在r3 hook之前, 需要得到API地址.
如果要 hook 的是COM接口中的方法, 得到API地址的方法和得到普通Win32API地址的方法不同.
- /// @file prjGetComInterfaceMethodAddr.cpp
- /// @brief 得到COM接口方法地址
- #include "stdafx.h" ///< 由 <WinInet.h> 包含COM接口定义
- #include "prjGetComInterfaceMethodAddr.h"
- /// 自己从C++接口定义中拷贝出来的C风格接口定义
- /// 当前是C++程序,无法直接使用C风格接口定义
- /// 使用C风格接口定义,是为了得到COM接口虚表中的方法地址
- #include "ctype_interace.h"
- #ifdef _DEBUG
- #define new DEBUG_NEW
- #endif
- // The one and only application object
- CWinApp theApp;
- using namespace std;
- /// 得到 IWebBrowser::get_LocationURL 的函数地址
- ULONG_PTR GetComApiInterfaceAddr_IWebBrowser_get_LocationURL();
- int _tmain(int argc, TCHAR* argv[], TCHAR* envp[])
- {
- DWORD_PTR dwAddr = 0;
- int nRetCode = 0;
- HMODULE hModule = ::GetModuleHandle(NULL);
- if (hModule != NULL)
- {
- // initialize MFC and print and error on failure
- if (!AfxWinInit(hModule, NULL, ::GetCommandLine(), 0))
- {
- // TODO: change error code to suit your needs
- _tprintf(_T("Fatal Error: MFC initialization failed\n"));
- nRetCode = 1;
- }
- else
- {
- dwAddr = GetComApiInterfaceAddr_IWebBrowser_get_LocationURL();
- _tprintf(
- L"GetComApiInterfaceAddr_"
- L"IWebBrowser_get_LocationURL = 0x%X\r\n",
- dwAddr);
- }
- }
- else
- {
- // TODO: change error code to suit your needs
- _tprintf(_T("Fatal Error: GetModuleHandle failed\n"));
- nRetCode = 1;
- }
- /** runresults
- GetComApiInterfaceAddr_IWebBrowser_get_LocationURL = 0x5D9C680C
- */
- getwchar();
- return nRetCode;
- }
- typedef HRESULT (STDMETHODCALLTYPE * PFN_get_LocationURL)(
- IWebBrowser * This,
- BSTR *LocationURL);
- DWORD_PTR GetComApiInterfaceAddr_IWebBrowser_get_LocationURL()
- {
- DWORD_PTR dwAddr = 0;
- HRESULT hr;
- IWebBrowser* pInterface = NULL;
- ctype_IWebBrowser * pCtypeInterface = NULL;
- PFN_get_LocationURL pfn_get_LocationURL = NULL;
- CoInitialize ( NULL );
- hr = CoCreateInstance ( CLSID_WebBrowser,
- NULL,
- CLSCTX_INPROC_SERVER,
- IID_IWebBrowser,
- (void**) &pInterface);
- if (SUCCEEDED(hr))
- {
- pCtypeInterface = (ctype_IWebBrowser *)pInterface;
- pfn_get_LocationURL = pCtypeInterface->lpVtbl->get_LocationURL;
- dwAddr = (DWORD_PTR)pfn_get_LocationURL;
- pInterface->Release();
- }
- CoUninitialize();
- return dwAddr;
- }
/// @file prjGetComInterfaceMethodAddr.cpp
/// @brief 得到COM接口方法地址
#include "stdafx.h" ///< 由 <WinInet.h> 包含COM接口定义
#include "prjGetComInterfaceMethodAddr.h"
/// 自己从C++接口定义中拷贝出来的C风格接口定义
/// 当前是C++程序,无法直接使用C风格接口定义
/// 使用C风格接口定义,是为了得到COM接口虚表中的方法地址
#include "ctype_interace.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#endif
// The one and only application object
CWinApp theApp;
using namespace std;
/// 得到 IWebBrowser::get_LocationURL 的函数地址
ULONG_PTR GetComApiInterfaceAddr_IWebBrowser_get_LocationURL();
int _tmain(int argc, TCHAR* argv[], TCHAR* envp[])
{
DWORD_PTR dwAddr = 0;
int nRetCode = 0;
HMODULE hModule = ::GetModuleHandle(NULL);
if (hModule != NULL)
{
// initialize MFC and print and error on failure
if (!AfxWinInit(hModule, NULL, ::GetCommandLine(), 0))
{
// TODO: change error code to suit your needs
_tprintf(_T("Fatal Error: MFC initialization failed\n"));
nRetCode = 1;
}
else
{
dwAddr = GetComApiInterfaceAddr_IWebBrowser_get_LocationURL();
_tprintf(
L"GetComApiInterfaceAddr_"
L"IWebBrowser_get_LocationURL = 0x%X\r\n",
dwAddr);
}
}
else
{
// TODO: change error code to suit your needs
_tprintf(_T("Fatal Error: GetModuleHandle failed\n"));
nRetCode = 1;
}
/** runresults
GetComApiInterfaceAddr_IWebBrowser_get_LocationURL = 0x5D9C680C
*/
getwchar();
return nRetCode;
}
typedef HRESULT (STDMETHODCALLTYPE * PFN_get_LocationURL)(
IWebBrowser * This,
BSTR *LocationURL);
DWORD_PTR GetComApiInterfaceAddr_IWebBrowser_get_LocationURL()
{
DWORD_PTR dwAddr = 0;
HRESULT hr;
IWebBrowser* pInterface = NULL;
ctype_IWebBrowser * pCtypeInterface = NULL;
PFN_get_LocationURL pfn_get_LocationURL = NULL;
CoInitialize ( NULL );
hr = CoCreateInstance ( CLSID_WebBrowser,
NULL,
CLSCTX_INPROC_SERVER,
IID_IWebBrowser,
(void**) &pInterface);
if (SUCCEEDED(hr))
{
pCtypeInterface = (ctype_IWebBrowser *)pInterface;
pfn_get_LocationURL = pCtypeInterface->lpVtbl->get_LocationURL;
dwAddr = (DWORD_PTR)pfn_get_LocationURL;
pInterface->Release();
}
CoUninitialize();
return dwAddr;
}
- // stdafx.h : include file for standard system include files,
- // or project specific include files that are used frequently, but
- // are changed infrequently
- //
- #pragma once
- #include "targetver.h"
- #include <stdio.h>
- #include <tchar.h>
- #define _ATL_CSTRING_EXPLICIT_CONSTRUCTORS // some CString constructors will be explicit
- #ifndef VC_EXTRALEAN
- #define VC_EXTRALEAN // Exclude rarely-used stuff from Windows headers
- #endif
- #include <afx.h>
- #include <afxwin.h> // MFC core and standard components
- #include <WinInet.h> ///< for COM Interface !
- #include <afxext.h> // MFC extensions
- #ifndef _AFX_NO_OLE_SUPPORT
- #include <afxdtctl.h> // MFC support for Internet Explorer 4 Common Controls
- #endif
- #ifndef _AFX_NO_AFXCMN_SUPPORT
- #include <afxcmn.h> // MFC support for Windows Common Controls
- #endif // _AFX_NO_AFXCMN_SUPPORT
- #include <iostream>
- // TODO: reference additional headers your program requires here
// stdafx.h : include file for standard system include files,
// or project specific include files that are used frequently, but
// are changed infrequently
//
#pragma once
#include "targetver.h"
#include <stdio.h>
#include <tchar.h>
#define _ATL_CSTRING_EXPLICIT_CONSTRUCTORS // some CString constructors will be explicit
#ifndef VC_EXTRALEAN
#define VC_EXTRALEAN // Exclude rarely-used stuff from Windows headers
#endif
#include <afx.h>
#include <afxwin.h> // MFC core and standard components
#include <WinInet.h> ///< for COM Interface !
#include <afxext.h> // MFC extensions
#ifndef _AFX_NO_OLE_SUPPORT
#include <afxdtctl.h> // MFC support for Internet Explorer 4 Common Controls
#endif
#ifndef _AFX_NO_AFXCMN_SUPPORT
#include <afxcmn.h> // MFC support for Windows Common Controls
#endif // _AFX_NO_AFXCMN_SUPPORT
#include <iostream>
// TODO: reference additional headers your program requires here
- /// @file ctype_interace.h
- /// @brief C风格的接口与方法定义
- /// 在C++程序中, 为了使用COM接口的虚表指针,
- /// 如果该COM接口为C++风格和C风格接口混合提供,
- /// 需要将C风格的接口拷贝出来改名使用
- /// 直接包含头文件,无法编译通过
- #ifndef __CTYPE_INTERACE_H__
- #define __CTYPE_INTERACE_H__
- /* C style interface */
- typedef struct IWebBrowserVtbl
- {
- BEGIN_INTERFACE
- HRESULT ( STDMETHODCALLTYPE *QueryInterface )(
- __RPC__in IWebBrowser * This,
- /* [in] */ __RPC__in REFIID riid,
- /* [annotation][iid_is][out] */
- __RPC__deref_out void **ppvObject);
- ULONG ( STDMETHODCALLTYPE *AddRef )(
- __RPC__in IWebBrowser * This);
- ULONG ( STDMETHODCALLTYPE *Release )(
- __RPC__in IWebBrowser * This);
- HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )(
- __RPC__in IWebBrowser * This,
- /* [out] */ __RPC__out UINT *pctinfo);
- HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )(
- __RPC__in IWebBrowser * This,
- /* [in] */ UINT iTInfo,
- /* [in] */ LCID lcid,
- /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
- HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )(
- __RPC__in IWebBrowser * This,
- /* [in] */ __RPC__in REFIID riid,
- /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
- /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
- /* [in] */ LCID lcid,
- /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
- /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )(
- IWebBrowser * This,
- /* [in] */ DISPID dispIdMember,
- /* [in] */ REFIID riid,
- /* [in] */ LCID lcid,
- /* [in] */ WORD wFlags,
- /* [out][in] */ DISPPARAMS *pDispParams,
- /* [out] */ VARIANT *pVarResult,
- /* [out] */ EXCEPINFO *pExcepInfo,
- /* [out] */ UINT *puArgErr);
- /* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *GoBack )(
- __RPC__in IWebBrowser * This);
- /* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *GoForward )(
- __RPC__in IWebBrowser * This);
- /* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *GoHome )(
- __RPC__in IWebBrowser * This);
- /* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *GoSearch )(
- __RPC__in IWebBrowser * This);
- /* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Navigate )(
- __RPC__in IWebBrowser * This,
- /* [in] */ __RPC__in BSTR URL,
- /* [unique][optional][in] */ __RPC__in_opt VARIANT *Flags,
- /* [unique][optional][in] */ __RPC__in_opt VARIANT *TargetFrameName,
- /* [unique][optional][in] */ __RPC__in_opt VARIANT *PostData,
- /* [unique][optional][in] */ __RPC__in_opt VARIANT *Headers);
- /* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Refresh )(
- __RPC__in IWebBrowser * This);
- /* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Refresh2 )(
- __RPC__in IWebBrowser * This,
- /* [unique][optional][in] */ __RPC__in_opt VARIANT *Level);
- /* [helpcontext][helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Stop )(
- __RPC__in IWebBrowser * This);
- /* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Application )(
- __RPC__in IWebBrowser * This,
- /* [retval][out] */ __RPC__deref_out_opt IDispatch **ppDisp);
- /* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Parent )(
- __RPC__in IWebBrowser * This,
- /* [retval][out] */ __RPC__deref_out_opt IDispatch **ppDisp);
- /* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Container )(
- __RPC__in IWebBrowser * This,
- /* [retval][out] */ __RPC__deref_out_opt IDispatch **ppDisp);
- /* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Document )(
- __RPC__in IWebBrowser * This,
- /* [retval][out] */ __RPC__deref_out_opt IDispatch **ppDisp);
- /* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_TopLevelContainer )(
- __RPC__in IWebBrowser * This,
- /* [retval][out] */ __RPC__out VARIANT_BOOL *pBool);
- /* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Type )(
- __RPC__in IWebBrowser * This,
- /* [retval][out] */ __RPC__deref_out_opt BSTR *Type);
- /* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Left )(
- __RPC__in IWebBrowser * This,
- /* [retval][out] */ __RPC__out long *pl);
- /* [propput][id] */ HRESULT ( STDMETHODCALLTYPE *put_Left )(
- __RPC__in IWebBrowser * This,
- /* [in] */ long Left);
- /* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Top )(
- __RPC__in IWebBrowser * This,
- /* [retval][out] */ __RPC__out long *pl);
- /* [propput][id] */ HRESULT ( STDMETHODCALLTYPE *put_Top )(
- __RPC__in IWebBrowser * This,
- /* [in] */ long Top);
- /* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Width )(
- __RPC__in IWebBrowser * This,
- /* [retval][out] */ __RPC__out long *pl);
- /* [propput][id] */ HRESULT ( STDMETHODCALLTYPE *put_Width )(
- __RPC__in IWebBrowser * This,
- /* [in] */ long Width);
- /* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Height )(
- __RPC__in IWebBrowser * This,
- /* [retval][out] */ __RPC__out long *pl);
- /* [propput][id] */ HRESULT ( STDMETHODCALLTYPE *put_Height )(
- __RPC__in IWebBrowser * This,
- /* [in] */ long Height);
- /* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_LocationName )(
- __RPC__in IWebBrowser * This,
- /* [retval][out] */ __RPC__deref_out_opt BSTR *LocationName);
- /* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_LocationURL )(
- __RPC__in IWebBrowser * This,
- /* [retval][out] */ __RPC__deref_out_opt BSTR *LocationURL);
- /* [helpcontext][helpstring][propget][id] */ HRESULT ( STDMETHODCALLTYPE *get_Busy )(
- __RPC__in IWebBrowser * This,
- /* [retval][out] */ __RPC__out VARIANT_BOOL *pBool);
- END_INTERFACE
- } IWebBrowserVtbl;
- interface ctype_IWebBrowser ///< 改名了
- {
- CONST_VTBL struct IWebBrowserVtbl *lpVtbl;
- };
- #endif