Simple Code Overwriting API Hook
2012-02-21 16:01
204 查看
#include <windows.h>
#ifndef _HOOK_API_JMP_
#define _HOOK_API_JMP_
class CHookApi_Jmp
{
public:
HANDLE hProc;
void Unlock(void);
void Lock(void);
BOOL Initialize(LPCTSTR ModuleName, LPCSTR ApiName, FARPROC lpNewFunc);
void SetHookOn(void);
void SetHookOff(void);
CHookApi_Jmp(void);
virtual ~CHookApi_Jmp();
protected:
BYTE m_OldFunc[8];
BYTE m_NewFunc[8];
FARPROC m_lpHookFunc;
CRITICAL_SECTION m_cs;
};
#endif
//---------------------------------------------------------------------------
#include "stdafx.h"
#include "ApiHookLib.h"
#pragma warning(disable: 4311)
//---------------------------------------------------------------------------
CHookApi_Jmp::CHookApi_Jmp(void)
{
InitializeCriticalSection(&m_cs);
}
//---------------------------------------------------------------------------
CHookApi_Jmp::~CHookApi_Jmp()
{
CloseHandle(hProc);
DeleteCriticalSection(&m_cs);
}
//---------------------------------------------------------------------------
void CHookApi_Jmp::SetHookOn(void)
{
DWORD dwOldFlag;
if(VirtualProtect(m_lpHookFunc,5,PAGE_READWRITE,&dwOldFlag))
{
if(WriteProcessMemory(hProc,m_lpHookFunc,m_NewFunc,5,0))
{
if(VirtualProtect(m_lpHookFunc,5,dwOldFlag,&dwOldFlag))
return;
}
}
return;
}
//---------------------------------------------------------------------------
void CHookApi_Jmp::SetHookOff(void)
{
DWORD dwOldFlag;
if(VirtualProtect(m_lpHookFunc,5,PAGE_READWRITE,&dwOldFlag))
{
if(WriteProcessMemory(hProc,m_lpHookFunc,m_OldFunc,5,0))
{
if(VirtualProtect(m_lpHookFunc,5,dwOldFlag,&dwOldFlag))
return;
}
}
return;
}
//---------------------------------------------------------------------------
BOOL CHookApi_Jmp::Initialize(LPCTSTR ModuleName, LPCSTR ApiName, FARPROC lpNewFunc)
{
m_lpHookFunc = GetProcAddress(GetModuleHandle(ModuleName),ApiName);
hProc = GetCurrentProcess();
DWORD dwOldFlag;
if(VirtualProtect(m_lpHookFunc,5,PAGE_READWRITE,&dwOldFlag))
{
if(ReadProcessMemory(hProc,m_lpHookFunc,m_OldFunc,5,0))
{
if(VirtualProtect(m_lpHookFunc,5,dwOldFlag,&dwOldFlag))
{
m_NewFunc[0]=0xe9;
DWORD*pNewFuncAddress;
pNewFuncAddress=(DWORD*)&m_NewFunc[1];
*pNewFuncAddress=(DWORD)lpNewFunc-(DWORD)m_lpHookFunc-5;
return TRUE;
}
}
}
return FALSE;
}
//---------------------------------------------------------------------------
void CHookApi_Jmp::Lock(void) //多线程下使用
{
EnterCriticalSection(&m_cs);
}
//---------------------------------------------------------------------------
void CHookApi_Jmp::Unlock(void)
{
LeaveCriticalSection(&m_cs);
}
//---------------------------------------------------------------------------
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- hook api inline code
- Guidlines and rules About Overwriting hashCode()
- WRITING A SIMPLE KUDU JAVA API PROGRAM
- HookAPI source code
- PHP CodeBase: 通过新浪微博API获取数据
- HookLib with lable dynamic code generating
- Hook API监视驱动的加载_ASM
- madCodeHook 2.2b
- 一个非常清晰的"Hook API"实例源码
- Api Hook, Hook Api that you want to Hook
- Simple API for XML
- cf#302 C. Writing Code dp
- hook api 保护进程
- C#hookapi
- Create A Simple RESTful API With GoLang
- [导入]《OpenGL 3 & DirectX 11: The War Is Over》:绘图 API 终战之日?
- Writing a Simple Service and Client (C++)
- Hook API of Console Application
- win hook codeproject
- C++ 用户层下的用Push+Ret API HOOK