windows hook技术简单实例(zz)

最新推荐文章于 2020-04-18 23:52:30 发布

weixin_30247159

最新推荐文章于 2020-04-18 23:52:30 发布

阅读量156

点赞数

原文链接：http://www.cnblogs.com/niezhonger/archive/2013/03/23/2977772.html

版权

First, create a DLL which handles hooking the functions. This example below hooks the socket send and receive functions

#include <windows.h>
#include <detours.h>

#pragma comment( lib, "Ws2_32.lib" )
#pragma comment( lib, "detours.lib" )
#pragma comment( lib, "detoured.lib" )

int ( WINAPI *Real_Send )( SOCKET s, const char *buf, int len, int flags ) = send;
int ( WINAPI *Real_Recv )( SOCKET s, char *buf, int len, int flags ) = recv;
int WINAPI Mine_Send( SOCKET s, const char* buf, int len, int flags );
int WINAPI Mine_Recv( SOCKET s, char *buf, int len, int flags );

int WINAPI Mine_Send( SOCKET s, const char *buf, int len, int flags ) {
// .. do stuff ..

return Real_Send( s, buf, len, flags );
}

int WINAPI Mine_Recv( SOCKET s, char *buf, int len, int flags ) {
// .. do stuff ..

return Real_Recv( s, buf, len, flags );
}

BOOL WINAPI DllMain( HINSTANCE, DWORD dwReason, LPVOID ) {
switch ( dwReason ) {
case DLL_PROCESS_ATTACH:
DetourTransactionBegin();
DetourUpdateThread( GetCurrentThread() );
DetourAttach( &(PVOID &)Real_Send, Mine_Send );
DetourAttach( &(PVOID &)Real_Recv, Mine_Recv );
DetourTransactionCommit();
break;

case DLL_PROCESS_DETACH:
DetourTransactionBegin();
DetourUpdateThread( GetCurrentThread() );
DetourDetach( &(PVOID &)Real_Send, Mine_Send );
DetourDetach( &(PVOID &)Real_Recv, Mine_Recv );
DetourTransactionCommit();
break;
}

return TRUE;
}

Then, create a program to inject the DLL into the target application.

int main( int, char *[] ) {
PROCESSENTRY32 entry;
entry.dwSize = sizeof( PROCESSENTRY32 );

HANDLE snapshot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, NULL );

if ( Process32First( snapshot, &entry ) == TRUE ) {
while ( Process32Next( snapshot, &entry ) == TRUE ) {
if ( stricmp( entry.szExeFile, "target.exe" ) == 0 ) {
EnableDebugPriv();

char dirPath[MAX_PATH];
char fullPath[MAX_PATH];

GetCurrentDirectory( MAX_PATH, dirPath );

sprintf_s( fullPath, MAX_PATH, "%s\\DllToInject.dll", dirPath );

HANDLE hProcess = OpenProcess( PROCESS_CREATE_THREAD | PROCESS_VM_OPERATION | PROCESS_VM_WRITE, FALSE, entry.th32ProcessID );
LPVOID libAddr = (LPVOID)GetProcAddress( GetModuleHandle( "kernel32.dll" ), "LoadLibraryA" );
LPVOID llParam = (LPVOID)VirtualAllocEx( hProcess, NULL, strlen( fullPath ), MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE );

WriteProcessMemory( hProcess, llParam, fullPath, strlen( fullPath ), NULL );
CreateRemoteThread( hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE)libAddr, llParam, NULL, NULL );
CloseHandle( hProcess );
}
}
}

CloseHandle( snapshot );

return 0;
}

转载自http://stackoverflow.com/questions/873658/how-can-i-hook-windows-functions-in-c-c

转载于:https://www.cnblogs.com/niezhonger/archive/2013/03/23/2977772.html

weixin_30247159

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
windows hook技术简单实例(zz)

First, create a DLL which handles hooking the functions. This example below hooks the socket send and receive functions#include <windows.h>#include <detours.h>#pragma comment( lib, ...
复制链接

扫一扫