Re: SetWindowsHooksEx
- From: "Skywing [MVP]" <skywing_NO_SPAM_@xxxxxxxxxxxxxxxxxxx>
- Date: Wed, 9 Aug 2006 12:56:59 -0400
No, it isn't exported anyway; user32 and perhaps winsrv have the call stub
static linked but not exported.
In any case, win32k has some security checks built in; you must have
sufficient rights granted on the target desktop to perform the operation,
and there is an additional check to verify that you have the same logon
session id as the target application (unless the target application threads
desktop has the DF_ALLOWOTHERACCOUNTHOOK flag which is not set by default)
before the injection is permitted.
--
Ken Johnson (Skywing)
Windows SDK MVP
<euacela@xxxxxxxxx> wrote in message
news:1155116847.669674.12760@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I am intereseted because I want to write a security aplication in
kernel mode and I beleive that microsoft is abusing of insecurity. This
function actually writes in a process memory usualy a dll and you know
where that could get you . . . . if it a malicious attack.
this function is exported by ntdll right ?
Eugene Gershnik wrote:
euacela@xxxxxxxxx wrote:
Hi,
I was wondering what lower function SetWindowsHooksEx calls.
NtUserSetWindowsHookEx system call. Google reveals that quite a few
people
seem to be interested in it.
Why do you care?
--
Eugene
http://www.gershnik.com
.
- References:
- SetWindowsHooksEx
- From: euacela@xxxxxxxxx
- Re: SetWindowsHooksEx
- From: Eugene Gershnik
- Re: SetWindowsHooksEx
- From: euacela@xxxxxxxxx
- SetWindowsHooksEx
- Prev by Date: Re: waveInOpen and waveOutOpen return MMSYSERR_ALLOCATED
- Next by Date: Re: EnumChildWindows()
- Previous by thread: Re: SetWindowsHooksEx
- Next by thread: Filter Driver to Invert Mouse
- Index(es):
Relevant Pages
|
