Information AboutHooking |
| CATEGORIES ABOUT HOOKING | |
| control flow | |
|
Hooking in Programming is a technique employing so called ''hooks'' to make a chain of procedures as an Event Handler . Thus, after the handled event occurs, Control Flow follows the chain in specific order. The new hook registers its own address as handler for the event and is expected to call the original handler at some point, usually at the end. Each hook is required to pass execution to the previous handler, eventually arriving to the default one, otherwise the chain is broken. Unregistering the hook means setting the original procedure as the event handler. Hooking can be used for many purposes including debugging and extending original functionality, but can also be misused to inject (potentially malicious) code to the event handler - for example in Rootkit s, which try to make themselves invisible by faking the output of API calls which would otherwise reveal their existence. A special form of hooking employs intercepting the library functions calls made by a process. Function hooking is implemented by changing the very first few code instructions of the target function to jump to an injected code. Detours is a general purpose function hooking library created by Microsoft Research. TextCapture is a screen scraping library using function hooking to intercept text rendering methods. SEE ALSO |
|
|