dllmain.c

标取词vc代码 欢迎大家下载

					//MessageBox(NULL,fname,"textouw textouw textouw textouw textouw",MB_OK);
					if(!IsBadWritePtr((LPVOID)(&pThunk->u1.Function), sizeof(DWORD)))
						(pThunk->u1.Function)=MyFunc2;
					else
					{
						if(VirtualProtect((LPVOID)(&pThunk->u1.Function), sizeof(DWORD),PAGE_EXECUTE_READWRITE, &dwProtect))
						{
							(pThunk->u1.Function)=MyFunc2;
							VirtualProtect((LPVOID)(&pThunk->u1.Function), sizeof(DWORD),dwProtect,&temp);
						}

						else
							MessageBox(NULL,fname,"textou2 UNABLE UNABLE UNABLE UNABLE ",MB_OK);
					}
				}
				else if((pThunk->u1.Function) == SysFunc3)
				{
					//MessageBox(NULL,fname,"exttextoua exttextoua exttextoua exttextoua",MB_OK);
					if(!IsBadWritePtr((LPVOID)(&pThunk->u1.Function), sizeof(DWORD)))
						(pThunk->u1.Function)=MyFunc3;
					else
					{
						if(VirtualProtect((LPVOID)(&pThunk->u1.Function), sizeof(DWORD),PAGE_EXECUTE_READWRITE, &dwProtect))
						{
							(pThunk->u1.Function)=MyFunc3;
							VirtualProtect((LPVOID)(&pThunk->u1.Function), sizeof(DWORD),dwProtect,&temp);
						}

						else
							MessageBox(NULL,fname,"exttextoua UNABLE UNABLE UNABLE UNABLE ",MB_OK);
					}
				}
				else if((pThunk->u1.Function) == SysFunc4)
				{
					//MessageBox(NULL,fname,"exttextouw exttextouw exttextouw exttextouw",MB_OK);
					if(!IsBadWritePtr((LPVOID)(&pThunk->u1.Function), sizeof(DWORD)))
					{
						(pThunk->u1.Function)=MyFunc4;
						VirtualProtect((LPVOID)(&pThunk->u1.Function), sizeof(DWORD),dwProtect,&temp);
					}
					else
					{
						if(VirtualProtect((LPVOID)(&pThunk->u1.Function), sizeof(DWORD),PAGE_EXECUTE_READWRITE, &dwProtect))
							(pThunk->u1.Function)=MyFunc4;
						else
							MessageBox(NULL,fname,"exttextouw UNABLE UNABLE UNABLE UNABLE ",MB_OK);
					}
				}
				pThunk++;
			}
			return 1;//already found gdi32
		}
		//else if(!strcmp(buffer,"imm32.dll")||!strcmp(buffer,"comctl32.dll")||!strcmp(buffer,"user32.dll"))
		//	ChangeFuncEntry(GetModuleHandle(buffer),0);
		/*else
		{
			//if(recursive)
				ChangeFuncEntry(GetModuleHandle(buffer),level+1);
		}*/
		pImportDesc++;
	} 
    return bSuccess;	
}

BOOL UnChangeFuncEntry(HMODULE hmodule)
{
    PIMAGE_DOS_HEADER pDOSHeader;
    PIMAGE_NT_HEADERS pNTHeader;
    PIMAGE_IMPORT_DESCRIPTOR pImportDesc;
	BOOL bSuccess = FALSE;
	char buffer[1024],buffer1[1024];
    static int times=0;
    BOOL you=FALSE;
	DWORD MyFunc1; 
    DWORD dwProtect,temp;

	/*get system functions and my functions' entry*/
	SysFunc1=(DWORD)GetProcAddress(GetModuleHandle("gdi32.dll"),"TextOutA");
	MyFunc1= (DWORD)GetProcAddress(GetModuleHandle("hookdll.dll"),"MyTextOutA");
	SysFunc2=(DWORD)GetProcAddress(GetModuleHandle("gdi32.dll"),"TextOutW");
	MyFunc2= (DWORD)GetProcAddress(GetModuleHandle("hookdll.dll"),"MyTextOutW");
	SysFunc3=(DWORD)GetProcAddress(GetModuleHandle("gdi32.dll"),"ExtTextOutA");
	MyFunc3= (DWORD)GetProcAddress(GetModuleHandle("hookdll.dll"),"MyExtTextOutA");
	SysFunc4=(DWORD)GetProcAddress(GetModuleHandle("gdi32.dll"),"ExtTextOutW");
	MyFunc4= (DWORD)GetProcAddress(GetModuleHandle("hookdll.dll"),"MyExtTextOutW");
	
	pDOSHeader=(PIMAGE_DOS_HEADER)hmodule;
	
    if (IsBadReadPtr(hmodule, sizeof(PIMAGE_NT_HEADERS)))
        return FALSE;
    
    if (pDOSHeader->e_magic != IMAGE_DOS_SIGNATURE)
        return FALSE;
    
    pNTHeader=(PIMAGE_NT_HEADERS)((DWORD)pDOSHeader+(DWORD)pDOSHeader->e_lfanew);
    if (pNTHeader->Signature != IMAGE_NT_SIGNATURE)
        return FALSE;
    
    pImportDesc = (PIMAGE_IMPORT_DESCRIPTOR)((DWORD)hmodule+(DWORD)pNTHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress);
    
    if (pImportDesc == (PIMAGE_IMPORT_DESCRIPTOR)pNTHeader) 
		return FALSE;
    
	while (pImportDesc->Name) 
	{
		PIMAGE_THUNK_DATA pThunk;
		strcpy(buffer,(char*)((DWORD)hmodule+(DWORD)pImportDesc->Name));
		CharLower(buffer);

		if(strcmp(buffer,"gdi32.dll"))
		{
			pImportDesc++;
			continue;
		}
		else 
		{
			pThunk=(PIMAGE_THUNK_DATA)((DWORD)hmodule+(DWORD)pImportDesc->FirstThunk);
			while (pThunk->u1.Function) 
			{
				if ((pThunk->u1.Function) == MyFunc1) 
				{
					if(!IsBadWritePtr((LPVOID)(&pThunk->u1.Function), sizeof(DWORD)))
						(pThunk->u1.Function)=SysFunc1;
					else
					{
						if(VirtualProtect((LPVOID)(&pThunk->u1.Function), sizeof(DWORD),PAGE_EXECUTE_READWRITE, &dwProtect))
						{
							(pThunk->u1.Function)=SysFunc1;
							VirtualProtect((LPVOID)(&pThunk->u1.Function), sizeof(DWORD),dwProtect,&temp);
						}
						else
							MessageBox(NULL,fname,"textoua UNABLE UNABLE UNABLE UNABLE ",MB_OK);
					}
				}
				else if((pThunk->u1.Function) == MyFunc2)
				{
					if(!IsBadWritePtr((LPVOID)(&pThunk->u1.Function), sizeof(DWORD)))
						(pThunk->u1.Function)=SysFunc2;
					else
					{
						if(VirtualProtect((LPVOID)(&pThunk->u1.Function), sizeof(DWORD),PAGE_EXECUTE_READWRITE, &dwProtect))
						{
							(pThunk->u1.Function)=SysFunc2;
							VirtualProtect((LPVOID)(&pThunk->u1.Function), sizeof(DWORD),dwProtect,&temp);
						}

						else
							MessageBox(NULL,fname,"textou2 UNABLE UNABLE UNABLE UNABLE ",MB_OK);
					}
				}
				else if((pThunk->u1.Function) == MyFunc3)
				{
					if(!IsBadWritePtr((LPVOID)(&pThunk->u1.Function), sizeof(DWORD)))
						(pThunk->u1.Function)=SysFunc3;
					else
					{
						if(VirtualProtect((LPVOID)(&pThunk->u1.Function), sizeof(DWORD),PAGE_EXECUTE_READWRITE, &dwProtect))
						{
							(pThunk->u1.Function)=SysFunc3;
							VirtualProtect((LPVOID)(&pThunk->u1.Function), sizeof(DWORD),dwProtect,&temp);
						}

						else
							MessageBox(NULL,fname,"exttextoua UNABLE UNABLE UNABLE UNABLE ",MB_OK);
					}
				}
				else if((pThunk->u1.Function) == MyFunc4)
				{
					if(!IsBadWritePtr((LPVOID)(&pThunk->u1.Function), sizeof(DWORD)))
					{
						(pThunk->u1.Function)=SysFunc4;
						VirtualProtect((LPVOID)(&pThunk->u1.Function), sizeof(DWORD),dwProtect,&temp);
					}
					else
					{
						if(VirtualProtect((LPVOID)(&pThunk->u1.Function), sizeof(DWORD),PAGE_EXECUTE_READWRITE, &dwProtect))
							(pThunk->u1.Function)=SysFunc4;
						else
							MessageBox(NULL,fname,"exttextouw UNABLE UNABLE UNABLE UNABLE ",MB_OK);
					}
				}
				pThunk++;
			}
			return 1;
		}
		pImportDesc++;
	} 
    return bSuccess;	
}

BOOL WINAPI MyTextOutA(HDC hdc, int nXStart, int nYStart, LPCSTR lpszString,int cbString)
{
	if(cbString<128&&cbString>0&&nYStart>=rect.top&&nYStart<=rect.bottom)
		SendText(hdc,lpszString,cbString,0);
	return ((FARPROC)SysFunc1)(hdc,nXStart,nYStart,lpszString,cbString);
}
BOOL WINAPI MyTextOutW(HDC hdc, int nXStart, int nYStart, LPCSTR lpszString,int cbString)
{
	if(cbString<128&&cbString>0&&nYStart>=rect.top&&nYStart<=rect.bottom)
		SendText(hdc,lpszString,cbString,1);
	return ((FARPROC)SysFunc2)(hdc, nXStart, nYStart, lpszString, cbString);
}
BOOL WINAPI MyExtTextOutA(HDC hdc, int nXStart, int nYStart, UINT fuOptions,const RECT FAR *lprc, LPCSTR lpszString,UINT cbString,int FAR *lpDx)
{
	if(cbString<128&&cbString>0&&nYStart>=rect.top&&nYStart<=rect.bottom)
		SendText(hdc,lpszString,cbString,0);
	return ((FARPROC)SysFunc3)(hdc,nXStart,nYStart,fuOptions,lprc,lpszString,cbString,lpDx);
}
BOOL WINAPI MyExtTextOutW(HDC hdc, int nXStart, int nYStart, UINT fuOptions,const RECT FAR *lprc, LPCSTR lpszString,UINT cbString,int FAR *lpDx)
{
	if(cbString<128&&cbString>0&&nYStart>=rect.top&&nYStart<=rect.bottom)
			SendText(hdc,lpszString,cbString,1);
	return ((FARPROC)SysFunc4)(hdc,nXStart,nYStart,fuOptions,lprc,lpszString,cbString,lpDx);
}
void SendText(HDC hdc,LPCSTR lpszString,UINT cbString,int IsW)
{
	HANDLE hmap;
	HWND hdlg,hwnd;
	char *text;
	//find window and send text
	hdlg=FindWindow("#32770","myciba");
	hwnd=WindowFromDC(hdc);
	if(hwnd!=hdlg)
	{
		//get shared memory
		hmap= OpenFileMapping(FILE_MAP_ALL_ACCESS,FALSE,"textbuf");
		if(!hmap)
			return;
		text= (char *)MapViewOfFile( hmap,FILE_MAP_ALL_ACCESS,0,0,128); 
		if(text==NULL)
			return;
		if(IsW)
			WideCharToMultiByte(CP_ACP,0,lpszString,cbString,text,cbString,NULL,NULL);
		else
			strcpy(text,lpszString);
		text[cbString]='\0';
		PostMessage(hdlg,65000,0,0);
	}
	return;
}