capconsole.asm

window编程,非常的好

;@GOTO TRANSLATE

.586P

.MODEL            FLAT, STDCALL

   OPTION         CASEMAP: NONE
   INCLUDE        WINDOWS.inc
   UNICODE        = FALSE
   INCLUDE        APIMACRO.mac

   INCLUDE        ApiHooks.inc

   INCLUDELIB     iKERNEL32.lib

;------------------------------------------------------------------
.DATA?
   Place           ACHAR   4096   DUP (?)


.CODE

  ;if DllMain is not required then use /noentry switch on LINK commandline

  DllMain    PROC     DllHandle, Reason, pContext
    MOV      EAX,     Reason
    CMP      EAX,     DLL_PROCESS_ATTACH
    JE       Attach
    CMP      EAX,     DLL_PROCESS_DETACH
    JE       Detach
   Success:
    MOV      EAX,     TRUE
    RET

   Attach:
    CMP      hLog, INVALID_HANDLE_VALUE
    JNE      Success
    iWin32i  CreateFile, sLogName, GENERIC_WRITE, FILE_SHARE_READ,\
                         NULL, CREATE_ALWAYS, NULL, NULL
    MOV      hLog, EAX
    JMP      Success

   Detach:
    iWin32   CloseHandle, hLog
    MOV      hLog, INVALID_HANDLE_VALUE
    JMP      Success

    TEXT     LogName, <console.log/0>
    ALIGN    4
    hLog     HANDLE   INVALID_HANDLE_VALUE
  DllMain    ENDP
;------------------------------------------------------------------
  NewWriteConsoleA PROC    hConOut, lpvBuffer, cchToWrite,\
                           lpcchWritten, lpvReserved
                   LOCAL   Written : DWORD
                   LEA     ECX, Written
                   iWin32  WriteFile, hLog, lpvBuffer, cchToWrite, ECX, NULL
                   LEAVE
                   iWin32j  WriteConsoleA
  NewWriteConsoleA ENDP
;------------------------------------------------------------------
  NewWriteConsoleW PROC    hConOut, lpvBuffer, cchToWrite,\
                           lpcchWritten, lpvReserved
                   LOCAL   Written : DWORD
                   iWin32  WideCharToMultiByte, CP_ACP, NULL, lpvBuffer, -1, OFFSET Place, SIZEOF Place, NULL, NULL
                   LEA     ECX, Written
                   iWin32  WriteFile, hLog, OFFSET Place, EAX, ECX, NULL
                   LEAVE
                   iWin32j WriteConsoleW
  NewWriteConsoleW ENDP
;------------------------------------------------------------------
  ;todo WriteConsoleOutputA + WriteConsoleOutputW
;------------------------------------------------------------------
  NewGetStdHandle  PROC    nStdHandle
                   CMP     nStdHandle, STD_ERROR_HANDLE
                   JNE     @F
                   iWin32  GetStdHandle, nStdHandle
                   MOV     hErr, EAX   ;todo fields of handles, not 1 only
                   RET
                  @@:
                   LEAVE
                   iWin32j GetStdHandle               
                   hErr    HANDLE 0
  NewGetStdHandle  ENDP
;------------------------------------------------------------------
  NewWriteFile     PROC    hFile, lpBuffer, nNumberOfBytesToWrite,\
                           lpcchWritten, lpOverlapped
                   LOCAL   Written : DWORD
                   MOV     EAX, hFile
                   LEA     ECX, Written
                   CMP     EAX, hErr
                   JNE     @F
                   iWin32  WriteFile, hLog, lpBuffer, nNumberOfBytesToWrite, ECX, NULL
                  @@:
                   LEAVE
                   iWin32j  WriteFile
  NewWriteFile     ENDP
;------------------------------------------------------------------
IFDEF Soft9x
  NewGetProcAddress  PROC  hLibrary, lpszProc
                   ;iWin32  GetProcAddress, lpszLibrary, lpszProc
                   iWin32  GetModuleHandleA, sKERNEL32
                   CMP     EAX, hLibrary
                   JNE     @GoGPA

        CmpApi     MACRO   __ApiNomen
                   iWin32  lstrcmp, lpszProc, s&__ApiNomen
                   TEST    EAX, EAX
                   JNE     @F
                   MOV     EAX, New&__ApiNomen
                   JMP     @RetGPA
                  @@:
                   ENDM

                   CmpApi  WriteConsoleA
                   CmpApi  WriteConsoleW
                   CmpApi  GetStdHandle
                   CmpApi  WriteFile
                   CmpApi  GetProcAddress

                  @GoGPA:
                   LEAVE
                   iWin32j GetProcAddress
                  @RetGPA:
                   RET
  NewGetProcAddress  ENDP
ENDIF

;names-------------------------------------------------------------
                   TEXTA   KERNEL32, <KERNEL32.dll/0> 
                   TEXTA   WriteConsoleA, <WriteConsoleA/0> 
                   TEXTA   WriteConsoleW, <WriteConsoleW/0> 
                   TEXTA   GetStdHandle, <GetStdHandle/0> 
                   TEXTA   WriteFile, <WriteFile/0> 
  IFDEF Soft9x
                   TEXTA   GetProcAddress, <GetProcAddress/0> 
  ENDIF
;------------------------------------------------------------------
 BeginHooks CapConsole  
   API_HOOK <sKERNEL32, sWriteConsoleA,  HOOK_ALL, ALL_MODULES, NULL, NewWriteConsoleA>
   API_HOOK <sKERNEL32, sWriteConsoleW,  HOOK_ALL, ALL_MODULES, NULL, NewWriteConsoleW>
   API_HOOK <sKERNEL32, sGetStdHandle,   HOOK_ALL, ALL_MODULES, NULL, NewGetStdHandle>
   API_HOOK <sKERNEL32, sWriteFile,      HOOK_ALL, ALL_MODULES, NULL, NewWriteFile>
  IFDEF Soft9x
   API_HOOK <sKERNEL32, sGetProcAddress, HOOK_ALL, ALL_MODULES, NULL, NewGetProcAddress>
  ENDIF
 EndHooks
;------------------------------------------------------------------

END  DllMain

:TRANSLATE
@ECHO OFF
ML    /c /coff /nologo CapConsole.bat
LINK3 CapConsole /OUT:CapConsoleNT.dll /nologo /DLL /EXPORT:CapConsole,@1,NONAME /SUBSYSTEM:WINDOWS /MERGE:.idata=.text /MERGE:.rdata=.text /SECTION:.text,WRE /IGNORE:4078 /BASE:0X77770000
ML    /c /coff /DSoft9x /nologo CapConsole.bat
LINK3 CapConsole /OUT:CapConsole9xS.dll /nologo /DLL /EXPORT:CapConsole,@1,NONAME /SUBSYSTEM:WINDOWS /MERGE:.idata=.text /MERGE:.rdata=.text /SECTION:.text,WRE /IGNORE:4078 /BASE:0X77770000
DEL   CapConsole.obj
DEL   CapConsoleNT.exp
DEL   CapConsoleNT.lib
DEL   CapConsole9xS.exp
DEL   CapConsole9xS.lib