This is gold, thank you for dropping this gem and sharing your knowledge. You break things down such that a noob C programmer like myself can understand what is going on.
Hello, Pavel! I appreciate your efforts to share your valuable knowledge and experience! Thank you! I tested this injection method on Windows 11 Pro (version 23H2, build 22631.2506) and assigned tid didn't appear in process explorer. But injection was successful. Also keystrokes are not passed to the console. On Windows 10 everything works fine.
Excellent video, Mr. Pavel. I have learned a lot from your videos and books. I would like to ask if you are planning to develop a program for measuring system latency.
@@zodiacon The delay present in my activities, from clicking the mouse to playing a game, probably should have led me to ask you whether Windows Performance Analyzer adequately covers the aspect of measurements in games, within the system, and for individual device drivers. I apologize if I wasn't clear. It seems I should inquire whether the Windows Performance Analyzer comprehensively addresses the measurements required for gaming, system-wide, and for individual device drivers.
It's not WPA per-se, it's the various ETW providers and events. Generally speaking, yes, although it depends on exactly what you are trying to identify.
I personally make modifications, and I've reached a point where it's challenging, if not impossible, to discern differences in the latency aspect, speaking specifically about DPC & ISR in drivers, for example, graphics cards. That's why I decided to write this message. Could you please create a video on this suite of programs to explain what we should pay attention to and under what conditions we should conduct our measurements?@@zodiacon
Thanks for the sharing the video! Is there anyway to detect if there is program(process) injected things like this? My keyboard Shift+H, Shift+G are intermittently not working.
This is gold, thank you for dropping this gem and sharing your knowledge. You break things down such that a noob C programmer like myself can understand what is going on.
Really wonderful content Pavel. Great reference material. Thank you.
Hello, Pavel! I appreciate your efforts to share your valuable knowledge and experience! Thank you! I tested this injection method on Windows 11 Pro (version 23H2, build 22631.2506) and assigned tid didn't appear in process explorer. But injection was successful. Also keystrokes are not passed to the console. On Windows 10 everything works fine.
The source is available at github.com/zodiacon/youtubecode. Feel free to debug :)
I seem to have found the same, the GetMessage loop just ends
Excellent video, Mr. Pavel. I have learned a lot from your videos and books. I would like to ask if you are planning to develop a program for measuring system latency.
What does "system latency" mean to you?
@@zodiacon The delay present in my activities, from clicking the mouse to playing a game, probably should have led me to ask you whether Windows Performance Analyzer adequately covers the aspect of measurements in games, within the system, and for individual device drivers. I apologize if I wasn't clear. It seems I should inquire whether the Windows Performance Analyzer comprehensively addresses the measurements required for gaming, system-wide, and for individual device drivers.
It's not WPA per-se, it's the various ETW providers and events. Generally speaking, yes, although it depends on exactly what you are trying to identify.
I personally make modifications, and I've reached a point where it's challenging, if not impossible, to discern differences in the latency aspect, speaking specifically about DPC & ISR in drivers, for example, graphics cards. That's why I decided to write this message.
Could you please create a video on this suite of programs to explain what we should pay attention to and under what conditions we should conduct our measurements?@@zodiacon
Thanks for the sharing the video! Is there anyway to detect if there is program(process) injected things like this? My keyboard Shift+H, Shift+G are intermittently not working.
You'll have to dig into a process, looking for suspicious DLLs, checking their exports, or setting breakpoints in certain APIs like CallNextHookEx
I am getting an error where it keeps saying hDll could be '0; this does not adhere to the specification for the function 'GetProcAddress'
Are you sure it's an error? It's probably a warning at best.
Can u make a video about reversing windows finding communication methods etc ?
I don't like reversing enough to make videos about it...
Will the anti-virus flag this program as a keylogger?
No