📄 he4hookdriverhide.cpp
字号:
return UserCommand.m_dwBytesReturned;
}
BOOL He4HookDriverHide::AddKeysToSaveList(PW32_KEYINFOSET lpKeyInfoSetW32)
{
USER_COMMAND UserCommand;
PKEYINFOSET lpKeyInfoSet = CreateKeyInfoSet(lpKeyInfoSetW32);
if (lpKeyInfoSet)
{
UserCommand.m_dwCommand = HE4_ADD_KEYS_TO_SAVE_LIST;
UserCommand.m_lpInBuffer = lpKeyInfoSet;
UserCommand.m_dwInBufferSize = lpKeyInfoSet->dwSize;
UserCommand.m_dwBytesReturned = 0;
if (SendCommand(&UserCommand))
{
delete[] (char*)lpKeyInfoSet;
return (BOOL) UserCommand.m_dwBytesReturned;
}
delete[] (char*)lpKeyInfoSet;
}
return FALSE;
}
BOOL He4HookDriverHide::DelKeysFromSaveList(PW32_KEYINFOSET lpKeyInfoSetW32)
{
USER_COMMAND UserCommand;
PKEYINFOSET lpKeyInfoSet = CreateKeyInfoSet(lpKeyInfoSetW32);
if (lpKeyInfoSet)
{
UserCommand.m_dwCommand = HE4_DEL_KEYS_FROM_SAVE_LIST;
UserCommand.m_lpInBuffer = lpKeyInfoSet;
UserCommand.m_dwInBufferSize = lpKeyInfoSet->dwSize;
UserCommand.m_dwBytesReturned = 0;
if (SendCommand(&UserCommand))
{
delete[] (char*)lpKeyInfoSet;
return (BOOL) UserCommand.m_dwBytesReturned;
}
delete[] (char*)lpKeyInfoSet;
}
return FALSE;
}
BOOL He4HookDriverHide::HookRegistry()
{
USER_COMMAND UserCommand;
UserCommand.m_dwCommand = HE4_HOOK_REGISTRY;
UserCommand.m_lpInBuffer = NULL;
UserCommand.m_dwInBufferSize = 0;
UserCommand.m_lpOutBuffer = NULL;
UserCommand.m_dwOutBufferSize = 0;
UserCommand.m_dwBytesReturned = 0;
if (!SendCommand(&UserCommand))
return FALSE;
return (BOOL) UserCommand.m_dwBytesReturned;
}
BOOL He4HookDriverHide::UnHookRegistry()
{
USER_COMMAND UserCommand;
UserCommand.m_dwCommand = HE4_UNHOOK_REGISTRY;
UserCommand.m_lpInBuffer = NULL;
UserCommand.m_dwInBufferSize = 0;
UserCommand.m_lpOutBuffer = NULL;
UserCommand.m_dwOutBufferSize = 0;
UserCommand.m_dwBytesReturned = 0;
if (!SendCommand(&UserCommand))
return FALSE;
return (BOOL) UserCommand.m_dwBytesReturned;
}
BOOL He4HookDriverHide::AddShortName(PW32_FILEINFOSET lpFileInfoSetW32)
{
if (!lpFileInfoSetW32)
return FALSE;
USER_COMMAND UserCommand;
W32_FILEINFOSET FileInfoSet;
W32_FILEINFO FileInfo;
char *lpszShortName = 0;
char *lpwszShortChangedName = 0;
DWORD dwRes;
FileInfoSet.dwSize = 1;
FileInfoSet.lpFileInfo = &FileInfo;
//UserCommand.m_dwCommand = HE4_ADD_TO_SAVE_LIST;
//UserCommand.m_lpInBuffer = &FileInfoSet;
//UserCommand.m_dwInBufferSize = sizeof(FILEINFOSET);
for (int i=0; i<(int)lpFileInfoSetW32->dwSize; i++)
{
if (!lpFileInfoSetW32->lpFileInfo[i].lpszName)
continue;
if ((lpFileInfoSetW32->lpFileInfo[i].dwAccessType & FILE_ACC_TYPE_EXCHANGE) && (!lpFileInfoSetW32->lpFileInfo[i].lpszChangedName))
continue;
lpszShortName = new char[lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszName)+sizeof(char)];
if (!lpszShortName)
continue;
// lstrcpy(&lpszShortName[1], lpFileInfoSetW32->lpFileInfo[i].lpszName);
// lpszShortName[0] = 'f'; dwRes = GetShortPathName(lpFileInfoSetW32->lpFileInfo[i].lpszName, lpszShortName, lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszName)+sizeof(char));
if (!dwRes)
{
delete[] lpszShortName;
lpszShortName = 0;
continue;
}
// memcpy(&lpszShortName[0], &lpszShortName[1], lstrlen(lpszShortName));
if (lstrlen(lpszShortName) == lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszName))
{
delete[] lpszShortName;
lpszShortName = 0;
continue;
}
if (lpFileInfoSetW32->lpFileInfo[i].dwAccessType & FILE_ACC_TYPE_EXCHANGE)
{
lpwszShortChangedName = new char[lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszChangedName)+sizeof(char)];
if (!lpwszShortChangedName)
{
delete[] lpszShortName;
lpszShortName = 0;
continue;
}
dwRes = GetShortPathName((char*)lpFileInfoSetW32->lpFileInfo[i].lpszChangedName, lpwszShortChangedName, lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszChangedName)+sizeof(char));
if (!dwRes)
{
delete[] lpszShortName;
lpszShortName = 0;
delete[] lpwszShortChangedName;
lpwszShortChangedName = 0;
continue;
}
}
FileInfo.lpszName = lpszShortName;
FileInfo.lpszChangedName = lpwszShortChangedName;
FileInfo.dwAccessType = lpFileInfoSetW32->lpFileInfo[i].dwAccessType;
PFILEINFOSET pFileInfo = CreateFileInfoSet(&FileInfoSet);
if (pFileInfo)
{
UserCommand.m_dwCommand = HE4_ADD_TO_SAVE_LIST;
UserCommand.m_lpInBuffer = pFileInfo;
UserCommand.m_dwInBufferSize = pFileInfo->dwSize;
UserCommand.m_dwBytesReturned = 0;
SendCommand(&UserCommand);
delete[] (char*)pFileInfo;
}
delete[] lpszShortName;
lpszShortName = 0;
delete[] lpwszShortChangedName;
lpwszShortChangedName = 0;
}
return TRUE;
}
BOOL He4HookDriverHide::DelShortName(PW32_FILEINFOSET lpFileInfoSetW32)
{
if (!lpFileInfoSetW32)
return FALSE;
USER_COMMAND UserCommand;
W32_FILEINFOSET FileInfoSet;
W32_FILEINFO FileInfo;
char *lpszShortName = 0;
char *lpwszShortChangedName = 0;
DWORD dwRes;
FileInfoSet.dwSize = 1;
FileInfoSet.lpFileInfo = &FileInfo;
//UserCommand.m_dwCommand = HE4_DEL_FROM_SAVE_LIST;
//UserCommand.m_lpInBuffer = &FileInfoSet;
//UserCommand.m_dwInBufferSize = sizeof(FILEINFOSET);
for (int i=0; i<(int)lpFileInfoSetW32->dwSize; i++)
{
if (!lpFileInfoSetW32->lpFileInfo[i].lpszName)
continue;
if ((lpFileInfoSetW32->lpFileInfo[i].dwAccessType & FILE_ACC_TYPE_EXCHANGE) && (!lpFileInfoSetW32->lpFileInfo[i].lpszChangedName))
continue;
lpszShortName = new char[lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszName)+sizeof(char)];
if (!lpszShortName)
continue;
// lstrcpy(&lpszShortName[1], lpFileInfoSetW32->lpFileInfo[i].lpszName);
// lpszShortName[0] = 'c';
dwRes = GetShortPathName(lpFileInfoSetW32->lpFileInfo[i].lpszName, lpszShortName, lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszName)+sizeof(char));
if (!dwRes)
{
delete[] lpszShortName;
lpszShortName = 0;
continue;
}
// memcpy(&lpszShortName[0], &lpszShortName[1], lstrlen(lpszShortName));
if (lstrlen(lpszShortName) == lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszName))
{
delete[] lpszShortName;
lpszShortName = 0;
continue;
}
if (lpFileInfoSetW32->lpFileInfo[i].dwAccessType & FILE_ACC_TYPE_EXCHANGE)
{
lpwszShortChangedName = new char[lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszChangedName)+sizeof(char)];
if (!lpwszShortChangedName)
{
delete[] lpszShortName;
lpszShortName = 0;
continue;
}
dwRes = GetShortPathName((char*)lpFileInfoSetW32->lpFileInfo[i].lpszChangedName, lpwszShortChangedName, lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszChangedName)+sizeof(char));
if (!dwRes)
{
delete[] lpszShortName;
lpszShortName = 0;
delete[] lpwszShortChangedName;
lpwszShortChangedName = 0;
continue;
}
}
FileInfo.lpszName = lpszShortName;
FileInfo.lpszChangedName = lpwszShortChangedName;
FileInfo.dwAccessType = lpFileInfoSetW32->lpFileInfo[i].dwAccessType;
PFILEINFOSET pFileInfo = CreateFileInfoSet(&FileInfoSet);
if (pFileInfo)
{
UserCommand.m_dwCommand = HE4_DEL_FROM_SAVE_LIST;
UserCommand.m_lpInBuffer = pFileInfo;
UserCommand.m_dwInBufferSize = pFileInfo->dwSize;
UserCommand.m_dwBytesReturned = 0;
SendCommand(&UserCommand);
delete[] (char*)pFileInfo;
}
delete[] lpszShortName;
lpszShortName = 0;
delete[] lpwszShortChangedName;
lpwszShortChangedName = 0;
}
return TRUE;
}
PFILEINFOSET He4HookDriverHide::CreateFileInfoSet(PW32_FILEINFOSET lpFileInfoSetW32)
{
if(!lpFileInfoSetW32)
return FALSE;
DWORD dwSizeOfArea = SIZEOF_FILEINFOSET - SIZEOF_FILEINFO;
for (int i=0; i<(int)lpFileInfoSetW32->dwSize; i++)
{
if (lpFileInfoSetW32->lpFileInfo[i].lpszName)
{
dwSizeOfArea += SIZEOF_FILEINFO - sizeof(char);
dwSizeOfArea += lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszName) + sizeof(char);
if (lpFileInfoSetW32->lpFileInfo[i].dwAccessType & FILE_ACC_TYPE_EXCHANGE)
{
if (!lpFileInfoSetW32->lpFileInfo[i].lpszChangedName)
{
lpFileInfoSetW32->lpFileInfo[i].dwAccessType &= ~FILE_ACC_TYPE_EXCHANGE;
}
else
{
dwSizeOfArea += lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszChangedName) + sizeof(char);
}
}
else
{
lpFileInfoSetW32->lpFileInfo[i].lpszChangedName = NULL;
}
}
}
PFILEINFOSET pFileInfoSet = NULL;
if (dwSizeOfArea > SIZEOF_FILEINFOSET - SIZEOF_FILEINFO)
{
pFileInfoSet = (PFILEINFOSET ) new char[dwSizeOfArea];
if (pFileInfoSet)
{
memset(pFileInfoSet, 0, dwSizeOfArea);
pFileInfoSet->dwSize = dwSizeOfArea;
PFILEINFO pFileInfo = &pFileInfoSet->FileInfo[0];
DWORD dwSizeNames;
for (int i=0; i<(int)lpFileInfoSetW32->dwSize; i++)
{
if (lpFileInfoSetW32->lpFileInfo[i].lpszName)
{
pFileInfo->dwAccessType = lpFileInfoSetW32->lpFileInfo[i].dwAccessType;
dwSizeNames = lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszName)+sizeof(char);
if (lpFileInfoSetW32->lpFileInfo[i].lpszChangedName)
dwSizeNames += lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszChangedName)+sizeof(char);
pFileInfo->dwSizeAllNamesArea = dwSizeNames;
pFileInfo->dwOffsetToAnsiName = 0;
pFileInfo->dwSizeAnsiName = lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszName)+sizeof(char);
lstrcpy(pFileInfo->szNames+pFileInfo->dwOffsetToAnsiName, lpFileInfoSetW32->lpFileInfo[i].lpszName);
if (lpFileInfoSetW32->lpFileInfo[i].lpszChangedName)
{
pFileInfo->dwOffsetToAnsiChangedName = pFileInfo->dwOffsetToAnsiName + pFileInfo->dwSizeAnsiName;
pFileInfo->dwSizeAnsiChangedName = lstrlen(lpFileInfoSetW32->lpFileInfo[i].lpszChangedName)+sizeof(char);
lstrcpy(pFileInfo->szNames+pFileInfo->dwOffsetToAnsiChangedName, lpFileInfoSetW32->lpFileInfo[i].lpszChangedName);
}
pFileInfo = (PFILEINFO) ((PCHAR)pFileInfo + dwSizeNames + (SIZEOF_FILEINFO-sizeof(char)));
}
}
}
}
return pFileInfoSet;
}
PKEYINFOSET He4HookDriverHide::CreateKeyInfoSet(PW32_KEYINFOSET lpKeyInfoSetW32)
{
if (!lpKeyInfoSetW32)
return FALSE;
DWORD dwSizeOfArea = SIZEOF_KEYINFOSET - SIZEOF_KEYINFO;
for (int i=0; i<(int)lpKeyInfoSetW32->dwSize; i++)
{
if (lpKeyInfoSetW32->lpKeyInfo[i].lpszName)
{
dwSizeOfArea += SIZEOF_KEYINFO - sizeof(char);
dwSizeOfArea += lstrlen(lpKeyInfoSetW32->lpKeyInfo[i].lpszName) + sizeof(char);
}
}
PKEYINFOSET pKeyInfoSet = NULL;
if (dwSizeOfArea > SIZEOF_KEYINFOSET - SIZEOF_KEYINFO)
{
pKeyInfoSet = (PKEYINFOSET) new char[dwSizeOfArea];
if (pKeyInfoSet)
{
memset(pKeyInfoSet, 0, dwSizeOfArea);
pKeyInfoSet->dwSize = dwSizeOfArea;
PKEYINFO pKeyInfo = &pKeyInfoSet->KeyInfo[0];
DWORD dwSizeNames;
for (int i=0; i<(int)lpKeyInfoSetW32->dwSize; i++)
{
if (lpKeyInfoSetW32->lpKeyInfo[i].lpszName)
{
pKeyInfo->dwType = lpKeyInfoSetW32->lpKeyInfo[i].dwType;
dwSizeNames = lstrlen(lpKeyInfoSetW32->lpKeyInfo[i].lpszName)+sizeof(char);
pKeyInfo->dwSizeName = dwSizeNames;
lstrcpy(pKeyInfo->szName, lpKeyInfoSetW32->lpKeyInfo[i].lpszName);
pKeyInfo = (PKEYINFO) ((PCHAR)pKeyInfo + dwSizeNames + (SIZEOF_KEYINFO-sizeof(char)));
}
}
}
}
return pKeyInfoSet;
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -