Dibya Posted December 8, 2018 Share Posted December 8, 2018 Hi everyone, Is their any way to redirect api in XP? For example in a configuration file I mention c:\programfiles\Filezilla , then all api of kernel32 will be redirected to c:\wrappers\kernelex.dll Link to comment Share on other sites More sharing options...
dencorso Posted December 8, 2018 Share Posted December 8, 2018 I told you that once, way back when... the most perfect (and difficult) way to do it is to locate kernel32, ntdll, hal and if necessary ntkrnl in-memory and hook 'em there. It has the great advantage the simply by removing the module responsible for doing that restores the system to a plain-vanilla state. This should be done early during boot, preferably at the end of the 1st phase or (more difficult still) at the beginning of the 2nd phase. To do so requires much more savy programming than I ever attained, but I'm positive it's possible to be done. If you follow Alex Ionescu's twitter, you're sure to find some people able to do that. He himself obvously is one of those, but I doubt he'd be much interested in that, now that he became world-famous. But his twitter is a good place to meet others of like ability, and make some interesting friends. Sorry I cannot myself be of more help. 1 Link to comment Share on other sites More sharing options...
404notfound Posted December 8, 2018 Share Posted December 8, 2018 Hehe, while we're at it regarding friends, try your luck at irc.freenode.net, #winapi channel. 2 Link to comment Share on other sites More sharing options...
Dibya Posted December 9, 2018 Author Share Posted December 9, 2018 Alright I will check them out. 2 Link to comment Share on other sites More sharing options...
dencorso Posted December 12, 2018 Share Posted December 12, 2018 10 hours ago, Dibya said: Extended kernel is cancelled for better one core API. Link to comment Share on other sites More sharing options...
Recommended Posts