⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 hookapi_jmp.cpp

📁 《Windows应用程序捆绑核心编程》配套源码
💻 CPP
字号:
🔍 
// HookApi_JMP.cpp.
#include "stdafx.h"
#include "HookApi_JMP.h"

// 直接跳转.
//---------------------------------------------------------------------------
CHookApi_Jmp::CHookApi_Jmp(void)
{ 
}

//---------------------------------------------------------------------------
CHookApi_Jmp::~CHookApi_Jmp()
{ 
	CloseHandle(m_hProc); 
}

//---------------------------------------------------------------------------
void CHookApi_Jmp::SetHookOn()
{ 
	DWORD dwOldFlag; 
	WriteProcessMemory(m_hProc, (void *)m_lpHookFunc, 
	               	(void *)m_NewFunc, 5, &dwOldFlag);
}

//---------------------------------------------------------------------------
void CHookApi_Jmp::SetHookOff()
{ 
	DWORD dwOldFlag; 
	WriteProcessMemory(m_hProc, (void *)m_lpHookFunc, 
              	(void *)m_OldFunc, 5, &dwOldFlag);
}

//---------------------------------------------------------------------------
void CHookApi_Jmp::HookOneAPI(LPCTSTR ModuleName,
							 LPCTSTR ApiName, FARPROC lpNewFunc)
{
    m_lpHookFunc = GetProcAddress(GetModuleHandle(ModuleName),ApiName);
    m_hProc = GetCurrentProcess();
	m_NewFunc[0]=0xe9;    

	// 复制m_lpHookFunc前5个字节代码到m_OldFunc.
	memcpy(m_OldFunc,(char *)m_lpHookFunc,5);

	DWORD*pNewFuncAddress;    
	pNewFuncAddress=(DWORD*)&m_NewFunc[1];    
	*pNewFuncAddress=(DWORD)lpNewFunc-(DWORD)m_lpHookFunc-5; 
}
//---------------------------------------------------------------------------
//---------------------------------------------------------------------------
// 间接跳转.
CHookApi_Jmp2::CHookApi_Jmp2()
{
	BYTE str[8] = { 0x0B8, 0x0, 0x0, 0x40, 0x0, 0x0FF, 0x0E0,0}; 
	memcpy(m_NewFunc,str,8);
}

//---------------------------------------------------------------------------
CHookApi_Jmp2::~CHookApi_Jmp2()
{
	CloseHandle(m_hProc); 
}

//---------------------------------------------------------------------------
void CHookApi_Jmp2::SetHookOn()
{ 
	DWORD dwOldFlag; 
	WriteProcessMemory(m_hProc, (void *)m_lpHookFunc, 
	               	(void *)m_NewFunc, 8, &dwOldFlag);
}

//---------------------------------------------------------------------------
void CHookApi_Jmp2::SetHookOff()
{ 
	DWORD dwOldFlag; 
	WriteProcessMemory(m_hProc, (void *)m_lpHookFunc, 
              	(void *)m_OldFunc, 8, &dwOldFlag);
}

//---------------------------------------------------------------------------
void CHookApi_Jmp2::HookOneAPI
      (LPCTSTR ModuleName, LPCTSTR ApiName, FARPROC lpNewFunc)
{
	m_lpHookFunc = GetProcAddress(GetModuleHandle(ModuleName),ApiName);
	m_hProc = GetCurrentProcess();

	// 复制m_lpHookFunc前8个字节代码到m_OldFunc.
	memcpy(m_OldFunc,(char *)m_lpHookFunc,8);
	*(DWORD *)( m_NewFunc + 1 ) = (DWORD)lpNewFunc; 
}

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -