mamaich
05-02-2006, 12:42 PM
Occasionally I've found this page - http://blogs.msdn.com/sloh/archive/2005/05/27/422605.aspx
It has an interesting code at the bottom. I've already made a program that can hook system calls, I'll try to hook EnterCriticalSection and WaitForMultipleObjects and force them to use that code. Maybe this would reduce the occasional lockdowns.
I've made such a program. It gave no noticeable improvements for me, but I've attached it to this post with source code.
Source code would be interesting to people, who need to hook kernel functions that are implemented in nk.exe.
The function uses LoadKernelLibrary to load DLL, DLL relocates SystemAPISets table to writeable memory and hooks needed functions.
Code has no comments and looks ugly, but is short and should be easy to understand.
It has an interesting code at the bottom. I've already made a program that can hook system calls, I'll try to hook EnterCriticalSection and WaitForMultipleObjects and force them to use that code. Maybe this would reduce the occasional lockdowns.
I've made such a program. It gave no noticeable improvements for me, but I've attached it to this post with source code.
Source code would be interesting to people, who need to hook kernel functions that are implemented in nk.exe.
The function uses LoadKernelLibrary to load DLL, DLL relocates SystemAPISets table to writeable memory and hooks needed functions.
Code has no comments and looks ugly, but is short and should be easy to understand.