NOTICE:
To prevent abuse, we are stopping development on CodeNapper... We may release it in the Microsoft Detours fashion (very expensive) to prevent hacker kiddies from getting ahold of it... If anybody is interested in API-Hooking or DLL-Injection for a legitmate use, contact me and I'll point you in the right direction
CodeNapper is a library I wrote to assist me in developing FreeStyle... Since there's been so many delays with FreeStyle, I've decided to release this library to the public. The examples are lacking right now, but it's fairly simple to understand what's going on.
Here's a Description:
CodeNapper is an API-Hooking / DLL-Injecting library. It's more-or-less an inexpensive form of Microsoft Detours.
The Free version allows you to simply replace one function with another. This can be used to replace an API call with something else, or for software protection schemes. A common use would be to modify the way Windows renders something. For example, one of the included examples replaces DrawFocusRect_() with an alpha-blended rectangle.
If you register, the capabilities are greatly expanded. Trampoline functions allow your 'Replacement' function to call the 'Original' function to expand its capabilities, or simply log it's use... This could be used to monitor packets with/without disturbing them. DLL Injection allows you to force any running application to load your dll and execute it. This can be used to write addons for existing applications such as Messengers or even your web browser... With these capabilities combined, you could write something that injects itself into all running programs and changes their behavior. The posibilites are endless.
Hi polyvector, as you know im a beta tester for you (hehe how would you
forget that ) and this is a very cool lib. I used it for some anti-disassembling etc. I voted that i would be interesting in paying, but
as i said, depends on price, very much.
Well I'm not sure what the going-rate is for this sort of lib since there aren't very many, and Microsoft Detours only has a "Contact us for Licensing" link...
I want to keep this low-cost... What do you think a fair price would be?
i dunno what price should be. I havent seen anything like this before, but as
you mention microsoft has one. But still it should be a purebasic library, as
i already said once on your irc chan.
btw: how did the dll get that big? I remember it to be very small. Anyway,
if its maked as a PB userlib with TailBite, i think exe size will be smaller
as it only includes needed code.
maybe, but still, say your app is a small shareware app. lets say 45 kb.
Now lets say author wants to program registration and protection himself,
and finds you lib to do a part of it. I would choose not to use it because its nearly 50% bigger than the app itself.
Procedure HelloWorld()
MessageRequester("Notice","Hello, how are you?")
ProcedureReturn
Procedure New_HelloWorld()
MessageRequester("New Notice","HelloWorld now calls New_HelloWorld()")
ProcedureReturn
HelloWorld(); Makes a simple call to HelloWorld()
ReplaceFunction(@HelloWorld(),@New_HelloWorld()); Replaces a function
HelloWorld(); Makes a call to New_HelloWorld()!!!
The main power here is the ability to change or extend already compiled code, such as the Windows API...
@thefool
The lib will shrink down to arround 20k-30k once DisASMCommand() can work inside DLLs... A lot of the size is due to an OpCode index...
> The main power here is the ability to change or extend already compiled code
So this will work with ANY Win32 app -- not just our PureBasic apps? So if
we change MessageBox to something else, then every Win32 app that calls
MessageBox will use our code instead? Sounds dangerous... 8O
I compile using 5.31 (x86) on Win 7 Ultimate (64-bit).
"PureBasic won't be object oriented, period" - Fred.
So this will work with ANY Win32 app -- not just our PureBasic apps? So if
we change MessageBox to something else, then every Win32 app that calls
MessageBox will use our code instead? Sounds dangerous...
No, It will change MessageBox for your app... If you write your app in a DLL and use my injection function to inject it into other apps, you can effectivly change every app...
Shannara wrote:So I may be possible to remove the VB runtime library from vb applications,.. but replacing it with your own
If you could somehow recreate 5 megs of undocumented code, you would simply replace the DLL with your own... This is not what my library is intended for...
A real-world use of my library would be, say, modifying file read-write API calls to access virtual encrypted files located in memory (In the same way that Thinstall works)
Notice:
I'm temperarily removing the file from our servers because of something that was recently brought to our attention... Apparently there's been a rash of people using this kind of library with a malicious intent! Even madCodeHook has experienced this...
The main threat lies in the ability to create programs that can't be terminated or applications that block Anti-Virus software from operating... The potential for mis-use is enormous, and this is why most companies charge such a high price for this type of library. They don't want the average hacker to be able to simply download it or buy it for $25... The danger is that you can bypass basicly any security and this is not something Skunksoft wants to have any part with...
I'll talk it over with the rest of the team and see what we come up with... But it's looking like we may have to drop this project...
) and this is a very cool lib. I used it for some anti-disassembling etc. I voted that i would be interesting in paying, but
