C Sample

[sefai]

Hello all,

Is there a C sample?

Regards,

[mxmauro]

Hi. Pure C sample no but there are C++ ones.

[sefai]

Thank you @mxmauro

I am looking at the CTest sample. Command line parameters state that there is an option to add a Custom handler for each hook:

-ch=file: Custom handler to add to each hook (can be specified more than once).�

Is there a sample for this custom handler?

Regards,

[mxmauro]

Hi @sefai, yes you have RegistryPlugin sample. On C# you have Registry and FilePlugin. You can use them on CTest too.

[sefai]

@mxmauro I am sorry, but I couldn't understand what that plugin is doing.

I want to change the returned value (an _out parameter) from a kernel32 method call. How can I do this? Is there any guide or documentation that I can read so that I will stop distracting you?

Regards,

[sefai]

@mxmauro OK, I am making progress, I successfully changed the parameter. Now, I am trying to store some value on PreCall and use that value on PostCall. I see that there is WriteIntercallData and ReadIntercallData for that purpose, but I couldn't find any samples on how to use them. Can you help?

PS: By the way, the from at address http://forum.nektra.com/forum/ seems to be down. I can only search on it using Google Cache. Are you guys aware of it?

Regards,

[bo3b]

Still Dead! Google cache is now empty! WayBackMachine has no info! Terrific resource lost!

[Helios-vmg]

@bo3b I will look into it.

[bo3b]

Awesome, thank you for responding. I was worried that you had abandoned Deviare.

[vlucky]

nektra forum is still has the issue [SQL ERROR as above mentioned]. could anybody fix the issue, please?

Could you please provide C++ sample for custom dll (INktSpyMgr::LoadCustomDll) with functions exported and how to call & pass the string parameter in C++ client?

Currently I did the following:

custom DLL: exported function
__declspec(dllexport) HRESULT WINAPI fnCustom1(SIZE_T nParam1){
MessageBox(...);
}

in the client loaded the dll, (I can see load and unload events from LogPrint()), calling like,
CComVariant vtParam;
vtParam = L"This is text from client";
and calling lpSpyMgr->CallCustomApi() with (&vtParam) as one of parameter.

But this one not working. If I export function without parameters, I can call the function and see the message box from target process.

Thanks.

[vlucky]

Could anybody please reply?

[mxmauro]

Hi @vlucky,

You must provide a VT_I#/VT_UI#/VT_INT/VT_UINT or an array of VT_I#/VT_UI# (up to four items). You can create an array with SafeArrayCreateVector... i.e.:

VARIANT vt;

vt.vt = VT_ARRAY | VT_UINT;
vt.parray = SafeArrayCreateVector(VT_UINT, 0, 4)

And use SafeArray apis to store the values in the array before calling CallCustomApi

[vlucky]

Thanks @mxmauro ,

might be dumb question, but can I pass string too using above method?

[mxmauro]

No. Only integer values that the called function will receive. If you need to pass complex data, use VirtualAllocEx and WriteProcessMemory to write the data in the target process and pass the pointer as the parameter.