hello all

please help me in starting a interrupt hooking program

for checking if a file is opened in read/write mode
and do some thing

thanx
Posted on 2009-09-10 05:28:38 by aloksaini
Look up SetWindowsHookEx at msdn and google for some code.
http://msdn.microsoft.com/en-us/library/ms644990(VS.85).aspx
Posted on 2009-09-10 14:48:00 by GoldStar611
Wrong answer - he wants to hook BIOS Interrupts - you can't use any Windows API to do that - in particular, he wants to know how to hook INT 13.

Writing interrupt hooks is quite easy - installing interrupt hooks under NT systems is not so straightforward.
Care to elaborate apon what you are trying to achieve?

Posted on 2009-09-11 00:03:36 by Homer
ya homer is write

i want to hook 13h function in bios mode

please help me

give some code
please
Posted on 2009-09-11 10:35:38 by aloksaini

The interrupt table is stored in what they call 'zero page' memory - that means it begins at address 0.
What you need to do is read the pointer that is currently stored in the table for interrupt 13.
This pointer is currently pointing to the 'OLD' interrupt handler code.

Now write your chunk of code (your 'NEW' interrupt handler), at the end of your code you need to jump to the OLD handler, whose address you obtained earlier.

Finally, overwrite the OLD pointer in the interrupt table with the address of your NEW handler.

Posted on 2009-09-11 10:44:42 by Homer
i have writed the code

but i want to know

what is the scope of this handler

means it will active for till my application is running
or i have to make my program a tsr
Posted on 2009-09-13 07:35:00 by aloksaini

ya homer is write

i want to hook 13h function in bios mode

please help me

give some code
please


Can you show us what you have written so far ?

Could you try to put some punctuation in your sentences.

Thanks.

Posted on 2009-09-13 13:37:01 by skywalker
I guess you're trying to do this under DOS? Makes no sense if under Windows, anyway.

For DOS, yeah, you will have to make your program TSR, or write it as a device driver.
Posted on 2009-09-13 16:04:48 by f0dder

;here is the program for handling interrupt 21h
.model small                      ;declare model small
.stack 100h                      ; declare 100h long stack
.data                              ;data segment here
old_int_segment dw ?        ;variable for storing int segment address
old_int_offset dw ?          ;variable for storing int offset address
.code                            ; code segment start here
start:                            ; start label
mov ah,35h                    ;35h function in ah for
mov al,21h                      ; interrupt number for getting its address
int 21                            ;go do it
mov old_int_segment,es    ; save the segment address
mov old_int_offset,bx        ; save the offset address
mov ah,25h                      ;function for setting handler
mov al,21h                      ; interrupt function to change handler
mov dx,offset int_21 handler  ; address of the new handler
int 21                              ;go do it
int_21_handler:                ;hanler of int
.                            ; do any thing
.
.
db 0eah                    ;for jmping in real int handler
.
.
.                            ;exit


help me to make this making tsr

thanxxxx
Posted on 2009-09-14 07:59:34 by aloksaini
http://www.ctyme.com/intr/rb-2723.htm use that when exiting your program..
Posted on 2009-09-14 08:48:31 by lone_samurai5
ok DUDE, thats crap.

If you were to HOOK int 21, you cant CALL it !!!
Self Entrancy!

If you HOOKED an interrupt, your hook code needs to call the OLD int handler, NOT generate an interrupt!
Posted on 2009-09-14 08:58:04 by Homer
then dude show mw how to do that
Posted on 2009-09-15 00:44:27 by aloksaini
Not going to happen.
I really want to teach, I will choose my students.
You want to learn machine layer?
Show me your work, prove it.
Posted on 2009-09-15 03:52:00 by Homer

;here is the program for handling interrupt 21h
.model small                      ;declare model small
.stack 100h                      ; declare 100h long stack
.data                              ;data segment here
old_int_segment dw ?        ;variable for storing int segment address
old_int_offset dw ?          ;variable for storing int offset address
.code                            ; code segment start here
start:                            ; start label
mov ah,35h                    ;35h function in ah for
mov al,21h                      ; interrupt number for getting its address
db 0eah                              ;go do it
mov old_int_segment,es    ; save the segment address
mov old_int_offset,bx        ; save the offset address
mov ah,25h                      ;function for setting handler
mov al,21h                      ; interrupt function to change handler
mov dx,offset int_21 handler  ; address of the new handler
db 0eah                                ;go do it
mov ah,35h                          ; make program tsr
mov dx,2h                          ;no of paragraphs
db 0eah                              ;call old int handler
int_21_handler:                ;hanler of int
.                            ; do any thing
.
.
db 0eah                    ;for jmping in real int handler
end start

is this all right?
Posted on 2009-09-15 06:04:53 by aloksaini
;  div286.asm    Tasm code         
;    Divide fault interrupt handler  AK  Jan 2003                                   
;    Demonstrated using divfault.exe program
;    Removed code specific to Tasm Ideal Mode
;    Works thru Win 98 in a Dos box  See divfault.asm for demo
;            Uses only 848 bytes of memory                                                                                                                   

.model        tiny

.code

org          100h

start:           
            jmp          begin

welcome      db          13,10, 'Divide-Fault Handler Installed'
            db          13,10, 'Address = ',0
                         
string      db          40 dup(?)

divfault    proc
            sti
            push        bp
            mov          bp,sp
            push        si
            push        ds
            lds          si,
            lodsw
            and          ah,0c0h
            cmp          ah,0c0h
            je          @@10
            add word ptr ,2
            ;add          ,2  ; Used in Tasm Ideal Mode
@@10:
           


            add word ptr ,2
            ;add          ,2
            xor          ax,ax
            pop          ds
            pop          si
            pop          bp
            iret
endp        divfault

begin:
            mov          ax,2500h
            mov          dx,offset divfault
            int          21h
            mov          di,offset welcome
            call        strwrite
            mov          ax,cs
            call        showax
            mov          dl,':'
            mov          ah,2
            int          21h
            mov          ax,offset divfault
            call        showax
            call        newline
exit:
            mov          dx,offset begin
            int          27h

showax      proc
            mov          cx,4
            mov          di,offset string
            call        bintoaschex
            call        strwrite
            ret
endp        showax

bintoaschex  proc
            push        bx
            mov          bx,16
            call        numtoascii
            pop          bx
            ret
endp        bintoaschex

numtoascii  proc
            push        dx
            push        di
            push        si
            xor          si,si
            jcxz        @@20
@@12:
            xor          dx,dx
            div          bx
            call        hexdigit
            push        dx
            inc          si
            loop        @@12
@@20:
            inc          cx
            or          ax,ax
            jnz          @@12
            mov          cx,si
            jcxz        @@40
            cld
@@30:
            pop          ax
            stosb
            loop        @@30
@@40:
            ;mov          ,0
            mov        byte ptr ,0
            pop          si
            pop          di
            pop          dx
            ret
endp        numtoascii

hexdigit      proc
            cmp          dl,10
            jb          @@11
            add          dl,'A'-10
            ret
@@11:
            or          dl,'0'
            ret
endp        hexdigit

newline      proc
            mov          ah,2
            mov          dl,13
            int          21h
            mov          dl,10
            int          21h
            ret
endp        newline

strwrite    proc
            call        strlength

strwrite2    proc
            push        ax
            push        bx
            push        dx
            mov          bx,1
            mov          dx,di
            mov          ah,40h
            int          21h
            pop          dx
            pop          bx
            pop          ax
            ret
endp        strwrite2
endp        strwrite
strlength      proc

            push        ax
            push        di
            xor          al,al
            mov          cx,0ffffh
            cld
            repnz        scasb
            not          cx
            dec          cx
            pop          di
            pop          ax
            ret
endp        strlength
end          start

Posted on 2009-09-15 09:19:13 by skywalker
thanx dude

but can you comment it?

im a beginner
Posted on 2009-09-16 00:34:44 by aloksaini