API hooking breakthru

I finally got into the text that I needed. WOOOHOOO! I am so happy.

Now the question is, what is the best way to pass the text to my app. I have dll that sets the hook that is currently done via a simple launcher app. So, I add the InsertHook and RemoveHook calls into my application code, but I am unsure of how I extract the data from my dll. My first thougt was to use a file, but I am sure there is a muh better way that I just am not aware of.

Has anyone pulled data from a dll before, and can give me pointers? I am a dll newbie. I suppose a logical method would be to write a function in the dll that would return all the text since the last call. I would really prefer a push from the DLL into my app, so that I always have the up-to-date data.

Any help would be greatly appreciated.

Unsure how you you have implemented this, but if its a case of multiple copies of your dll being loaded into different processes (as is the case of conventional system hooks like keyloggers), then access to a file is difficult as sharing the handle is almost impossible.

When I do stuff like this I like to use a MailSlot (CreateMailslot() API - like a namedpipe, but easier to use for this and available to 98/95/ME)...each dll opens the mailslot and post the info you want to record....your main app opens a thread and sits there reading the sent info and processing it.....Its a little work, but is pretty effective

I'll give it a try. Sounds like what I need, I was thinking of using a pipe so this should do the trick.

BTW, the trick to hooking the functions, was to also hook LoadLibrary. I found the code at codeguru.

I can't get it to compile. I have the SDK installed and it is the top of the list on include paths.

I keep getting these errors no matter what I do.

testlauncher.cpp(12) : error C2065: 'CreateMailSlot' : undeclared identifier
testlauncher.cpp(12) : error C2440: '=' : cannot convert from 'int' to 'void *'

here is the code:

Code:

---

#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <winbase.h>
#include "..\testdll\testdll.h"

int APIENTRY WinMain(HINSTANCE hInstance,
                    HINSTANCE hPrevInstance,
                    LPSTR    lpCmdLine,
                    int      nCmdShow)
{
        HANDLE MailSlot;
        MailSlot=CreateMailSlot("\\\\.\\mailslot\\DLLTALK",0,0);

    InstallHook();

  // MessageBox( NULL, "Hook instaled", "TestLauncher", MB_OK );

        int result=0;
        char buffer[255];
        unsigned long bytesread;
        while(result != 1)
        {
                ReadFile(MailSlot,&buffer,250,&bytesread,NULL);
                result=MessageBox(NULL,buffer,"Captured Text",MB_OKCANCEL);
        }
 
        RemoveHook();
        CloseHandle(MailSlot);
    return 0;
}

---

CreateMailslot != CreateMailSlot


Also...it likes 4 params ;)

Thanks. Man I feel stupid ;)