Monday, December 17, 2007

Release uhooker v1.3

What's uhooker?:

A tool to intercept and manipulate execution of programs. It enables the user to insert hooks in function calls and arbitrary addresses within the executable file in memory. The hooks handlers are written in Python and can be changed at runtime without the need to restart the inspected process.

Download:

http://oss.coresecurity.com/uhooker/release/1.3/uhooker_v1.3.tgz

http://oss.coresecurity.com/uhooker/release/1.3/uhooker_v1.3.zip



more info:

http://oss.coresecurity.com/projects/uhooker.htm

http://oss.coresecurity.com/uhooker/doc/index.html


Some Videos:

http://oss.coresecurity.com/uhooker/doc/uhooker_changeconnect.wmv
http://oss.coresecurity.com/uhooker/doc/uhooker_sendhex.wmv



What's new in uhooker v1.3?
===========================

-Several bug fixes, everything should work better than before :)

-Fixed bug with readunicode() API where reading empty multibyte strings,
resulted in the plugin freezing for ever.

-Now you can load multiple .CFG files (load one, then load another to hook
something else, etc). Previously, you were only allowed to load one .CFG file
with breakpoints/handlers definitions. Now you can load as many as you like
whenever you want.

-If a .CFG file overlaps previously set hooks, you have the chance
to redefine them (for example, you can dinamically change the
file/function handling the breakpoint. This adds to the feature
present since the first version of uhooker that allows runtime rewriting
of the handler's code).


-Errors in the code of the handlers (written in python) are now correctly handled.

-Previously, if you had an error in the code you wrote to handle
certain breakpoint, this caused the 'uhooker's python server' to
'crash', and you needed to restart your debugging session all over
again.

This scenario was very common, particuarly if you were developing
your own handler/script for the first time, or if you were
modifying at runtime the code of a handler/script.


Well, no more! :), Now if you have an error (syntax error,
identation error, general programming error,etc), the error that
your handler has will be displayed on the uhooker's console, and
you'll be able to recover from that error. This improvement means:

1-If an error occurs on the code, you don't
need to restart the debugger's session (and lose
the state of the program, etc.).

2-If you are changing in runtime the code of the
handler, and you makee a mistake, you'll see what
caused the error, and you can fix the script/handler
and move on!.


-and there are probably more things but I didn't write them down and now I dont't remember :).

8 comments:

Anonymous said...

Hey dude you are using feedburner but you are not using it correctly. In blog spot you have to setup "published feed" as feed burner and then in your layout add a "subscribe" link copy&pasting feedburner javascript, do you get it vieja?

hernan said...

hahah, really? ok, I think I corrected the error, let me know :).

Thanks!,
Hernan

Anonymous said...

looks like a very very very nice tool i saw the video and tried to do the thing with msn but when i am trying to run the tcp hook i am getting no module named win32api am i doing something worng do i need to add something

hernan said...

You need to have the pywin32 api installed. You can get it here:

http://sourceforge.net/projects/pywin32/

sorry :). Please let me know if it works!.

Anonymous said...

it works now but getting my cpu in 100% when playing with msn any ideas y

p.s do u have email that we can talk ?

hernan said...

yes manD! it's all over the place! :)

hernan [at] gmail.com

hernan said...

yes manD! it's all over the place! :)

hernan [at] gmail.com

Unknown said...

dear sir

recently i ve been read uhooker at your website
http://hexale.blogspot.com/2007/12/release-uhooker-v13.html

nice tool great!!!!!!!!!!

-----

i am a newbie here please guide me

can uhooker become global dll inject in windows xp ? and hooker every
function calls that point to winsock connect()

i want to create apps in python that load uhooker (without ollydbg)

please guide me !!!

----

if you dont mind can i get some script in python




ttd

twantakur