发表新帖
发表新帖

How does Microsoft Detours work and how do I use it to get a stack trace?

后端 未结
关注
4 722
清酒与你
清酒与你 2020-12-04 09:18

I am new to Microsoft Detours. I have installed it to trace the system calls a process makes. I run the following commands which I got from the web

syelogd.e
4条回答
  • 失恋的感觉
    失恋的感觉 (楼主)
    2020-12-04 09:46

    Instead of detours (which is free for 32-bit only) or easyhook (which is, khm, a little bit messy code) you may want to check out mhook 2.4 which is very neat code and BSD-licensed. Works on x86 and x64, handles IP-relative code, etc.

    There's also a thorough description on how it works at the site.

    alt text

    As for the stack backtrace, you can use CaptureStackBackTrace() from kernel32, or if you want to get fancy, use StackWalk64() from dbghelp.

    0 讨论(0)
 看不清?
提交回复
热议问题