Wednesday, November 07, 2007

Simple script to automatically generate uhooker hooks

I've just uploaded a very simple script that can be used to automatically generate hooks for all the functions exported by a DLL to be used with uhooker.

So, let's say you want to intercept all the functions exported by kernel32.dll? well,
having to write by hand the .cfg file and the .py file with the handlers can be a daunting task :), it has hundreds of functions.

So, instead of doing that, just use genhooks.py like this:


genhooks.py -f kernel32.dll -t b -c kernel32.cfg -p kernel32.py




-f: specifies the name of the DLL
-t: specifies the hook type. b = before, a = after, * = address (you would normally use b or a)
-c: OPTIONAL. specifies the name of the .cfg file. if it is not specified, the dllname_without_the_extesion.cfg will be used
-p: OPTIONAL. name of the .py file with the hooks for all the functions. if it is not specified the dllname_without_the_extension.py will be used.



And that's it. It's a very simple script that I coded 300 hundred times already, the only difference is that now I'm keeping a copy around :).

The script can be found here:

http://oss.coresecurity.com/uhooker/doc/index.html#scripts


Direct download link:


http://oss.coresecurity.com/uhooker/scripts/genhooks.py

2 comments:

Anonymous said...

Thanks man. Uhooker is now a very handy tool in my toolkit. Best regards. =)

hernan said...

Cool!, Thanks!. :).
Please let me know if you have any specific feature you want in the tool and of any bugs!