BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch ( ul_reason_for_call )
{
case DLL_PROCESS_ATTACH:
{
g_hInst = (HINSTANCE)hModule;
RegSetValueExWHook.Hook("advapi32.dll", "RegSetValueExW", (PROC)MyRegSetValueExA);
RegDeleteValueWHook.Hook("advapi32.dll", "RegDeleteValueW", (PROC)MyRegDeleteValueW);
CreateProcessWHook.Hook("kernel32.dll", "CreateProcessW", (PROC)MyCreateProcessW);
break;
}
case DLL_PROCESS_DETACH:
{
RegSetValueExWHook.UnHook();
RegDeleteValueWHook.UnHook();
CreateProcessWHook.UnHook();
if ( g_hHook != NULL )
{
SetHookOff();
}
break;
}
}
return TRUE;
}
int main(){
//不进行HOOK的MessageBox
MessageBox(NULL, "test", "test", MB_OK);
//HOOK后
MsgHook.Hook("User32.dll", "MessageBoxA", (PROC)MyMessageBoxA);
MessageBox(NULL, "test", "test", MB_OK);
MsgHook.UnHook();
return 0;
}