Category Archives: Hooking/Detours

NDIS Hooking Source Code

Leave a reply

Code hooking is a very good tool for the programmer – specifically when chasing down bugs.  When building your NDIS hooking source code, be sure to visit Komodia’s free NDIS guide and resource page.  There is a lot of free – yet extremely valuable – information about all things NDIS.  This includes, but is not limited to, NDIS passthru information, intermediate drivers, and protocol drivers.

Chris

NDIS Hooking Source Code

Leave a reply

NDIS (Network Driver Interface Specification) makes it possible for varying transport protocols to communicate with the network adapters (and any other hardware device).  When you are looking for NDIS specific information (like a NDIS hooking source code), the best place to find everything you may need is Komodia’s free NDIS guide.

Komodia’s NDIS free guide answers questions and provides information for all things network driver interface related.  From the NDIS hooking source code to the NDIS passthru and more.

Chris

Intercept DNS port

Leave a reply

Intercept DNS port can be done with number of ways:

  • NSP, which is very rare and very hard to implement.
  • Detours/hooking, you can hook the DNS functions using a commercial hooking library, just make sure that the library you purchase supports 64bit.
  • Use Komodia’s Redirector SDK to easily do it for you.

Barak

Hooking Winsock

Leave a reply

Hooking Winsock is one way to allow the programmer to intercept Winsock2 calls, this way has advantages and disadvantages. Advantages:

  • No need to install anything.
  • Easy to learn.

Disadvantages:

  • For commercial products requires a commercial hooking library.
  • For 64bit there’s only Microsoft Detours which costs a small fortune.
  • On Vista and above you have to deal with injection security enforcement.

Barak