forked from ishare2121/DofProject
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathHook.cpp
More file actions
67 lines (54 loc) · 1.91 KB
/
Copy pathHook.cpp
File metadata and controls
67 lines (54 loc) · 1.91 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#pragma once
#include "Hook.h"
void WriteJmp(void* pfn, void* pCallback) {
DWORD pTmp = NULL;
VirtualProtect(pfn, 5, PAGE_EXECUTE_READWRITE, &pTmp);
*(UCHAR*)((char*)pfn + 0) = 0xE9;
*(ULONG*)((char*)pfn + 1) = (ULONG)pCallback - (ULONG)pfn - 5;
FlushInstructionCache(GetCurrentProcess(), pfn, 5);
VirtualProtect(pfn, 5, pTmp, &pTmp);
}
void WriteCall(void* pfn, void* pCallback) {
DWORD pTmp = NULL;
VirtualProtect(pfn, 5, PAGE_EXECUTE_READWRITE, &pTmp);
*(UCHAR*)((char*)pfn + 0) = 0xE8;
*(DWORD*)((char*)pfn + 1) = (DWORD)pCallback - (DWORD)pfn - 5;
FlushInstructionCache(GetCurrentProcess(), pfn, 5);
VirtualProtect(pfn, 5, pTmp, &pTmp);
}
BOOL AttachHook(DWORD hookAddress, DWORD hookFunc)
{
DWORD hookedAddr = hookAddress;
BYTE hookedBytes[5] = { 0xE8,0x90,0x90,0x90,0x90 };
*(DWORD*)(hookedBytes + 1) = (DWORD)hookFunc - (DWORD)hookedAddr - 5;
return WriteProcessMemory(INVALID_HANDLE_VALUE, (LPVOID)hookedAddr, hookedBytes, 5, NULL);
}
BOOL SimpleHook::HookByAddress(DWORD hookedFunc, DWORD myHookFunc)
{
hookedAddr = hookedFunc;
ReadProcessMemory(INVALID_HANDLE_VALUE, (LPCVOID)hookedAddr, hookedBytes, 5, NULL);
*(DWORD*)(hookBytes + 1) = (DWORD)myHookFunc - (DWORD)hookedAddr - 5;
return WriteProcessMemory(INVALID_HANDLE_VALUE, (LPVOID)hookedAddr, hookBytes, 5, NULL);
}
BOOL SimpleHook::HookByModule(LPCSTR lpModuleName, LPCSTR lpProcName, DWORD myHookFunc)
{
HMODULE hmodule = GetModuleHandleA(lpModuleName);
if (!hmodule)
return FALSE;
DWORD procAddress = (DWORD)GetProcAddress(hmodule, lpProcName);
if (!procAddress)
return FALSE;
return HookByAddress(procAddress, myHookFunc);
}
BOOL SimpleHook::UnHook()
{
if (!hookedAddr)
return FALSE;
return WriteProcessMemory(INVALID_HANDLE_VALUE, (LPVOID)hookedAddr, hookedBytes, 5, NULL);
}
BOOL SimpleHook::ReHook()
{
if (!hookedAddr)
return FALSE;
return WriteProcessMemory(INVALID_HANDLE_VALUE, (LPVOID)hookedAddr, hookBytes, 5, NULL);
}