Alternatives to MadCHook.dll

Grinning Fool · Joined: 12 Feb 2005 Posts: 264

::headdesk::
Alright, I've been every route I can think of with this. The build works perfectly under Windows, but under WINE... the hook doesn't hook. The DLL never gets injected.

I've checked filenames, wine settings, ini settings, and just about anything else that comes to mind, up to and including making the changes manually and building my own copy. Does anyone have any suggestions for what I could be missing? The only thing that strikes me is that I"m running a later version of wine than previously tested, 9.52

Results were confirmed by adding a quick little module dump to the code:

xeopherith · Joined: 14 Dec 2007 Posts: 8

If you compiled it yourself you may just want to use these already compiled files: http://nwvault.ign.com/View.php?view=NWN2Other.Detail&id=163

They are supposedly confirmed working with wine. I know it works for me on win2003 64bit.

If you want to try sending me your files I can try running them to see if they work on my system. I also have ubuntu loaded with wine and its probably 6 months or so old.

Grinning Fool · Joined: 12 Feb 2005 Posts: 264

That's actually the first thing I tried. Below is a to a zip with my files; if they also work, I guess that'll make it safe to assume it's related to the WINE version. I have gotten the same (lack of) results even with no plugins present, so the zip file contains only the 'core' files. This version includes a 10 second delay (needed to allow all libraries to load) followed by the output of loaded module list.

Thanks for the help Smile

http://dev.khalidine.com:8001/misc/NWNX_GF.zip

Another thing I've noticed is that when no module is loaded, NWN2server under wine (without nwnx) uses a constant 6% CPU; while after the module is loaded, it's 18-20% constant. The same scenario on Windows is 0-1%, and 1-2% respectively. Have you seen anything similar?

Hmm... the only other thing worth noting is that my binaries are built against the Visual Studio SP1 version of the runtimes; though I have not been able to find any record of issues with it.

Still, I'll try again tonight using non-sp1 runtimes and the compiled version from nwvault. I'd hate to have to revert the SP1 install to use this though...
_________________
Khalidine, a NWN2 persistent world

Looking for volunteers.

cadderly · Joined: 05 Dec 2007 Posts: 8

Grinning Fool · Joined: 12 Feb 2005 Posts: 264

Alright, so...

- confirmed that it wasn't SP1, b/c the downloadable binaries on nwvault are also sp1
- ran a completely new install, "plain vanilla", including removing the ".wine" directory and recreating it.
- Used the downloadable version of the exe/dll files.

Still, the same results. Everything appears to run fine but the hook dll neve gets attached to the nwn2server process ,under WINE only.

I'm out of ideas, unfortunately. xeopherith, did you have any luck with the binaries I linked to in yesterday's post?
_________________
Khalidine, a NWN2 persistent world

Looking for volunteers.

Urlord · Joined: 17 Nov 2006 Posts: 122

I am trying to install NWN2Server and NWNX4 on a Windows Vista x64 box. Do you have any suggestions?
_________________
Jim (aka, Urlord)
Visit the Persistent World of Nymri

Papillon · x-man Joined: 28 Dec 2004 Posts: 1060 Location: Germany

How many people had success with the Detours hooking method on windows (32 and 64 bit), and how many did not ?

I would like to find out whether Detours is ready for becoming the official hooking method.
_________________
Papillon

chaoslink · Joined: 23 Aug 2006 Posts: 37

I'm using code I pulled from detours to hook a few functions very successfully under Linux.

For some reason I'm not able to hook SetString under windows properly. The function is detoured correctly, but then when I try to call the trampoline I get an access violation. Looks like the function I hooked depends upon ebx(?) and my function is overwriting it. I don't have a good enough understanding of this yet to tell what exactly is going on.

*edit: this is with NWNX2 and NWN1, so it may not have any bearing on the discussion.

Gryphyn · Joined: 20 Jan 2005 Posts: 431

A More Complete DLL Injection Solution Using CreateRemoteThread

Have a look at the above link.
(I know it works with windows, you may be able to adapt it for Linux)

No MadChook, no Detours (although it works similarly)

Drew Benton (the author) has a series on 'CodeCaves' (code hooking) on the same site.

Cheers
Gryphyn

chaoslink · Joined: 23 Aug 2006 Posts: 37

From what I can tell, this is just injecting a DLL, not redirecting an existing function.

Detours actually provides functions to handle starting a process and injecting the DLL as well as hooking the function.

Grinning Fool · Joined: 12 Feb 2005 Posts: 264

Gryphyn · Joined: 20 Jan 2005 Posts: 431

Yes, that's the DLL Injection stuff...
The 'CodeCave' articles are about hooking. From what I've read it's an indepth article of hooking functions (much the way detours does it)

Anyways...
Virusman gave you the clue, and it's now in the main code - 'prototyping' to find/mask your 'entry-point'. eg.

chaoslink · Joined: 23 Aug 2006 Posts: 37

Gryphyn · Joined: 20 Jan 2005 Posts: 431

GodBeastX · Joined: 09 Aug 2006 Posts: 65

I thought detours had injection functions? I only work with licensed version here, not the open version. Maybe someone could fill me in.

The NWNX Community Forum