OS: Windows 8 / Windows 7 "Application" reads registry key 1 when it starts. Basically key 1 holds information regarding display positioning relative to the main display. What I want to develop is a small piece of software that prevents App from reading key 1, instead redirects it towards reading key 2. Basically what I want is to fake the position of one display as seen by App. I cannot modify App, and I do not know how the reading is done. All I have is a registry event viewer, so I know who/when/what reads/writes to the registry, so I can track what App reads. ANY suggestions/comments are welcome. Can it be done? (of course, in a reasonable period of time... like a few days/weeks or so) What would one need to know in order to start such a project?
One would need to know how to hook an API so that if the request was from this app, for this registry key, the other key would be returned. Not difficult programming, but not something that most programmers have done.
Hmmm... ok. Seems there's quite a few things to learn before starting something like this. I found some documentation, but not much on the subject. Either I don't know where to look, or there's not really much out there. Thanks for the suggestion. It will be a challenge, for sure, I hope I'll get some good results.
Learn programming. Learn x86 assembly. Learn how Windows does APIs. Learn how Windows handles a call to return a registry value. Then write a hook that checks who the caller is, and what key is wanted, and if it's the program you want to fool, and if it's looking for that key, return the value of the other key. This sort of thing was common in DOS - writing TSRs (Terminate and Stay Resident) to hook keyboard input, screen output, anything that DOS didn't handle well enough for your purpose. A quick Google search produced http://en.wikipedia.org/wiki/Hooking and http://pushret.wordpress.com/2012/06/15/windows-api-hooking-by-code-overwrite-2/