-
-
潜水党求助:关于API HOOK
-
发表于: 2011-3-8 00:33
-
#include <windows.h>
#define _EXPORTDLL
typedef int (WINAPI *MyHookProc)(HWND hWnd ,LPCWSTR lpText,LPCWSTR lpCaption,UINT uType);
char NewAddress[5]={(char)0xe9};
char OldAddress[5]={0};
HINSTANCE hsethook=NULL;
HHOOK hook=NULL;
int
WINAPI
pMessageBoxW(HWND hWnd ,LPCWSTR lpText,LPCWSTR lpCaption,UINT uType)
{
MessageBox(NULL,"my hook",0,0);
return 0;
}
BOOL APIENTRY DllMain (HINSTANCE hInst /* Library instance handle. */ ,
DWORD reason /* Reason this function is being called. */ ,
LPVOID reserved /* Not used. */ )
{
HMODULE libModule=NULL;
MyHookProc sysproc=NULL;
DWORD rid=0,wid=0;
DWORD jmptoaddr=0;
switch (reason)
{
case DLL_PROCESS_ATTACH:
hsethook=hInst;
libModule=LoadLibrary("user32.dll");
if(libModule==NULL)
{
MessageBox(NULL,"load user32.dll error !","error",0);
return 0;
}
sysproc=(MyHookProc)GetProcAddress(libModule,"MessageBoxW");
if(sysproc==NULL)
{
MessageBox(NULL,"Get proc address error !","error",0);
return 0;
}
if(!ReadProcessMemory(INVALID_HANDLE_VALUE,sysproc,OldAddress,5,&rid))
{
MessageBox(NULL,"read process memory error !","error",0);
return 0;
}
jmptoaddr=(DWORD)pMessageBoxW-(DWORD)sysproc-5;
memcpy(NewAddress+1,&jmptoaddr,4);
if(!WriteProcessMemory(INVALID_HANDLE_VALUE,sysproc,NewAddress,5,&wid))
{
MessageBox(NULL,"write process memory error !","error",0);
return 0;
}
break;
case DLL_PROCESS_DETACH://话说错误就在这里,但不知该如何改
if(!WriteProcessMemory(INVALID_HANDLE_VALUE,sysproc,OldAddress,5,&wid))
{
char txt[100];sprintf(txt,"%d",GetLastError());
MessageBox(NULL,txt,"exit error",0);
return 0;
}
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
}
/* Returns TRUE on success, FALSE on failure */
return TRUE;
}
LRESULT CALLBACK MouseHookProc(int code, WPARAM wParam, LPARAM lParam)
{
return CallNextHookEx(hook,code,wParam,lParam);
}
__declspec(dllexport)int SetHook(void)
{
hook=SetWindowsHookEx(WH_GETMESSAGE,(HOOKPROC)MouseHookProc,hsethook,0);
if(hook==NULL)
{
return -1;
}
return 0;
}
__declspec(dllexport) int UnHook(void)
{
if(!UnhookWindowsHookEx(hook)){
char txt[100];sprintf(txt,"%d",GetLastError());
MessageBox(NULL,txt,"unhook error",0);
return 0;
}
return -1;
}
看看这个代码缺少什么东西,该如何改进..
#define _EXPORTDLL
typedef int (WINAPI *MyHookProc)(HWND hWnd ,LPCWSTR lpText,LPCWSTR lpCaption,UINT uType);
char NewAddress[5]={(char)0xe9};
char OldAddress[5]={0};
HINSTANCE hsethook=NULL;
HHOOK hook=NULL;
int
WINAPI
pMessageBoxW(HWND hWnd ,LPCWSTR lpText,LPCWSTR lpCaption,UINT uType)
{
MessageBox(NULL,"my hook",0,0);
return 0;
}
BOOL APIENTRY DllMain (HINSTANCE hInst /* Library instance handle. */ ,
DWORD reason /* Reason this function is being called. */ ,
LPVOID reserved /* Not used. */ )
{
HMODULE libModule=NULL;
MyHookProc sysproc=NULL;
DWORD rid=0,wid=0;
DWORD jmptoaddr=0;
switch (reason)
{
case DLL_PROCESS_ATTACH:
hsethook=hInst;
libModule=LoadLibrary("user32.dll");
if(libModule==NULL)
{
MessageBox(NULL,"load user32.dll error !","error",0);
return 0;
}
sysproc=(MyHookProc)GetProcAddress(libModule,"MessageBoxW");
if(sysproc==NULL)
{
MessageBox(NULL,"Get proc address error !","error",0);
return 0;
}
if(!ReadProcessMemory(INVALID_HANDLE_VALUE,sysproc,OldAddress,5,&rid))
{
MessageBox(NULL,"read process memory error !","error",0);
return 0;
}
jmptoaddr=(DWORD)pMessageBoxW-(DWORD)sysproc-5;
memcpy(NewAddress+1,&jmptoaddr,4);
if(!WriteProcessMemory(INVALID_HANDLE_VALUE,sysproc,NewAddress,5,&wid))
{
MessageBox(NULL,"write process memory error !","error",0);
return 0;
}
break;
case DLL_PROCESS_DETACH://话说错误就在这里,但不知该如何改
if(!WriteProcessMemory(INVALID_HANDLE_VALUE,sysproc,OldAddress,5,&wid))
{
char txt[100];sprintf(txt,"%d",GetLastError());
MessageBox(NULL,txt,"exit error",0);
return 0;
}
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
}
/* Returns TRUE on success, FALSE on failure */
return TRUE;
}
LRESULT CALLBACK MouseHookProc(int code, WPARAM wParam, LPARAM lParam)
{
return CallNextHookEx(hook,code,wParam,lParam);
}
__declspec(dllexport)int SetHook(void)
{
hook=SetWindowsHookEx(WH_GETMESSAGE,(HOOKPROC)MouseHookProc,hsethook,0);
if(hook==NULL)
{
return -1;
}
return 0;
}
__declspec(dllexport) int UnHook(void)
{
if(!UnhookWindowsHookEx(hook)){
char txt[100];sprintf(txt,"%d",GetLastError());
MessageBox(NULL,txt,"unhook error",0);
return 0;
}
return -1;
}
看看这个代码缺少什么东西,该如何改进..
