API tracer
SpeaklessAmanda opened this issue · comments
It seems that only the Windows API function can be hooked. I am trying to hook the underlying c language implementation of PHP, I just cannot get any reult. Does decaf only hook Windows API?
For Windows VMI, there is a list of modules for symbol extraction. The
function you hook must be an export function for that module, and that
module must appear in this list. If not, you can add your module in this
list, so the offsets of export functions in that module can be resolved.
https://github.com/decaf-project/DECAF/blob/master/decaf/shared/windows_vmi.cpp#L92
Thanks,
Heng
…On Tue, Oct 8, 2019 at 2:53 AM SpeaklessAmanda ***@***.***> wrote:
It seems that only the Windows API function can be hooked. I am trying to
hook the underlying c language implementation of PHP, I just cannot get any
reult. Does decaf only hook Windows API?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#74?email_source=notifications&email_token=AAWJ2RXE6O2YSPWRTDF5WXDQNRKB7A5CNFSM4I6PQTCKYY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4HQJSY2Q>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAWJ2RRM6RT6H7HCD7HFQVTQNRKB7ANCNFSM4I6PQTCA>
.