Search

'IT/후킹(HOOK)'에 해당되는 글 1건

  1. 2011.02.10 About User Mode Hook

About User Mode Hook

IT/후킹(HOOK) 2011. 2. 10. 19:38 Posted by Imtraveller
반응형

About Shell Extension Hook 

Creating a shell extension with C#
http://www.codeproject.com/KB/cs/dateparser.aspx

About Shell Extension Hook
http://www.codeguru.com/Cpp/COM-Tech/shell/article.php/c4515/

Working with Shell Extensions in th MSDN
http://msdn.microsoft.com/en-us/library/ff468984(v=VS.85).aspx

Win7에서 ShellExecuteHooks등록 방법 및 문제점 접근 방법 기술
http://social.msdn.microsoft.com/Forums/en/windowssecurity/thread/f61f8179-fc87-4cef-b795-10bc93bc9eee

[중요 글귀]

The IShellExecuteHook Interface Dynamic Link Libraries (DLLs), Microsoft has “turned off” this COM interface for Windows Vista™ since the older hooks crashing the Windows Vista™ Shell. The interface can be turned on by the following setting:

Computer\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

EnableShellExecuteHooks=1 (DWORD)

Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

EnableShellExecuteHooks=1 (DWORD)    


What’s sad is that Microsoft isn’t offering any alternatives. However, there appears turning points, because an alternative to writing a IShellExecuteHook DLL is to hook the ShellExecute(), ShellExecuteEx() and IsUserAnAdmin()Function

반응형