deroko

custom gpa spy

Rating: 2 votes, 1.50 average.
http://forums.accessroot.com/index.php?showtopic=7513

read above topic to know how this idea was born well actually this idea was in my mind for almost a two years, but never found it useful to fully develop working code, but after reading this topic, and comments at posted link, I've decided to give it a go status.

In short : at above link, you will find link to the other site which has statistic of used functions in common files. On other hand, many are missed due to GetProcAddress, and not to mention many being missed due to custom GetProcAddress. So how to spy custom GetProcAddress!?!? well read the code and you will see.

This could be useful for protection profiling, and there are some other ways which I would use to deal with this, but for now, it seems ok, just so you get the basic idea. code is really messy, as I hate writing ring3 debuggers...

full code and sample binary:
http://deroko.phearless.org/export_log.rar

Submit "custom gpa spy" to Digg Submit "custom gpa spy" to del.icio.us Submit "custom gpa spy" to StumbleUpon Submit "custom gpa spy" to Google

Categories
Uncategorized

Comments