DllCall Expert, please an help

07/04/2014 13:38 2DayNow#1

Guten Morgen :D
I need you guys and only this forum can help me. I want to convert another language to autoit, is a couple of lines:
hxxps://github.com/Drugoy/Autohotkey-scripts-.ahk/blob/master/hyde/test%20hyde.ahk

This is my attempt, i think only the first DllCall is correct:

Code:

OnAutoItExitRegister("_Exit")

Global $hMod, $hHook

$hMod = DllCall("Kernel32.dll", "Ptr", "LoadLibrary", "Str", "hyde.dll")
If $hMod[0] Then
	MsgBox(0, "Success", "Success!")
Else
	MsgBox(0, "Failed", "Failed!")
EndIf

Func _Exit()
	If IsArray($hMod) Then
		Local $aResult = DllCall("kernel32.dll", "bool", "FreeLibrary", "handle", $hMod)
		If $aResult[0] Then
			MsgBox(0, "Success", "Success!")
		Else
			MsgBox(0, "Failed", "Failed!")
		EndIf
	EndIf
	If IsArray($hHook) Then
		Local $aResult = DllCall("user32.dll", "bool", "UnhookWindowsHookEx", "handle", $hHook)
		If $aResult[0] Then
			MsgBox(0, "Success", "Success!")
		Else
			MsgBox(0, "Failed", "Failed!")
		EndIf
	EndIf
EndFunc   ;==>_Exit

Any help to complete that script and make it work?
Danke :D

07/04/2014 17:24 BladeTiger12#2

Maybe try to use "#RequireAdmin".

07/04/2014 18:45 KDeluxe#3

Code:

#RequireAdmin

OnAutoItExitRegister("_Exit")
HotKeySet("{ESC}", "_Exit")

Global $dllFile, $module, $hook

;If @AutoItX64 == 0 Then
If @OSArch == "X86" Then
    $dllFile = "hyde.dll"
Else
    $dllFile = "hyde64.dll"
EndIf

If Not FileExists($dllFile) Then
    MsgBox(16, "Error", $dllFile & " does not exist!")
Else
    $module = DllCall("Kernel32.dll", "ptr", "LoadLibraryA", "str", $dllFile)
    If @error Then
        MsgBox(16, "Error", "LoadLibraryA failed!" & @CRLF & "@error: " & @error)
    ElseIf $module[0] == 0 Then
        MsgBox(16, "Error", "LoadLibraryA failed!")
    Else
        $procAddress = DllCall("Kernel32.dll", "ptr", "GetProcAddress", "ptr", $module, "str", "CBTProc") ; I changed it from "CBProc" to "CBTProc", http://msdn.microsoft.com/ms644977.aspx
        If @error Then
            MsgBox(16, "Error", "GetProcAddress failed!" & @CRLF & "@error: " & @error)
        ElseIf $procAddress[0] == 0 Then
            MsgBox(16, "Error", "GetProcAddress failed!")
        Else
            $hook = DllCall("User32.dll", "ptr", "SetWindowsHookEx", "int", 5, "ptr", $procAddress[0], "ptr", $module[0], "DWORD", 0)
            If @error Then
                MsgBox(16, "Error", "SetWindowsHookEx failed!" & @CRLF & "@error: " & @error)
            ElseIf $procAddress[0] == 0 Then
                MsgBox(16, "Error", "SetWindowsHookEx failed!")
            Else
                MsgBox(64, "Success", "Success!")

                While True ; prevent application from closing
                    Sleep(10)
                WEnd
            EndIf
        EndIf
    EndIf
EndIf

Func _Exit()
	If IsArray($module) Then DllCall("Kernel32.dll", "BOOL", "FreeLibrary", "ptr", $module[0])
	If IsArray($hook) Then DllCall("User32.dll", "BOOL", "UnhookWindowsHookEx", "ptr", $hook[0])
    Exit
EndFunc

You can also use an alternative injection function.

07/04/2014 19:25 2DayNow#4

KDeluxe, many many thanks for the effort ;)
I have try your script, i don't have any error but only the MsgBox(64, "Success", "Success")

But...don't seems it work:
[Only registered and activated users can see links. Click Here To Register...]

I have make the test on a VM with XP SP3 32 bit, i'll try also on 7 if necessary but i don't think the result will be different
Thanks again

EDIT: Tested on 7 with both 32 and 64 bit executable, same result i can always see the process in the task.

07/04/2014 21:06 KDeluxe#5

The posted AHK script on GitHub doesn't work either (for another reason). Try it with another injection function.

Spoiler

07/04/2014 23:32 2DayNow#6

The AHK script on github work, i have tested it before post. You need to use the correct unicode version based on your architecture:
hxxp://ahkscript.org/download/

Anyway i don't care about that code, the goal is make the injection in a way. Tomorrow i'll test both script and let you know, thanks.

EDIT: No man both script not work :(
I don't have any error but like the previus i can always see the process in the task

P.S. You have forget:

Spoiler

EDIT2: If you need it, this is the original thread:
[Only registered and activated users can see links. Click Here To Register...]

07/08/2014 15:01 2DayNow#7

bump?

07/08/2014 18:01 KDeluxe#8

Do you have the source code from the hyde.dll? I looked at the original thread and now I know why an alternative injection method can not work.
The While() loop is not necessary for the last script but it can't work anyway.

... unless you inject the .dll into all processes:

Spoiler

But I don't know how exactly the hyde.dll works, that's the reason why I want to have a look at the source code.

07/08/2014 18:42 2DayNow#9

No i don't have the source ( the link of dropbox is suspended ) but i have make a post in the ahk forum "Broken links" thread, if someone has it i'll post the link here or directly the code in the tags

The only things i know is that use the MHOOK library v2.3:
[Only registered and activated users can see links. Click Here To Register...]

The new version is here:
[Only registered and activated users can see links. Click Here To Register...]

07/29/2014 09:28 2DayNow#10

Finally, someone has post the source and now i get it, see attachment
KDeluxe is all in your hand :D

07/29/2014 11:00 KDeluxe#11

There are a few things that could be changed in the source code, but that's not required. The first script I posted contains two errors, both in the same line.

Quote:

$procAddress = DllCall("Kernel32.dll", "ptr", "GetProcAddress", "ptr", $module, "str", "CBTProc")

The correct line would be:

Code:

$procAddress = DllCall("Kernel32.dll", "ptr", "GetProcAddress", "ptr", $module[0], "str", "CBProc")

Spoiler

07/29/2014 13:10 2DayNow#12

Very nice, finally i see that script working, thanks :D

I have only two last questions for you:
1) Is possible to inject that DLL in another process instead? In any case seems you can only use for 64 Bit executable on x64 system, you can't inject a 32 Bit executable also using hyde.dll and not hyde64.dll on a x64 system. Can you confirm this behavior?
2) Do you know why not work on Windows 8?