// HookMessage.cpp: 定义控制台应用程序的入口点。
//
#include "stdafx.h"
#include <Windows.h>
class MyHookClass {
public :
MyHookClass()
{
m_pfnOld = nullptr;
ZeroMemory(m_bNewBytes, 5);
ZeroMemory(m_bOldBytes, 5);
}
~MyHookClass()
{
UnHook();
}
/*
* Hook function
* @param szModuleName,Module name
* @param szFuncName ,function name
* @param pHookFunc , address of function
* @return
*/
BOOL Hook(char* szModuleName,char* szFuncName,PROC pHookFunc)
{
BOOL bRet = FALSE;
do
{
m_pfnOld = GetProcAddress(GetModuleHandleA(szModuleName),szFuncName);
if (!m_pfnOld)
{
break;
}
DWORD dwNum = 0;
ReadProcessMemory(GetCurrentProcess(), m_pfnOld, m_bOldBytes, 5, &dwNum);
m_bNewBytes[0] = '\xe9';
*(DWORD*)(m_bNewBytes + 1) = (DWORD)pHookFunc - (DWORD)m_pfnOld - 5;
WriteProcessMemory(GetCurrentProcess(), m_pfnOld, m_bNewBytes, 5, &dwNum);
bRet = true;
} while (FALSE);
return bRet;
}
void UnHook()
{
if (m_pfnOld != nullptr)
{
DWORD dwNum = 0;
WriteProcessMemory(GetCurrentProcess(), m_pfnOld, m_bOldBytes, 5, &dwNum);
}
}
bool ReHook()
{
BOOL bRet = false;
if (m_pfnOld != nullptr)
{
DWORD dwNum = 0;
WriteProcessMemory(GetCurrentProcess(), m_pfnOld, m_bNewBytes, 5, &dwNum);
bRet = true;
}
return bRet;
}
private:
PROC m_pfnOld;
BYTE m_bOldBytes[5];
BYTE m_bNewBytes[5];
};
MyHookClass g_MsgHook;
int WINAPI MyMessageBox(_In_opt_ HWND hWnd, _In_opt_ LPCTSTR lpText, _In_opt_ LPCTSTR lpCaption, _In_opt_ UINT uType)
{
g_MsgHook.UnHook();
MessageBoxW(hWnd,L"Hook Success",L"Hook",MB_OK);
g_MsgHook.ReHook();
return 0;
}
int main(int argc,char* argv[])
{
// hook windows api
MessageBoxW(NULL, L"context", L"test", MB_OK);
char szModuleName[MAXBYTE] = {0};//"user32.dll";
char szFuncName[MAXBYTE] = { 0 };// "MessageBoxW";
strcpy_s(szModuleName, MAXBYTE, "user32.dll");
strcpy_s(szFuncName, MAXBYTE, "MessageBoxW");
g_MsgHook.Hook(szModuleName, szFuncName, (PROC)MyMessageBox);
MessageBoxW(NULL, L"context", L"test", MB_OK);
return 0;
}