Process B) without creating a DLL. But in the event that I must create a DLL, is there an example DLL to go by? Because in the example that is posted on CodeProject (posted by EasyHook) FileMonInject actually references the FileMon namespace.. So if FileMon and FileMonInject are in two different projects, I do not see how this would work..

I have read through the "Test" in the source code download and it looks like what I would like to do is possible. So I have just spent several hours trying to get it to work. However, when I attempt to register EasyHook.dll to the GAC as the error message would suggest. I get this in my event log:

[error]: System.Runtime.Serialization.SerializationException: Unable to find assembly 'EasyHook, Version=2.5.0.0, Culture=neutral, PublicKeyToken=4b580fca19d0b0c5'.

So immediately, I think that my path is incorrect so I tried several different ways. But to no avail I am still unable to hook properly..

Config.Register(
"Register EasyHook",
"EasyHook.dll");
                
RemoteHooking.IpcCreateServer<InjectionInterface>(
ref ChannelName, WellKnownObjectMode.SingleCall);

RemoteHooking.Inject(
Process.GetProcessesByName("ProcessA")[0].Id,
"ProcessB.exe",
"ProcessB.exe",
ChannelName);

This is how I am currently hooking, The rest of the classes are nearly exactly what the example specifies.. Keep in mind that I have not written a DLL.. I am merely trying to inject my Process (Process B) into (Process A) and Hook TextOutA.

Is there anyone out there that can enlighten me?

Sep 10, 2011 at 5:56 PM

You're doing about everything wrong. Take a look at the tutorial.

And YES your hook payload must be in a DLL.