[wdmaudiodev] Re: Capturing protected audio using MS Detours

• From: Etienne Dechamps <etienne@xxxxxxxxxxxx>
• To: wdmaudiodev@xxxxxxxxxxxxx
• Date: Wed, 04 Sep 2013 19:50:31 +0100

On 04/09/2013 17:34, ambrish dantrey wrote:

I just did a POC which captures audio data using MS detours. All I did
was to detour GetBuffer() and ReleaseBuffer() calls and dump audio data
in a file. I have tested it out and it seem to be working fine.

I was wondering how this POC will behave with protected content (HBR
audio data usually available with BDs). Will it be able to capture
protected data?

Theoretically, no: AFAIK, you cannot access the memory of a protected process from a non-protected one, you cannot attach a non-protected debugger to a protected process, and you cannot inject an unsigned DLL into a protected process. I'm not sure what method Detours uses to install its hooks, but whatever it is, it will probably fail for one of these reasons.

--
Etienne Dechamps
******************

WDMAUDIODEV addresses:
Post message: mailto:wdmaudiodev@xxxxxxxxxxxxx
Subscribe:    mailto:wdmaudiodev-request@xxxxxxxxxxxxx?subject=subscribe
Unsubscribe:  mailto:wdmaudiodev-request@xxxxxxxxxxxxx?subject=unsubscribe
Moderator:    mailto:wdmaudiodev-moderators@xxxxxxxxxxxxx

URL to WDMAUDIODEV page:
http://www.wdmaudiodev.com/

• References:
  • [wdmaudiodev] Capturing protected audio using MS Detours
    • From: ambrish dantrey

Other related posts:

• » [wdmaudiodev] Capturing protected audio using MS Detours- ambrish dantrey
• » [wdmaudiodev] Re: Capturing protected audio using MS Detours- Matthew van Eerde
• » [wdmaudiodev] Re: Capturing protected audio using MS Detours - Etienne Dechamps
• » [wdmaudiodev] Re: Capturing protected audio using MS Detours- ambrish dantrey
• » [wdmaudiodev] Re: Capturing protected audio using MS Detours- Matthew van Eerde

1. Home
2. wdmaudiodev
3. Archive
4. 09-2013

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---