home *** CD-ROM | disk | FTP | other *** search

---

/ Developer Source 4 / developer source - volume 4.iso / msysj / dec94 / piet14.gif

< prev

next >

Graphics Interchange Format  |  1996-06-12  |  86KB  |  583x397  |  4-bit (16 colors)

Labels: text | screenshot | rectangle | font | number
OCR: Target Process USER32.DLL Import Address Table Real Address (function of GetMessage pointers) Save all registers GetMessage Push arguments code (function name, byte JMP DWORD params, etc.) on stack PTR (XXXXXXXX) call LogFunctionCall() Restore all registers JMP ( YYYYYYYY) 'GetMessage" Byte encoded param info GetMessage Call to GetMessage in program Array of pointers to API interception stubs (built by LOADAPIS.C/INTRCPT.C) Figure 4 Spy DLL Builds a Stub for GetMessage

---