Comments (8)
nixxo
commented on May 18, 2024
1
Log for 0.4.9
4256 do_inject 190 Version: 0.4.9
4256 do_inject 191 DLL: C:\Users\Utente\scoop\apps\clink\current\clink_dll_x64.dll
4256 do_inject 193 Parent pid: 3912
4256 check_dll_version 52 DLL version: 00000004 0009b2fe
4256 do_inject_impl 283 Creating remote thread at 00000000776A60B0 with parameter 0000000000530000
3912 set_rl_readline_name 58 Setting rl_readline_name to 'cmd.exe'
3912 hook_trap_veh 120 VEH hit - caller is 000000004A5E1A98.
3912 hook_jmp 408 Attemping jump hook.
3912 hook_jmp 409 Target is kernel32.dll, ReadConsoleW @ 00000000776FA610
3912 hook_jmp_impl 351 Attempting to hook at 00000000776FA610 with 000007FED99463A0
3912 get_instruction_length 316 Matched prolog E85EBEE9 (mask = 000000FF)
3912 hook_jmp 419 Success!
3912 hook_iat 77 Attempting to hook IAT for module 000007FED9940000
3912 hook_iat 78 Target is (null),ReadConsoleW (by_name=1)
3912 iterate_imports 94 Checking imports in 'dbghelp.dll'
3912 iterate_imports 94 Checking imports in 'KERNEL32.dll'
3912 hook_iat 104 Found import at 000007FED99A1210 (value = 00000000776FA610)
3912 hook_iat 77 Attempting to hook IAT for module 000000004A5E0000
3912 hook_iat 78 Target is (null),WriteConsoleW (by_name=1)
3912 iterate_imports 94 Checking imports in 'msvcrt.dll'
3912 iterate_imports 94 Checking imports in 'ntdll.dll'
3912 iterate_imports 94 Checking imports in 'KERNEL32.dll'
3912 hook_iat 104 Found import at 000000004A6095F8 (value = 00000000776A2D80)
3912 hook_iat 77 Attempting to hook IAT for module 000007FED9940000
3912 hook_iat 78 Target is (null),WriteConsoleW (by_name=1)
3912 iterate_imports 94 Checking imports in 'dbghelp.dll'
3912 iterate_imports 94 Checking imports in 'KERNEL32.dll'
3912 hook_iat 104 Found import at 000007FED99A1180 (value = 00000000776A2D80)
3912 hook_iat 77 Attempting to hook IAT for module 000000004A5E0000
3912 hook_iat 78 Target is (null),SetEnvironmentVariableW (by_name=1)
3912 iterate_imports 94 Checking imports in 'msvcrt.dll'
3912 iterate_imports 94 Checking imports in 'ntdll.dll'
3912 iterate_imports 94 Checking imports in 'KERNEL32.dll'
3912 hook_iat 104 Found import at 000000004A609690 (value = 00000000776A5F20)
3912 hook_iat 77 Attempting to hook IAT for module 000007FED9940000
3912 hook_iat 78 Target is (null),SetEnvironmentVariableW (by_name=1)
3912 iterate_imports 94 Checking imports in 'dbghelp.dll'
3912 iterate_imports 94 Checking imports in 'KERNEL32.dll'
3912 hook_iat 104 Found import at 000007FED99A1198 (value = 00000000776A5F20)
3912 initialise_fwrite 185 Disabling ANSI support. Found 'conemuhk64.dll'
Log for 1.1.8
1388 hook_setter::hook_setter 36 >>> Started hook transaction.
1388 hook_iat 53 Attempting to hook IAT for module 000000004A5E0000
1388 hook_iat 54 Target is (null),SetEnvironmentVariableW (by_name=1)
1388 pe_info::iterate_imports 154 Checking imports in 'msvcrt.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'ntdll.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'KERNEL32.dll'
1388 hook_iat 81 Found import at 000000004A609690 (value = 00000000776A5F20)
1388 hook_iat 53 Attempting to hook IAT for module 000007FEC8780000
1388 hook_iat 54 Target is (null),SetEnvironmentVariableW (by_name=1)
1388 pe_info::iterate_imports 154 Checking imports in 'VERSION.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'SHLWAPI.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'dbghelp.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'KERNEL32.dll'
1388 hook_iat 81 Found import at 000007FEC88381D0 (value = 00000000776A5F20)
1388 hook_iat 53 Attempting to hook IAT for module 000000004A5E0000
1388 hook_iat 54 Target is (null),WriteConsoleW (by_name=1)
1388 pe_info::iterate_imports 154 Checking imports in 'msvcrt.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'ntdll.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'KERNEL32.dll'
1388 hook_iat 81 Found import at 000000004A6095F8 (value = 00000000776A2D80)
1388 hook_iat 53 Attempting to hook IAT for module 000007FEC8780000
1388 hook_iat 54 Target is (null),WriteConsoleW (by_name=1)
1388 pe_info::iterate_imports 154 Checking imports in 'VERSION.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'SHLWAPI.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'dbghelp.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'KERNEL32.dll'
1388 hook_iat 81 Found import at 000007FEC88380C8 (value = 00000000776A2D80)
1388 hook_iat 53 Attempting to hook IAT for module 000000004A5E0000
1388 hook_iat 54 Target is (null),GetEnvironmentVariableW (by_name=1)
1388 pe_info::iterate_imports 154 Checking imports in 'msvcrt.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'ntdll.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'KERNEL32.dll'
1388 hook_iat 81 Found import at 000000004A609668 (value = 00000000776A80F0)
1388 hook_iat 53 Attempting to hook IAT for module 000007FEC8780000
1388 hook_iat 54 Target is (null),GetEnvironmentVariableW (by_name=1)
1388 pe_info::iterate_imports 154 Checking imports in 'VERSION.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'SHLWAPI.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'dbghelp.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'KERNEL32.dll'
1388 hook_iat 81 Found import at 000007FEC88381C8 (value = 00000000776A80F0)
1388 hook_setter::commit 88 <<< Hook transaction committed.
1388 hook_iat 53 Attempting to hook IAT for module 000000004A5E0000
1388 hook_iat 54 Target is (null),GetEnvironmentVariableW (by_name=1)
1388 pe_info::iterate_imports 154 Checking imports in 'msvcrt.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'ntdll.dll'
1388 pe_info::iterate_imports 154 Checking imports in 'KERNEL32.dll'
1388 hook_iat 81 Found import at 000000004A609668 (value = 000007FEC878D380)
1388 hook_setter::hook_setter 36 >>> Started hook transaction.
1388 hook_setter::add_detour 119 Attempting to hook ReadConsoleW in kernelbase.dll with 000007FEC878D6F0.
1388 hook_setter::add_detour 123 Unable to find ReadConsoleW in kernelbase.dll.
1388 hook_setter::commit 88 <<< Hook transaction committed.
I think the problem is 1388 hook_setter::add_detour 123 Unable to find ReadConsoleW in kernelbase.dll.
from clink.
nixxo
commented on May 18, 2024
1
I think, for the very little experience that I have, that ReadConsoleW does not exist in kernelbase.dll on win7 (at least on my machine)
I opened kernel32.dll with an hex editor and looked for the string ReadConsoleW and found it but doing so in kernelbase.dll gives no result.
Maybe on win7 you just have to hook on the kernel32.dll (like 0.4.9 clink) instead on hooking kernelbase.dll
I just checked downloading from here https://www.dll-files.com/kernelbase.dll.html the kernelbase.dll of win10 and the string ReadConsoleW is present in the dll. So microsoft moved some functions from kernel32 to kernelbase I suppose.
from clink.
chrisant996
commented on May 18, 2024
1
Thanks for saving me time by researching it for me!
Can you try v1.1.10?
I've made Clink try to hook ReadConsoleW in whichever of kernelbase.dll and kernel32.dll contain it (either or both). It's working on Win10 still, and I temporarily made some changes to emulate some aspects of if it were to run on Win7 and I think it will work on Win7 now.
from clink.
nixxo
commented on May 18, 2024
1
It works:
1798 hook_setter::hook_setter 36 >>> Started hook transaction.
1798 hook_setter::add_detour 119 Attempting to hook ReadConsoleW in kernel32.dll with 000007FECAC2DAE0.
1798 add_repair_iat_node 135 Attempting to hook IAT for module 000007FECAC20000.
1798 add_repair_iat_node 143 Target is ReadConsoleW (by name).
1798 pe_info::iterate_imports 154 Checking imports in 'VERSION.dll'
1798 pe_info::iterate_imports 154 Checking imports in 'SHLWAPI.dll'
1798 pe_info::iterate_imports 154 Checking imports in 'dbghelp.dll'
1798 pe_info::iterate_imports 154 Checking imports in 'KERNEL32.dll'
1798 add_repair_iat_node 168 Found import at 000007FECACDC1C0 (value is 000000007723A610).
1798 hook_setter::commit 88 <<< Hook transaction committed.
1798 history_db::initialise 789 master bank ctag: |CTAG_1608233236_76284_5784_0
1798 history_db::compact 922 History: 0 active, 0 deleted
from clink.
j-lecrivain
commented on May 18, 2024
1
Working wonderfully. Thanks you for fast fixing @chrisant996.
from clink.
nixxo
commented on May 18, 2024
ups, clicked Close instead of comment.
from clink.
chrisant996
commented on May 18, 2024
Thank you for the logs! Yes, the problem is the failure to find ReadConsoleW in kernelbase.dll.
This looks like a Windows 7 compatibility issue in Clink.
I'll have to dig a bit to find a solution for Windows 7.
from clink.
chrisant996
commented on May 18, 2024
Excellent. Thank you for the fast confirmation!
from clink.
Related Issues (20)
- Feature: Please add support for command line aliases HOT 6
- Put a bunch of files in Cmder's profile.d directory and got a CMD batch recursion error HOT 7
- how to remove the default headers? HOT 1
- Change auto completion key HOT 11
- q: win10 't' key is not printed when pressed HOT 4
- Installed but no usable inside Terminal HOT 10
- How do I disable suggestions? HOT 2
- Support disabling option "wrap text output on resize" HOT 12
- Extra newline before prompt when using quiet mode HOT 1
- `cd -` intercept interferes with `cd` doskey alias HOT 6
- LS_COLORS error messages HOT 5
- mistake
- Problems in `set /p` HOT 5
- Creating files and directories in the system in portable mode. HOT 5
- [Security] lua used in this project is vulnerable HOT 5
- Combine Auto-Suggestions(HotKey: Right)and Completion(HotKey: Tab)into one, Use Tab as the shortcut key of them ? HOT 2
- Powershell Support HOT 2
- Run lua script at startup, but on demand HOT 3
- Clink doesn
- Clink is attached to anaconda prompt HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from clink.