网友写的HookAPI源代码 
unit dllMain;
{*********************************************************
程序:   HookAPI函数
作者:   sunsjw
QQ  :   25656016
Blog:    [url]http://www.kao8.cn/blog.asp?name=sunsjw[/url]
**********************************************************}
interface
uses
  SysUtils,Windows,Winsock,Graphics,tlHelp32,madCodeHook;
type
  //要HOOK的API函数定义
  TSockSendProc = function (s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
  TSockRecvProc = function (s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
  TMsgBoxProc = function(hWnd: HWND; lpText, lpCaption: PChar; uType: UINT): Integer; stdcall;
//--------------------函数声明---------------------------  
function Sun_Send(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
function Sun_Recv(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
function Sun_Box(hWnd: HWND; lpText, lpCaption: PChar; uType: UINT): Integer; stdcall;
procedure Hook;stdcall;export;
procedure UnHook;stdcall;export;
var
  //用来保存原来函数的地址
  sunSend: TSockSendProc;
  sunRecv: TSockRecvProc;
  sunMsg: TMsgBoxProc;
  i: Integer;
  
implementation
function Sun_Box(hWnd: HWND; lpText, lpCaption: PChar; uType: UINT): Integer; stdcall;
var
  strTemp: string;
begin
  strTemp := '珊瑚虫:sunsjw';
  Result := sunMsg(hWnd,lpText,pchar(strTemp),uType);
end;
{---------------------------------------}
{函数功能:Recv函数的HOOK
{函数参数:同Recv
{函数返回值:integer
{---------------------------------------}
function Sun_Recv(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
begin
  //在这里要对接收的数据Buf进行处理
  //暂时不处理了,随便响一声吧。
  MessageBeep(0);
  //调用直正的Send函数
  Result := sunRecv(s,Buf,len, flags);
end;
{---------------------------------------}
{函数功能:Send函数的HOOK
{函数参数:同Send
{函数返回值:integer
{---------------------------------------}
function Sun_Send(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
var
  DeskDC: HDC;
  Can: TCanvas;
  str: string;
  found: boolean;
  Hand,CurrHand: THandle;
  lppe: TProcessEntry32;
begin
  DeskDC := GetDC(0);
  Can := TCanvas.Create;
  Can.Handle := DeskDC;
  CurrHand := GetCurrentProcessID();
  Hand := CreateToolhelp32Snapshot(TH32CS_SNAPALL,0);
  lppe.dwSize := sizeof(lppe);
  found := Process32First(Hand,lppe);
  while found do
  begin
    if lppe.th32ProcessID=CurrHand then
    begin
      str := lppe.szExeFile;
      found := false;
    end
    else
      found := Process32Next(Hand,lppe);
  end;
  try
    Inc(i);
    Can.TextOut(0,0,str+':正在发送数据...');
  finally
    Can.Free;
    ReleaseDC(0,DeskDC);
  end;
  Result := sunSend(s,Buf,len, flags);
end;
{------------------------------------}
{过程功能:HookAPI
{过程参数:无
{------------------------------------}
procedure Hook;
begin
  HookAPI('ws2_32.dll','send',@Sun_Send,@sunSend);
  HookAPI('ws2_32.dll','recv',@Sun_Recv,@sunRecv);
  HookAPI('user32.dll','MessageBoxA',@sun_Box,@sunMsg);
end;
{------------------------------------}
{过程功能:取消HOOKAPI
{过程参数:无
{------------------------------------}
procedure UnHook;
begin
  UnHookAPI(@sunSend);
  UnHookAPI(@sunRecv);
  UnHookAPI(@sunMsg);
end;
end.

//调用
unit callMain;
interface
uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, StdCtrls,madCodeHook;
type
  TForm1 = class(TForm)
    Button1: TButton;
    Button2: TButton;
    procedure Button1Click(Sender: TObject);
    procedure Button2Click(Sender: TObject);
  private
    { Private declarations }
  public
    { Public declarations }
  end;
var
  Form1: TForm1;
implementation
{$R *.dfm}
procedure TForm1.Button1Click(Sender: TObject);
begin
  //把我们的函数注放到其它进程中
  InjectLibrary(ALL_SESSIONS or SYSTEM_PROCESSES,'hookMsg.dll');
end;
procedure TForm1.Button2Click(Sender: TObject);
begin
  UninjectLibrary(ALL_SESSIONS or SYSTEM_PROCESSES,'hookMsg.dll');
end;
end.