unit dllMain;
{*********************************************************
程序: HookAPI函数
作者: sunsjw
QQ : 25656016
Blog: http://www.kao8.cn/blog.asp?name=sunsjw
**********************************************************}
interface
uses
SysUtils,Windows,Winsock,Graphics,tlHelp32,madCodeHook;
type
//要HOOK的API函数定义
TSockSendProc = function (s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
TSockRecvProc = function (s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
TMsgBoxProc = function(hWnd: HWND; lpText, lpCaption: PChar; uType: UINT): Integer; stdcall;
//--------------------函数声明---------------------------
function Sun_Send(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
function Sun_Recv(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
function Sun_Box(hWnd: HWND; lpText, lpCaption: PChar; uType: UINT): Integer; stdcall;
procedure Hook;stdcall;export;
procedure UnHook;stdcall;export;
var
//用来保存原来函数的地址
sunSend: TSockSendProc;
sunRecv: TSockRecvProc;
sunMsg: TMsgBoxProc;
i: Integer;
implementation
function Sun_Box(hWnd: HWND; lpText, lpCaption: PChar; uType: UINT): Integer; stdcall;
var
strTemp: string;
begin
strTemp := '珊瑚虫:sunsjw';
Result := sunMsg(hWnd,lpText,pchar(strTemp),uType);
end;
{---------------------------------------}
{函数功能:Recv函数的HOOK
{函数参数:同Recv
{函数返回值:integer
{---------------------------------------}
function Sun_Recv(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
begin
//在这里要对接收的数据Buf进行处理
//暂时不处理了,随便响一声吧。
MessageBeep(0);
//调用直正的Send函数
Result := sunRecv(s,Buf,len, flags);
end;
{---------------------------------------}
{函数功能:Send函数的HOOK
{函数参数:同Send
{函数返回值:integer
{---------------------------------------}
function Sun_Send(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
var
DeskDC: HDC;
Can: TCanvas;
str: string;
found: boolean;
Hand,CurrHand: THandle;
lppe: TProcessEntry32;
begin
DeskDC := GetDC(0);
Can := TCanvas.Create;
Can.Handle := DeskDC;
CurrHand := GetCurrentProcessID();
Hand := CreateToolhelp32Snapshot(TH32CS_SNAPALL,0);
lppe.dwSize := sizeof(lppe);
found := Process32First(Hand,lppe);
while found do
begin
if lppe.th32ProcessID=CurrHand then
begin
str := lppe.szExeFile;
found := false;
end
else
found := Process32Next(Hand,lppe);
end;
try
Inc(i);
Can.TextOut(0,0,str+':正在发送数据...');
finally
Can.Free;
ReleaseDC(0,DeskDC);
end;
Result := sunSend(s,Buf,len, flags);
end;
{------------------------------------}
{过程功能:HookAPI
{过程参数:无
{------------------------------------}
procedure Hook;
begin
HookAPI('ws2_32.dll','send',@Sun_Send,@sunSend);
HookAPI('ws2_32.dll','recv',@Sun_Recv,@sunRecv);
HookAPI('user32.dll','MessageBoxA',@sun_Box,@sunMsg);
end;
{------------------------------------}
{过程功能:取消HOOKAPI
{过程参数:无
{------------------------------------}
procedure UnHook;
begin
UnHookAPI(@sunSend);
UnHookAPI(@sunRecv);
UnHookAPI(@sunMsg);
end;
end.
//调用
unit callMain;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls,madCodeHook;
type
TForm1 = class(TForm)
Button1: TButton;
Button2: TButton;
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
procedure TForm1.Button1Click(Sender: TObject);
begin
//把我们的函数注放到其它进程中
InjectLibrary(ALL_SESSIONS or SYSTEM_PROCESSES,'hookMsg.dll');
end;
procedure TForm1.Button2Click(Sender: TObject);
begin
UninjectLibrary(ALL_SESSIONS or SYSTEM_PROCESSES,'hookMsg.dll');
end;
end.
{*********************************************************
程序: HookAPI函数
作者: sunsjw
QQ : 25656016
Blog: http://www.kao8.cn/blog.asp?name=sunsjw
**********************************************************}
interface
uses
SysUtils,Windows,Winsock,Graphics,tlHelp32,madCodeHook;
type
//要HOOK的API函数定义
TSockSendProc = function (s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
TSockRecvProc = function (s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
TMsgBoxProc = function(hWnd: HWND; lpText, lpCaption: PChar; uType: UINT): Integer; stdcall;
//--------------------函数声明---------------------------
function Sun_Send(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
function Sun_Recv(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
function Sun_Box(hWnd: HWND; lpText, lpCaption: PChar; uType: UINT): Integer; stdcall;
procedure Hook;stdcall;export;
procedure UnHook;stdcall;export;
var
//用来保存原来函数的地址
sunSend: TSockSendProc;
sunRecv: TSockRecvProc;
sunMsg: TMsgBoxProc;
i: Integer;
implementation
function Sun_Box(hWnd: HWND; lpText, lpCaption: PChar; uType: UINT): Integer; stdcall;
var
strTemp: string;
begin
strTemp := '珊瑚虫:sunsjw';
Result := sunMsg(hWnd,lpText,pchar(strTemp),uType);
end;
{---------------------------------------}
{函数功能:Recv函数的HOOK
{函数参数:同Recv
{函数返回值:integer
{---------------------------------------}
function Sun_Recv(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
begin
//在这里要对接收的数据Buf进行处理
//暂时不处理了,随便响一声吧。
MessageBeep(0);
//调用直正的Send函数
Result := sunRecv(s,Buf,len, flags);
end;
{---------------------------------------}
{函数功能:Send函数的HOOK
{函数参数:同Send
{函数返回值:integer
{---------------------------------------}
function Sun_Send(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
var
DeskDC: HDC;
Can: TCanvas;
str: string;
found: boolean;
Hand,CurrHand: THandle;
lppe: TProcessEntry32;
begin
DeskDC := GetDC(0);
Can := TCanvas.Create;
Can.Handle := DeskDC;
CurrHand := GetCurrentProcessID();
Hand := CreateToolhelp32Snapshot(TH32CS_SNAPALL,0);
lppe.dwSize := sizeof(lppe);
found := Process32First(Hand,lppe);
while found do
begin
if lppe.th32ProcessID=CurrHand then
begin
str := lppe.szExeFile;
found := false;
end
else
found := Process32Next(Hand,lppe);
end;
try
Inc(i);
Can.TextOut(0,0,str+':正在发送数据...');
finally
Can.Free;
ReleaseDC(0,DeskDC);
end;
Result := sunSend(s,Buf,len, flags);
end;
{------------------------------------}
{过程功能:HookAPI
{过程参数:无
{------------------------------------}
procedure Hook;
begin
HookAPI('ws2_32.dll','send',@Sun_Send,@sunSend);
HookAPI('ws2_32.dll','recv',@Sun_Recv,@sunRecv);
HookAPI('user32.dll','MessageBoxA',@sun_Box,@sunMsg);
end;
{------------------------------------}
{过程功能:取消HOOKAPI
{过程参数:无
{------------------------------------}
procedure UnHook;
begin
UnHookAPI(@sunSend);
UnHookAPI(@sunRecv);
UnHookAPI(@sunMsg);
end;
end.
//调用
unit callMain;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls,madCodeHook;
type
TForm1 = class(TForm)
Button1: TButton;
Button2: TButton;
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
procedure TForm1.Button1Click(Sender: TObject);
begin
//把我们的函数注放到其它进程中
InjectLibrary(ALL_SESSIONS or SYSTEM_PROCESSES,'hookMsg.dll');
end;
procedure TForm1.Button2Click(Sender: TObject);
begin
UninjectLibrary(ALL_SESSIONS or SYSTEM_PROCESSES,'hookMsg.dll');
end;
end.
635
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
