get COM interface method address .

在r3 hook之前， 需要得到API地址.

如果要 hook 的是COM接口中的方法, 得到API地址的方法和得到普通Win32API地址的方法不同.

[cpp]
view plaincopyprint?

/// @file prjGetComInterfaceMethodAddr.cpp

/// @brief 得到COM接口方法地址

#include "stdafx.h" ///< 由 <WinInet.h> 包含COM接口定义

#include "prjGetComInterfaceMethodAddr.h"

/// 自己从C++接口定义中拷贝出来的C风格接口定义

/// 当前是C++程序，无法直接使用C风格接口定义
/// 使用C风格接口定义，是为了得到COM接口虚表中的方法地址

#include "ctype_interace.h"

#ifdef _DEBUG
#define new DEBUG_NEW

#endif

// The one and only application object

CWinApp theApp;

using namespace std;

/// 得到 IWebBrowser::get_LocationURL 的函数地址

ULONG_PTR GetComApiInterfaceAddr_IWebBrowser_get_LocationURL();

int _tmain(int argc, TCHAR* argv[], TCHAR* envp[])
{
DWORD_PTR dwAddr = 0;
int nRetCode = 0;

HMODULE hModule = ::GetModuleHandle(NULL);

if (hModule != NULL)
{
// initialize MFC and print and error on failure

if (!AfxWinInit(hModule, NULL, ::GetCommandLine(), 0))
{
// TODO: change error code to suit your needs

_tprintf(_T("Fatal Error: MFC initialization failed\n"));
nRetCode = 1;
}
else
{
dwAddr = GetComApiInterfaceAddr_IWebBrowser_get_LocationURL();
_tprintf(
L"GetComApiInterfaceAddr_"
L"IWebBrowser_get_LocationURL = 0x%X\r\n",
dwAddr);
}
}
else
{
// TODO: change error code to suit your needs

_tprintf(_T("Fatal Error: GetModuleHandle failed\n"));
nRetCode = 1;
}

/** runresults
GetComApiInterfaceAddr_IWebBrowser_get_LocationURL = 0x5D9C680C
*/
getwchar();
return nRetCode;
}

typedef HRESULT (STDMETHODCALLTYPE * PFN_get_LocationURL)(
IWebBrowser * This,
BSTR *LocationURL);

DWORD_PTR GetComApiInterfaceAddr_IWebBrowser_get_LocationURL()
{
DWORD_PTR dwAddr = 0;
HRESULT hr;
IWebBrowser* pInterface = NULL;
ctype_IWebBrowser * pCtypeInterface = NULL;
PFN_get_LocationURL pfn_get_LocationURL = NULL;

CoInitialize ( NULL );
hr = CoCreateInstance ( CLSID_WebBrowser,
NULL,
CLSCTX_INPROC_SERVER,
IID_IWebBrowser,
(void**) &pInterface);

if (SUCCEEDED(hr))
{
pCtypeInterface = (ctype_IWebBrowser *)pInterface;
pfn_get_LocationURL = pCtypeInterface->lpVtbl->get_LocationURL;
dwAddr = (DWORD_PTR)pfn_get_LocationURL;

pInterface->Release();
}

CoUninitialize();

return dwAddr;
}

/// @file       prjGetComInterfaceMethodAddr.cpp
/// @brief      得到COM接口方法地址

#include "stdafx.h" ///< 由 <WinInet.h> 包含COM接口定义
#include "prjGetComInterfaceMethodAddr.h"

/// 自己从C++接口定义中拷贝出来的C风格接口定义
/// 当前是C++程序，无法直接使用C风格接口定义
/// 使用C风格接口定义，是为了得到COM接口虚表中的方法地址
#include "ctype_interace.h"

#ifdef _DEBUG
#define new DEBUG_NEW
#endif

// The one and only application object

CWinApp theApp;

using namespace std;

/// 得到 IWebBrowser::get_LocationURL 的函数地址
ULONG_PTR GetComApiInterfaceAddr_IWebBrowser_get_LocationURL();

int _tmain(int argc, TCHAR* argv[], TCHAR* envp[])
{
DWORD_PTR   dwAddr = 0;
int         nRetCode = 0;

HMODULE hModule = ::GetModuleHandle(NULL);

if (hModule != NULL)
{
// initialize MFC and print and error on failure
if (!AfxWinInit(hModule, NULL, ::GetCommandLine(), 0))
{
// TODO: change error code to suit your needs
_tprintf(_T("Fatal Error: MFC initialization failed\n"));
nRetCode = 1;
}
else
{
dwAddr = GetComApiInterfaceAddr_IWebBrowser_get_LocationURL();
_tprintf(
L"GetComApiInterfaceAddr_"
L"IWebBrowser_get_LocationURL = 0x%X\r\n",
dwAddr);
}
}
else
{
// TODO: change error code to suit your needs
_tprintf(_T("Fatal Error: GetModuleHandle failed\n"));
nRetCode = 1;
}

/** runresults
GetComApiInterfaceAddr_IWebBrowser_get_LocationURL = 0x5D9C680C
*/
getwchar();
return nRetCode;
}

typedef HRESULT (STDMETHODCALLTYPE * PFN_get_LocationURL)(
IWebBrowser * This,
BSTR *LocationURL);

DWORD_PTR GetComApiInterfaceAddr_IWebBrowser_get_LocationURL()
{
DWORD_PTR   dwAddr = 0;
HRESULT hr;
IWebBrowser* pInterface = NULL;
ctype_IWebBrowser * pCtypeInterface = NULL;
PFN_get_LocationURL pfn_get_LocationURL = NULL;

CoInitialize ( NULL );
hr = CoCreateInstance ( CLSID_WebBrowser,
NULL,
CLSCTX_INPROC_SERVER,
IID_IWebBrowser,
(void**) &pInterface);

if (SUCCEEDED(hr))
{
pCtypeInterface = (ctype_IWebBrowser *)pInterface;
pfn_get_LocationURL = pCtypeInterface->lpVtbl->get_LocationURL;
dwAddr = (DWORD_PTR)pfn_get_LocationURL;

pInterface->Release();
}

CoUninitialize();

return dwAddr;
}

[cpp]
view plaincopyprint?

// stdafx.h : include file for standard system include files,

// or project specific include files that are used frequently, but

// are changed infrequently

//

#pragma once

#include "targetver.h"

#include <stdio.h>
#include <tchar.h>

#define _ATL_CSTRING_EXPLICIT_CONSTRUCTORS // some CString constructors will be explicit

#ifndef VC_EXTRALEAN
#define VC_EXTRALEAN // Exclude rarely-used stuff from Windows headers

#endif

#include <afx.h>
#include <afxwin.h> // MFC core and standard components

#include <WinInet.h> ///< for COM Interface !

#include <afxext.h> // MFC extensions

#ifndef _AFX_NO_OLE_SUPPORT
#include <afxdtctl.h> // MFC support for Internet Explorer 4 Common Controls

#endif
#ifndef _AFX_NO_AFXCMN_SUPPORT

#include <afxcmn.h> // MFC support for Windows Common Controls

#endif // _AFX_NO_AFXCMN_SUPPORT

#include <iostream>

// TODO: reference additional headers your program requires here

// stdafx.h : include file for standard system include files,
// or project specific include files that are used frequently, but
// are changed infrequently
//

#pragma once

#include "targetver.h"

#include <stdio.h>
#include <tchar.h>
#define _ATL_CSTRING_EXPLICIT_CONSTRUCTORS      // some CString constructors will be explicit

#ifndef VC_EXTRALEAN
#define VC_EXTRALEAN            // Exclude rarely-used stuff from Windows headers
#endif

#include <afx.h>
#include <afxwin.h>         // MFC core and standard components
#include <WinInet.h>        ///< for COM Interface !
#include <afxext.h>         // MFC extensions
#ifndef _AFX_NO_OLE_SUPPORT
#include <afxdtctl.h>           // MFC support for Internet Explorer 4 Common Controls
#endif
#ifndef _AFX_NO_AFXCMN_SUPPORT
#include <afxcmn.h>                     // MFC support for Windows Common Controls
#endif // _AFX_NO_AFXCMN_SUPPORT

#include <iostream>

// TODO: reference additional headers your program requires here

[cpp]
view plaincopyprint?

/// @file ctype_interace.h

/// @brief C风格的接口与方法定义
/// 在C++程序中, 为了使用COM接口的虚表指针,

/// 如果该COM接口为C++风格和C风格接口混合提供,

/// 需要将C风格的接口拷贝出来改名使用

/// 直接包含头文件，无法编译通过

#ifndef __CTYPE_INTERACE_H__
#define __CTYPE_INTERACE_H__

/* C style interface */

typedef struct IWebBrowserVtbl
{
BEGIN_INTERFACE

HRESULT ( STDMETHODCALLTYPE *QueryInterface )(
__RPC__in IWebBrowser * This,
/* [in] */ __RPC__in REFIID riid,
/* [annotation][iid_is][out] */
__RPC__deref_out void **ppvObject);

ULONG ( STDMETHODCALLTYPE *AddRef )(
__RPC__in IWebBrowser * This);

ULONG ( STDMETHODCALLTYPE *Release )(
__RPC__in IWebBrowser * This);

HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )(
__RPC__in IWebBrowser * This,
/* [out] */ __RPC__out UINT *pctinfo);

HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )(
__RPC__in IWebBrowser * This,
/* [in] */ UINT iTInfo,
/* [in] */ LCID lcid,
/* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);

HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )(
__RPC__in IWebBrowser * This,
/* [in] */ __RPC__in REFIID riid,
/* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
/* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
/* [in] */ LCID lcid,
/* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);

/* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )(
IWebBrowser * This,
/* [in] */ DISPID dispIdMember,
/* [in] */ REFIID riid,
/* [in] */ LCID lcid,
/* [in] */ WORD wFlags,
/* [out][in] */ DISPPARAMS *pDispParams,
/* [out] */ VARIANT *pVarResult,
/* [out] */ EXCEPINFO *pExcepInfo,
/* [out] */ UINT *puArgErr);

/* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *GoBack )(
__RPC__in IWebBrowser * This);

/* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *GoForward )(
__RPC__in IWebBrowser * This);

/* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *GoHome )(
__RPC__in IWebBrowser * This);

/* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *GoSearch )(
__RPC__in IWebBrowser * This);

/* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Navigate )(
__RPC__in IWebBrowser * This,
/* [in] */ __RPC__in BSTR URL,
/* [unique][optional][in] */ __RPC__in_opt VARIANT *Flags,
/* [unique][optional][in] */ __RPC__in_opt VARIANT *TargetFrameName,
/* [unique][optional][in] */ __RPC__in_opt VARIANT *PostData,
/* [unique][optional][in] */ __RPC__in_opt VARIANT *Headers);

/* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Refresh )(
__RPC__in IWebBrowser * This);

/* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Refresh2 )(
__RPC__in IWebBrowser * This,
/* [unique][optional][in] */ __RPC__in_opt VARIANT *Level);

/* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Stop )(
__RPC__in IWebBrowser * This);

/* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Application )(
__RPC__in IWebBrowser * This,
/* [retval][out] */ __RPC__deref_out_opt IDispatch **ppDisp);

/* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Parent )(
__RPC__in IWebBrowser * This,
/* [retval][out] */ __RPC__deref_out_opt IDispatch **ppDisp);

/* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Container )(
__RPC__in IWebBrowser * This,
/* [retval][out] */ __RPC__deref_out_opt IDispatch **ppDisp);

/* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Document )(
__RPC__in IWebBrowser * This,
/* [retval][out] */ __RPC__deref_out_opt IDispatch **ppDisp);

/* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_TopLevelContainer )(
__RPC__in IWebBrowser * This,
/* [retval][out] */ __RPC__out VARIANT_BOOL *pBool);

/* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Type )(
__RPC__in IWebBrowser * This,
/* [retval][out] */ __RPC__deref_out_opt BSTR *Type);

/* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Left )(
__RPC__in IWebBrowser * This,
/* [retval][out] */ __RPC__out long *pl);

/* [propput][id] */ HRESULT ( STDMETHODCALLTYPE *put_Left )(
__RPC__in IWebBrowser * This,
/* [in] */ long Left);

/* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Top )(
__RPC__in IWebBrowser * This,
/* [retval][out] */ __RPC__out long *pl);

/* [propput][id] */ HRESULT ( STDMETHODCALLTYPE *put_Top )(
__RPC__in IWebBrowser * This,
/* [in] */ long Top);

/* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Width )(
__RPC__in IWebBrowser * This,
/* [retval][out] */ __RPC__out long *pl);

/* [propput][id] */ HRESULT ( STDMETHODCALLTYPE *put_Width )(
__RPC__in IWebBrowser * This,
/* [in] */ long Width);

/* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Height )(
__RPC__in IWebBrowser * This,
/* [retval][out] */ __RPC__out long *pl);

/* [propput][id] */ HRESULT ( STDMETHODCALLTYPE *put_Height )(
__RPC__in IWebBrowser * This,
/* [in] */ long Height);

/* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_LocationName )(
__RPC__in IWebBrowser * This,
/* [retval][out] */ __RPC__deref_out_opt BSTR *LocationName);

/* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_LocationURL )(
__RPC__in IWebBrowser * This,
/* [retval][out] */ __RPC__deref_out_opt BSTR *LocationURL);

/* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Busy )(
__RPC__in IWebBrowser * This,
/* [retval][out] */ __RPC__out VARIANT_BOOL *pBool);

END_INTERFACE
} IWebBrowserVtbl;

interface ctype_IWebBrowser ///< 改名了

{
CONST_VTBL struct IWebBrowserVtbl *lpVtbl;
};

#endif