T
T
Ternick2020-10-02 19:22:34
C++ / C#
Ternick, 2020-10-02 19:22:34

What is the best way to implement the program?

There is an idea for a small program that will intercept the write to the file and the file name, and then save the file somewhere.

The bottom line is that recently, due to a bad flash drive, a Word document was lost. {The Word document was saved immediately to a flash drive and the Word was closed, then the flash drive was opened and the file turned out to be broken, in the hex editor everything is filled with FF, i.e. nothing.} No viruses were found, most likely the flash drive was not removed correctly or something like that.

An interesting idea arose, to write a program that will inject into certain processes and intercept function calls that are used to write to a file, and write them in the right place additionally.

There are questions about how to find out the name of the file to be written to and what functions will need to be intercepted.

In principle, the idea is fully described, I’m just interested in writing something similar for myself, even if not ideal. Perhaps there is an option for an easier implementation of such a program. Maybe someone was interested in something similar or has already seen an open-source program with at least similar functionality and is it possible to write this?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
E
Evgeny Petryaev, 2020-10-02
@Gremlin92

Interceptions are not taught anywhere

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question