将madCodeHook_.bpi,madCodeHook_.bpl,madBasic_.bpi,madBasic_.bpl,madDisAsm_.bpi
madDisAsm_.bpl,madRemote_.bpi,madRemote_.bpl组件复制到
C:\Program Files\Borland\CBuilder6\Projects\Bpl目录中
将madCHook.dll复制到当前工程目录中
将madCodeHook.h,madType.hpp,madDisAsm.hpp,madStrings.hpp,madTools.hpp,madStrings.h
复制到当前工程目录中
madDisAsm_.bpl,madRemote_.bpi,madRemote_.bpl组件复制到
C:\Program Files\Borland\CBuilder6\Projects\Bpl目录中
将madCHook.dll复制到当前工程目录中
将madCodeHook.h,madType.hpp,madDisAsm.hpp,madStrings.hpp,madTools.hpp,madStrings.h
复制到当前工程目录中
.cpp文件中
#include "madCodeHook.h"
//声明一个参数规格相同的函数指针
DWORD __stdcall(* WinExecNextHook )(char *cmdLine,DWORD showCmd);
DWORD __stdcall WinExecHookProc(char *cmdLine, DWORD showCmd)
{
if (MessageBox(0, cmdLine, "进入HOOK函数中", MB_YESNO | MB_ICONQUESTION) == 6 )
return WinExecNextHook(cmdLine, showCmd);
else
return ERROR_ACCESS_DENIED;
}
void __fastcall TForm1::Button1Click(TObject *Sender)
{
//hook函数
HookAPI("kernel32.dll", "WinExec", (void *)WinExecHookProc, (void *)WinExecNextHook);
//调用WinExec将进入winExecHookProc
WinExec("notepad.exe", SW_SHOWNORMAL);
//取消hook
UnhookAPI((void *)WinExecNextHook);
}
//---------------------------------------------------------------------------
3090
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
