美国的华莱士

detours demo

华莱士

·

#include <Windows.h>
#include <iostream>
#include "detours/include/detours.h"

#ifdef _WIN64
#pragma comment(lib,"detours/lib.X64/detours.lib")
#else
#pragma comment(lib,"detours/lib.X86/detours.lib")
#endif
INT
WINAPI
MsgBox(
    _In_opt_ HWND hWnd,
    _In_opt_ LPCSTR lpText,
    _In_opt_ LPCSTR lpCaption,
    _In_ UINT uType)
{
    return MessageBoxW(NULL, L"被HOOK了", L"", 0);
}
PVOID fpRegisterModule;
bool Hook(bool restore)
{

    if (restore == false)
        DetourRestoreAfterWith();
    DetourTransactionBegin();
    DetourUpdateThread(GetCurrentThread());
    LONG result;
    if (restore)
        result = DetourDetach(reinterpret_cast<void**>(&fpRegisterModule), MsgBox);
    else
        result = DetourAttach(reinterpret_cast<void**>(&fpRegisterModule), MsgBox);
    DetourTransactionCommit();
    return true;
}

int main(int argc, char* argv[])
{
    HMODULE hMod = LoadLibraryA("user32.dll");
    if (hMod == NULL)
    {
        return false;
    }
    fpRegisterModule = GetProcAddress(hMod, "MessageBoxA");
    if (fpRegisterModule == nullptr)
        return false;
    Hook(false);
    MessageBoxA(NULL, "没被HOOK", "没被HOOK", 0);
    Hook(true);
    MessageBoxA(NULL, "没被HOOK", "没被HOOK", 0);
    return 1;
}

 

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注