Microsoft Detours Pro v3.0 - Page 2

atom0s · #1 05-12-2016, 14:42

Here is an example of hooking Win32 API without a trampoline since they are not always needed:
(Error checking code omitted for ease of reading.)

PHP Code:


			
extern "C"

{

    HWND (WINAPI *Real_CreateWindowExA)(DWORD, LPCSTR, LPCSTR, DWORD, int, int, int, int, HWND, HMENU, HINSTANCE, LPVOID) = CreateWindowExA;

};



/**

 * user32!CreateWindowExA detour callback.

 */

HWND __stdcall Mine_CreateWindowExA(DWORD dwExStyle, LPCSTR lpClassName, LPCSTR lpWindowName, DWORD dwStyle, int x, int y, int nWidth, int nHeight, HWND hWndParent, HMENU hMenu, HINSTANCE hInstance, LPVOID lpParam)

{

    // Do your personal alterations and such here..

    

    return Real_CreateWindowExA(dwExStyle, lpClassName, lpWindowName, dwStyle, x, y, nWidth, nHeight, hWndParent, hMenu, hInstance, lpParam);

}



// Attach the detour..

DetourTransactionBegin();

DetourUpdateThread(::GetCurrentThread());

DetourAttach(&(PVOID&)Real_CreateWindowExA, Mine_CreateWindowExA);

DetourTransactionCommit();

WhoCares · #2 07-13-2016, 11:32

so good.

I got detours 3 source code from the open source .net framework code, but there is a nasty typo bug...and finally microsoft removed the leaked code form their open source site.

Newbie_Cracker · #3 07-14-2016, 20:03

Is it the password? It is not working for me

Quote:

01110010 00111001 00101011 01001100 01001101 00101011 01010000 01010111 01101000 01100011 01010010 01101011 00111110 00100111 01010001 00100010 01001011 01100111 01101000 01100101

niculaita · #4 07-14-2016, 20:49

use this online site to decode bin to text

http://www.roubaixinteractive.com/PlayGround/Binary_Conversion/Binary_To_Text.asp

Newbie_Cracker · #5 07-14-2016, 20:54

Quote:

Originally Posted by niculaita

use this online site to decode bin to text

http://www.roubaixinteractive.com/PlayGround/Binary_Conversion/Binary_To_Text.asp

Code:

r9+LM+PWhcRk>'Q"Kghe

What is the correct password? It didn't work too !

I don't understand why he made it complicated. It seems b30wulf likes puzzles so much !

xobor · #6 07-15-2016, 21:19

Quote:

Originally Posted by Newbie_Cracker

Code:

r9+LM+PWhcRk>'Q"Kghe

What is the correct password? It didn't work too !

I don't understand why he made it complicated. It seems b30wulf likes puzzles so much !

complicated? not so much I guess

niculaita · #7 07-15-2016, 07:12

r9+LM+PWhcRk>'Q"Kghe is corect for me
use winrar v5.xx to desarchive from www.rarlab.com

Newbie_Cracker · #8 07-15-2016, 16:53

Quote:

Originally Posted by niculaita

r9+LM+PWhcRk>'Q"Kghe is corect for me
use winrar v5.xx to desarchive from www.rarlab.com

Oh, mine was v5.00 beta 8.
Now the file was decompressed.

CryptXor · #9 07-15-2016, 17:20

Yeah that is the password, but rather a different form of the password.

Hint: A solid, liquid or gas are just different forms of a substance

I am also pretty sure this is incomplete, going by what is in the express package. Thanks for the share anyway.

CryptXor · #10 07-19-2016, 20:19

Here is a bit of a Frankenstein package. I combined the pro from here with bits out of the express package to get a "more complete" pro version (i.e including syelog).

Hopefully it will be useful, and is the 2nd best thing to a full pro package

.

Download:

Code:

https://userscloud.com/ib0jgs2z7x1h
https://1fichier.com/?94rxfs3b86
https://openload.co/f/zW4nT6tvWAg/Detours_Pro_v3.0.7z
https://clicknupload.link/ttu6umlr8xkx

Password attached. Please don't just mirror the file/password.

ragdog · #11 04-07-2017, 00:21

Hello

Any chance to download it without password?
I have no permission to access to donwloads.

Regards,

mrfearless · #12 04-07-2017, 05:40

MinHook - The Minimalistic x86/x64 API Hooking Library for Windows
https://github.com/TsudaKageyu/minhook

Might be useful for someone looking for something similar to detours.

mak · #13 07-13-2017, 05:15

Detours Version 3.0 Build 341

https://www.microsoft.com/en-us/down....aspx?id=52586

Date Published:
6/12/2017

espkk · #14 08-28-2017, 22:17

What happened to Detours? Now there is Detours Version 3.0 Build_343 which seems to include Pro features (and there is no mention of the Express version)

Conquest · #15 08-29-2017, 00:24

Quote:

Originally Posted by espkk

What happened to Detours? Now there is Detours Version 3.0 Build_343 which seems to include Pro features (and there is no mention of the Express version)

https://www.microsoft.com/en-us/download/details.aspx?id=52586

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
SignatureToDetour: Converts IDA Pro signatures to C++ Detours	sh3dow	Source Code	2	01-23-2017 21:14
microsoft ddk	kP^	General Discussion	3	10-20-2003 20:39

The Following 6 Users Say Thank You to atom0s For This Useful Post:
chants (09-02-2018), NeWOT (08-12-2016), sh3dow (05-13-2016), xenocidewiki (05-13-2016)

The Following User Says Thank You to niculaita For This Useful Post:
Newbie_Cracker (07-14-2016)

The Following 2 Users Say Thank You to niculaita For This Useful Post:
chants (07-19-2016), Newbie_Cracker (07-15-2016)

The Following 7 Users Say Thank You to CryptXor For This Useful Post:
alephz (07-22-2016), besoeso (07-19-2016), new_profile (11-06-2016), niculaita (07-20-2016), ontryit (07-31-2016), ragdog (04-07-2017), TechLord (07-20-2016)

The Following 2 Users Say Thank You to mrfearless For This Useful Post:
niculaita (07-14-2017), ragdog (04-07-2017)

The Following User Says Thank You to mak For This Useful Post:
niculaita (07-14-2017)