Inside and Out...

An attempt to understand technology better...
  Home  |   Contact  |   Syndication    |   Login
  160 Posts | 0 Stories | 12 Comments | 181 Trackbacks

News


WinToolZone - Spelunking Microsoft Technologies
I work as a developer on the Common Language Runtime (CLR) team, specifically in the areas of exception handling and CLR hosting.
Disclaimer

The information in this weblog is provided "AS IS" with no warranties, and confers no rights. This weblog does not represent the thoughts, intentions, plans or strategies of my employer. It is solely my opinion. Inappropriate comments will be deleted at the authors discretion. All code samples are provided "AS IS" without warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

Twitter





Tag Cloud


Archives

Post Categories

Image Galleries

Links

Sunday, December 23, 2007 #

Using Detours for API interception

Detours is a very interesting library from Microsoft Research that allows you to intercept Windows API calls that an application makes and redirect them to your code that can then:

  1. do some pre-and-post processing work around the call to the original API, and/or
  2. customize what is returned to the caller of the API

This does not involve accessing original application source code and can be done at runtime!

For an example, check the screenshot below for a sample that intercepts calls to GetVersionEx API by an application and displays the OS version details. The first output is the original OS version information when the application invokes GetVersionEx. The second output is when the application is launched by my wrapper application that enabled GetVersionEx interception and returns the version details specified at the command line:

Output from a Detours API interception

For those interested, you can download the complete sample source code from here.

Posted On Sunday, December 23, 2007 11:18 AM | Feedback (0)