Inline Hook示例

//以下是InlineHook.Dll文件示例代码:

#include "stdafx.h"
#include <windows.h>

char g_OldAddress[0x5] = {};
char g_NewAddress[0x5] = { 0xE9 };

//开启Hook
void HookMessageBox()
{
	OutputDebugString(L"进入Hook");
	DWORD dwOldProtect = 0;
	memcpy(g_OldAddress, MessageBoxW, 5);
	VirtualProtect(MessageBoxW, 5, PAGE_EXECUTE_READWRITE, &dwOldProtect);
	memcpy(MessageBoxW, g_NewAddress, 5);
	VirtualProtect(MessageBoxW, 5, dwOldProtect, &dwOldProtect);
	OutputDebugString(L"Hook成功");
}
//取消Hook
void unHookMessageHook()
{
	DWORD dwOldProtect = 0;
	OutputDebugString(L"取消Hook");
	VirtualProtect(MessageBoxW, 5, PAGE_EXECUTE_READWRITE, &dwOldProtect);
	memcpy(MessageBoxW, g_OldAddress, 5);
	VirtualProtect(MessageBoxW, 5, dwOldProtect, &dwOldProtect);
	OutputDebugString(L"取消Hook成功");
}

int WINAPI  MyMessageBoxW(
	_In_opt_ HWND hWnd,
	_In_opt_ LPCWSTR lpText,
	_In_opt_ LPCWSTR lpCaption,
	_In_ UINT uType
	)
{
	OutputDebugString(L"进入自己MessageBox");
	lpText = L"哈哈Hook成功!";
	int  nResault = 0;
	unHookMessageHook();
	nResault = MessageBoxW(hWnd, lpText, lpCaption, uType);
	HookMessageBox();
	OutputDebugString(L"退出自己MessageBox");
	return nResault;
}

//计算hook,要跳转的位置
void Init()
{
	DWORD *pOffect = (DWORD*)(g_NewAddress + 1);

	*pOffect = (DWORD)MyMessageBoxW -
		(DWORD)MessageBoxW -
		5;
}


BOOL APIENTRY DllMain( HMODULE hModule,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
					 )
{
	switch (ul_reason_for_call)
	{
	case DLL_PROCESS_ATTACH:
	{
		OutputDebugString(L"开始初始化");
		Init();
		OutputDebugString(L"初始化完毕");
		HookMessageBox();
	}break;
	case DLL_THREAD_ATTACH:
	case DLL_THREAD_DETACH:
	case DLL_PROCESS_DETACH:
		break;
	}
	return TRUE;
}


随便用什么方法注入到程序,可以在有弹框的时候,弹出如下:


  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值