ULHook.cpp C++ QQ农场源代码程序 - vc源码程序

www.gusucode.com > C++ QQ农场源代码程序 > C++ QQ农场源代码程序/code/qq农场源代码/qq农场源代码/ULHook.cpp
    ///////////////////////////////////////////
// ULHook.cpp文件

#include "stdafx.h"
#include "ULHook.h"

CULHook::CULHook( )
{
	::InitializeCriticalSection(&m_cs);
	
} 
CULHook::~CULHook()
{
	::DeleteCriticalSection(&m_cs);
	Unhook();
	if(m_hModule != NULL)
		::FreeLibrary(m_hModule);
}

void CULHook::Unhook()
{
	Lock();
	if(m_pfnOrig != NULL)
	{
		DWORD dwOldProtect;
		MEMORY_BASIC_INFORMATION    mbi;
		::VirtualQuery(m_pfnOrig, &mbi, sizeof(mbi));
		::VirtualProtect(m_pfnOrig, HOOKLEN, PAGE_READWRITE, &dwOldProtect);
		
		::WriteProcessMemory(::GetCurrentProcess(), (void *)m_pfnOrig, 
			m_btOldBytes, sizeof(DWORD)*2, NULL); 
		
		::VirtualProtect(m_pfnOrig, HOOKLEN, mbi.Protect, 0);
	}
}


void CULHook::Rehook()
{
	
	if(m_pfnOrig != NULL)
	{
		DWORD dwOldProtect;
		MEMORY_BASIC_INFORMATION    mbi;
		::VirtualQuery( m_pfnOrig, &mbi, sizeof(mbi) );
		::VirtualProtect(m_pfnOrig, HOOKLEN, PAGE_READWRITE, &dwOldProtect);
		::WriteProcessMemory(::GetCurrentProcess(), (void *)m_pfnOrig, 
			m_btNewBytes, HOOKLEN, NULL); 
		::VirtualProtect(m_pfnOrig, HOOKLEN, mbi.Protect, 0);
	}
	
	UnLock();
}


void CULHook::Lock()
{
	::EnterCriticalSection(&m_cs);
	
}

void CULHook::UnLock()
{
	
	::LeaveCriticalSection(&m_cs);
}

void CULHook::SetAPIHook(LPSTR pszModName, LPSTR pszFuncName, PROC pfnHook)
{ 
	
	//////////////////////////////////////////////////////////////////////////
	
	m_hModule = ::LoadLibrary(pszModName);
	if(m_hModule == NULL)	{ 	m_pfnOrig = NULL; return; }
	//从模块中得到这个函数的地址
	m_pfnOrig = ::GetProcAddress(m_hModule, pszFuncName);
	// 修改原API函数执行代码的前8个字节，使它跳向我们的函数
	if (m_pfnOrig == NULL)
	{
		m_pfnOrig = NULL; return;
		
	}
	//////////////////////////////////////////////////////////////////////////
	
	BYTE btNewBytes[8] = { 0xB8, 0x00, 0x00, 0x40, 0x00, 0xFF, 0xE0, 0x00 }; 
	memcpy(m_btNewBytes, btNewBytes, HOOKLEN);
	
	*(DWORD *)(m_btNewBytes + 1) = (DWORD)pfnHook; 
	if(m_pfnOrig != NULL)
	{
		DWORD dwOldProtect;
		MEMORY_BASIC_INFORMATION    mbi;
		::VirtualQuery( m_pfnOrig, &mbi, sizeof(mbi) );
		::VirtualProtect(m_pfnOrig, HOOKLEN, PAGE_READWRITE, &dwOldProtect);
		
		memcpy(m_btOldBytes, m_pfnOrig, HOOKLEN);
		
		::WriteProcessMemory(::GetCurrentProcess(), (void *)m_pfnOrig, 
			m_btNewBytes, HOOKLEN, NULL); 
		
		::VirtualProtect(m_pfnOrig, HOOKLEN, mbi.Protect, 0);
	}
	
}

void  SetAPIHook2(LPSTR pszModName, LPSTR pszFuncName, PROC pfnHook)
{
	//1:修改头五字节跳走
	//2:将入口后品五字字复制 
	//3自己的函数
}
 


//////////////////////////////////////////////////////////////////////////