Hello all,
I am working on a project that requires hooking printing
functionality. After looking through MSDN, I’ve found that the
majority of the printing API is stored in “Winspool.drv”. To hook the
APIs, I am using Detours
(http://research.microsoft.com/en-us/projects/detours/). I’ve used
detours to hook several different APIs (ntdll, kernel32.dll,
user32.dll, etc.), however, I cannot get Detours to hook
“Winspool.drv”. I think the issue is that “winspool” is a kernel
module which requires additional privileges.
Does anyone know of a way I could hook “Winspool.drv”? If not, is
there a different approach I could use to hook printing?
Thanks,
J
What are you trying to accomplish that leads you to this route?
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Jonathon
Sent: Sunday, September 27, 2009 8:35 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] Using Detours to hook Print API (winspool.drv)
Hello all,
I am working on a project that requires hooking printing
functionality. After looking through MSDN, I’ve found that the
majority of the printing API is stored in “Winspool.drv”. To hook the
APIs, I am using Detours
(http://research.microsoft.com/en-us/projects/detours/). I’ve used
detours to hook several different APIs (ntdll, kernel32.dll,
user32.dll, etc.), however, I cannot get Detours to hook
“Winspool.drv”. I think the issue is that “winspool” is a kernel
module which requires additional privileges.
Does anyone know of a way I could hook “Winspool.drv”? If not, is
there a different approach I could use to hook printing?
Thanks,
J
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
I need to programmatically detect when a user has attempted to print a
document and if so, log the attempt along with some other useful
information. Basically, I just need to intervene when the user wants
to print stuff. Any ideas?
Thanks!
J
On Sun, Sep 27, 2009 at 8:43 PM, Skywing wrote:
> What are you trying to accomplish that leads you to this route?
>
> - S
>
> -----Original Message-----
> From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Jonathon
> Sent: Sunday, September 27, 2009 8:35 PM
> To: Windows System Software Devs Interest List
> Subject: [ntdev] Using Detours to hook Print API (winspool.drv)
>
> Hello all,
>
> I am working on a project that requires hooking printing
> functionality. ?After looking through MSDN, I’ve found that the
> majority of the printing API is stored in “Winspool.drv”. ?To hook the
> APIs, I am using Detours
> (http://research.microsoft.com/en-us/projects/detours/). ?I’ve used
> detours to hook several different APIs (ntdll, kernel32.dll,
> user32.dll, etc.), however, I cannot get Detours to hook
> “Winspool.drv”. ?I think the issue is that “winspool” is a kernel
> module which requires additional privileges.
>
> Does anyone know of a way I could hook “Winspool.drv”? ?If not, is
> there a different approach I could use to hook printing?
>
> Thanks,
> J
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
>