C++ Api Hook 类 | 雨律在线

C++ Api Hook 类 2/13

// 头文件
// ApiHook.h: interface for the CApiHook class.

#ifndef API_HOOK_H
#define API_HOOK_H

class CApiHook
{
public :
HANDLE hProc ;
Unlock ();
Lock ();
BOOL Initialize ( LPCTSTR lpLibFileName , LPCTSTR lpProcName , FARPROC lpNewFunc );
void SetHookOn ( void );
void SetHookOff ( void );
CApiHook ();
virtual ~ CApiHook ();

protected :
BYTE m_OldFunc [ 8 ];
BYTE m_NewFunc [ 8 ];
FARPROC m_lpHookFunc ;
CRITICAL_SECTION m_cs ;
};

#endif

// 实现文件
// ApiHook.cpp: implementation of the CApiHook class.

#include "stdafx.h"
#include "ApiHook.h"
#include < stdio . h >

//////////////////////////////////////////////////////////////////////
// Construction/Destruction
//////////////////////////////////////////////////////////////////////

#define OPEN_FLAGS ( PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE )

CApiHook :: CApiHook ()
{
InitializeCriticalSection (& m_cs );
}

CApiHook ::~ CApiHook ()
{
CloseHandle ( hProc );
DeleteCriticalSection (& m_cs );
}

void CApiHook :: SetHookOn ( void )
{
DWORD dwOldFlag ;

if ( WriteProcessMemory ( hProc , m_lpHookFunc , m_NewFunc , 5 , 0 ))
{
return ;
}

MessageBox ( NULL , "SetHookOn" , "fail" , MB_OK );
return ;
}

void CApiHook :: SetHookOff ( void )
{
DWORD dwOldFlag ;

if ( WriteProcessMemory ( hProc , m_lpHookFunc , m_OldFunc , 5 , 0 ))
{
return ;
}
MessageBox ( NULL , "SetHookOff" , "fail" , MB_OK );
return ;
}

BOOL CApiHook :: Initialize ( LPCTSTR lpLibFileName , LPCTSTR lpProcName , FARPROC lpNewFunc )
{
HMODULE hModule ;

hModule = LoadLibrary ( lpLibFileName );
if ( NULL == hModule )
return FALSE ;

m_lpHookFunc = GetProcAddress ( hModule , lpProcName );
if ( NULL == m_lpHookFunc )
return FALSE ;

DWORD dwProcessID = GetCurrentProcessId ();
DWORD dwOldFlag ;
hProc = GetCurrentProcess ( /*OPEN_FLAGS,0,dwProcessID*/ );

if ( hProc == NULL )
{
MessageBox ( NULL , "Initialize.OpenProcess" , "fail" , MB_OK );
return FALSE ;
}

if ( ReadProcessMemory ( hProc , m_lpHookFunc , m_OldFunc , 5 , 0 ))
{
m_NewFunc [ 0 ]= 0xe9 ;
DWORD * pNewFuncAddress ;
pNewFuncAddress =( DWORD *)& m_NewFunc [ 1 ];
* pNewFuncAddress =( DWORD ) lpNewFunc -( DWORD ) m_lpHookFunc - 5 ;

return TRUE ;
}

MessageBox ( NULL , "Initialize" , "fail" , MB_OK );
return FALSE ;
}

CApiHook :: Lock ()
{
EnterCriticalSection (& m_cs );
}

CApiHook :: Unlock ()
{
LeaveCriticalSection (& m_cs );
}


 
目前有0条回应
Comment
Trackback
清空内容粗体斜体下划线删除线链接字体颜色表情
icon_wink.gificon_neutral.gificon_mad.gificon_twisted.gificon_smile.gificon_eek.gificon_sad.gificon_rolleyes.gificon_razz.gificon_redface.gificon_surprised.gificon_mrgreen.gificon_lol.gificon_idea.gificon_biggrin.gificon_evil.gificon_cry.gificon_cool.gificon_arrow.gificon_confused.gificon_question.gificon_exclaim.gif
你目前的身份是游客,请输入昵称和电邮!