HookAPI函数

unit dllMain; {********************************************************* 程序:    HookAPI函数 作者:    sunsjw Blog:   http://www.kao8.cn/blog.asp?name=sunsjw **********************************************************} interface uses    SysUtils,Windows,Winsock,Graphics,tlHelp32,madCodeHook; type    //要HOOK的API函数定义    TSockSendProc = function (s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;    TSockRecvProc = function (s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;    TMsgBoxProc = function(hWnd: HWND; lpText, lpCaption: PChar; uType: UINT): Integer; stdcall; //--------------------函数声明---------------------------   function Sun_Send(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall; function Sun_Recv(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall; function Sun_Box(hWnd: HWND; lpText, lpCaption: PChar; uType: UINT): Integer; stdcall; procedure Hook;stdcall;export; procedure UnHook;stdcall;export; var    //用来保存原来函数的地址    sunSend: TSockSendProc;    sunRecv: TSockRecvProc;    sunMsg: TMsgBoxProc;    i: Integer;    implementation function Sun_Box(hWnd: HWND; lpText, lpCaption: PChar; uType: UINT): Integer; stdcall; var    strTemp: string; begin    strTemp := '珊瑚虫:sunsjw';    Result := sunMsg(hWnd,lpText,pchar(strTemp),uType); end; {---------------------------------------} {函数功能:Recv函数的HOOK {函数参数:同Recv {函数返回值:integer {---------------------------------------} function Sun_Recv(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall; begin    //在这里要对接收的数据Buf进行处理    //暂时不处理了，随便响一声吧。    MessageBeep(0);    //调用直正的Send函数    Result := sunRecv(s,Buf,len, flags); end; {---------------------------------------} {函数功能:Send函数的HOOK {函数参数:同Send {函数返回值:integer {---------------------------------------} function Sun_Send(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall; var    DeskDC: HDC;    Can: TCanvas;    str: string;    found: boolean;    Hand,CurrHand: THandle;    lppe: TProcessEntry32; begin    DeskDC := GetDC(0);    Can := TCanvas.Create;    Can.Handle := DeskDC;    CurrHand := GetCurrentProcessID();    Hand := CreateToolhelp32Snapshot(TH32CS_SNAPALL,0);    lppe.dwSize := sizeof(lppe);    found := Process32First(Hand,lppe);    while found do    begin      if lppe.th32ProcessID=CurrHand then      begin        str := lppe.szExeFile;        found := false;      end      else        found := Process32Next(Hand,lppe);    end;    try      Inc(i);      Can.TextOut(0,0,str+':正在发送数据...');    finally      Can.Free;      ReleaseDC(0,DeskDC);    end;    Result := sunSend(s,Buf,len, flags); end; {------------------------------------} {过程功能:HookAPI {过程参数:无 {------------------------------------} procedure Hook; begin    HookAPI('ws2_32.dll','send',@Sun_Send,@sunSend);    HookAPI('ws2_32.dll','recv',@Sun_Recv,@sunRecv);    HookAPI('user32.dll','MessageBoxA',@sun_Box,@sunMsg); end; {------------------------------------} {过程功能:取消HOOKAPI {过程参数:无 {------------------------------------} procedure UnHook; begin    UnHookAPI(@sunSend);    UnHookAPI(@sunRecv);    UnHookAPI(@sunMsg); end; end. //调用 unit callMain; interface uses    Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,    Dialogs, StdCtrls,madCodeHook; type    TForm1 = class(TForm)      Button1: TButton;      Button2: TButton;      procedure Button1Click(Sender: TObject);      procedure Button2Click(Sender: TObject);    private      { Private declarations }    public      { Public declarations }    end; var    Form1: TForm1; implementation {$R *.dfm} procedure TForm1.Button1Click(Sender: TObject); begin    //把我们的函数注放到其它进程中    InjectLibrary(ALL_SESSIONS or SYSTEM_PROCESSES,'hookMsg.dll'); end; procedure TForm1.Button2Click(Sender: TObject); begin    UninjectLibrary(ALL_SESSIONS or SYSTEM_PROCESSES,'hookMsg.dll'); end; end.