📄 hook.h
字号:
#pragma once
#include <windef.h>
#undef DPRINT
#define DPRINT
#pragma pack(1)
typedef struct tagIDT
{
WORD wLimit;
DWORD dwBase;
} IDT, *PIDT;
typedef struct tagINT_VECTOR
{
WORD wLowOffset;
WORD wSelector;
BYTE bAccess;
BYTE wUnused;
WORD wHighOffset;
} INT_VECTOR, *PINT_VECTOR;
#pragma pack()
#define VEC_OFFSET_TO_DWORD( _vec ) \
_vec.wLowOffset | _vec.wHighOffset << 16
#define DWORD_TO_VEC_OFFSET( _vec, _dword ) \
_vec.wLowOffset = (WORD)_dword; \
_vec.wHighOffset = (WORD)( (DWORD)_dword >> 16 );
#define VEC_GET_DPL( _vec ) \
( _vec.bAccess & 0x60 ) >> 4
#define VEC_SET_DPL( _vec, _value ) \
_vec.bAccess &= 0x9F; \
_value << 4; \
_vec.bAccess |= (BYTE)_value;
#define VEC_IS_PRESENT( _vec ) \
_vec.bAccess >> 7
#define VEC_SET_PRESENT( _vec ) \
_vec.bAccess |= 0x80;
#define VEC_GET_TYPE( _vec ) \
_vec.bAccess & 0xF0
#define SELECTOR_GET_RPL( _sel ) \
_sel & 0x3
#define SELECT_SET_RPL( _sel, _rpl ) \
_sel &= 0xFFC; \
_sel |= (WORD)_rpl;
VOID
LoadIDT(
OUT PIDT pIdt );
VOID
LoadINTVector(
IN PIDT pIdt,
IN UCHAR iVector,
OUT PINT_VECTOR pVector );
VOID
SaveINTVector(
IN PIDT pIdt,
IN UCHAR iVector,
IN PINT_VECTOR pVector );
VOID
HookAllInterrupts();
VOID
BackupNtVectors();
VOID
RestoreNtVectors();
VOID
SetExternalHandlers();
extern LARGE_INTEGER StartTime;
extern PVOID InternalHandlers[256];
extern INT_VECTOR OriginalHandlers[256];
extern PVOID ExternalHandlers[256];
extern __int64 InterruptCounts[256];⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -