📄 unhook.asm
字号:
;@goto translate
.586P
.MODEL FLAT, STDCALL
OPTION CASEMAP: NONE
UNICODE = 1
INCLUDE WINDOWS.inc
INCLUDE APIMACRO.mac
INCLUDELIB iKERNEL32.lib
INCLUDELIB iUSER32.lib
INCLUDELIB iApiHooks.lib
.CODE
PrimaryThread PROC
iWin32 GetCurrentProcessId
; loaded statically
iWin32i EstablishApiHooks, sUnhookDll, EAX
; TEST EAX, EAX
; JNE Failed
; or dynamic loading
; iWin32i LoadLibrary, sApiHooks
; TEST EAX, EAX
; JE Exit
; iWin32 GetProcAddress, EAX, sEstablishApiHooks
; TEST EAX, EAX
; JE Exit
; sWin32 EAX, sUnhookDll, prinfo.dwProcessId
; TEST EAX, EAX
; JNE Failed
MOV EBX, 1000
@@:
iWin32 GetVersion
DEC EBX
JGE @B
iWin32i MessageBox, NULL, sUnhookMsg, sUnhookTitle, MB_OK
Exit:
iWin32 ExitProcess, STATUS_SUCCESS
PrimaryThread ENDP
TEXT UnhookDll, <Unhook.dll/0>
TEXT UnhookTitle, <Unhook/0>
TEXT UnhookMsg, <Unhooked./0>
; TEXT ApiHooks, <ApiHooks.exe/0>
; TEXTA EstablishApiHooks, <EstablishApiHooks>
; IF UNICODE
; CHAR 'W'
; ELSE
; CHAR 'A'
; ENDIF
; CHAR 0
END PrimaryThread
:translate
@echo off
ML /c /coff /nologo Unhook.bat
LINK Unhook /nologo /ALIGN:0X1000 /SUBSYSTEM:WINDOWS /RELEASE /MERGE:.rdata=.text /BASE:0X32890000 /IGNORE:4108,4078
DEL Unhook.obj
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -