Remote Hooks in Kernel Mode?

Nov 5, 2013 at 7:43 PM

I just noticed that only the local hooking api is supported within a driver. Would it be difficult to move RhInjectLibrary into the DriverShared area or would this require a major rewrite? Thx.

Nov 5, 2013 at 8:37 PM
Looking through the code I'm seeing that a lot of user mode calls would have to be replaced with kernel mode equivalents... So I suppose this would be a huge task. Does anyone know if it would be possible at all?