MinHook – The Minimalistic x86/x64 API Hooking Library (fork)

MinHook is a Windows API hooking library originally written by Tsuda Kageyu.
It’s probably the best free WinAPI library out there which supports both x86 and x64.
But it’s not perfect, and didn’t completely fit my needs, so I created a fork on GitHub which addresses some of its limitations.

Below you’ll see how the fork improves upon the original MinHook library.

Added the ability to enable/disable multiple hooks in one go

This was the most critical limitation for me.

Enabling or disabling a hook is a very expensive operation. In order to safely enable/disable a hook, all the process’ threads must be suspended, and resumed after the trampoline is patched. With the original API you couldn’t avoid doing this for every hook you enable or disable.

The fork introduces new APIs for efficiently enabling/disabling multiple hooks in one go: MH_QueueEnableHook, MH_QueueDisableHook and MH_ApplyQueued.

By calling MH_QueueEnableHook or MH_QueueDisableHook multiple times, the hooks aren’t actually get enabled or disabled, but are merely flagged for the desired change. Then, when MH_ApplyQueued is called, all the flagged hooks are enabled/disabled in one go. The process’ threads get suspended and resumed only once, instead of every time for each enabled or disabled hook.

Also, the MH_EnableHook and MH_DisableHook functions can now be called with the MH_ALL_HOOKS parameter, which will efficiently enable or disable all created hooks.

The result: toggling 100 hooks could take about 700 ms (almost one second!) with the old APIs, but takes only 6 ms with the new APIs. (source)

Fixed bugs and improved compatibility

In short: now it works with more functions, and will correctly fail if a function can’t be hooked (instead of corrupting other functions).
For more details see here.

Removed Boost dependency

This is not as critical as the previous limitations, but is definitely an improvement.

Download

Get the latest release of the MinHook fork here.

Posted in Programming by RaMMicHaeL at September 30th, 2013.
Tags:

6 Responses to “MinHook – The Minimalistic x86/x64 API Hooking Library (fork)”

  1. nvda_u says:

    I have compiled a release build of the engine,
    but i don’t know how to hook the native API ?

  2. sinny says:

    recently tried your fork – thanks for all the work

    the thing is, i tried it using cross-compilation on linux (using mingw) – it was a success, but some patches to the code were needed

    so, i’m wondering if you are interested in some feedback to make it more compatible or not

    i am by no means familiar with all there is to portability issues out there, but still: if you are interested – you know who to poke )

    p.s. writing here because it was the first way of communicating with you on the topic that came to my mind

Leave a Reply