void WINAPI ServiceProc(DWORD argCnt, LPSTR *args) // this is the main function of our service, we do all the work here... { HANDLE event; CHAR evName [MAX_PATH]; // the first thing we shall do here is to register a service control handler statusHandle = RegisterServiceCtrlHandlerA(CServiceName, ServiceHandler); if (statusHandle) { UpdateStatus(SERVICE_START_PENDING); // InitializeMadCHook is needed only if you're using the static madCHook.lib InitializeMadCHook(); // now we create our ipc queue if (CreateIpcQueue(CServiceName, DllInjectIpcHandler)) { // create a shutdown event, which we need later lstrcpyA(evName, CServiceName); lstrcatA(evName, "ShutdownEvent"); event = CreateGlobalEvent(evName, true, false); // okay, initialization is done UpdateStatus(SERVICE_RUNNING); // here our service does the real work // our injection service does nothing but listen to our ipc queue // the ipc queue has its own thread, so we just wait for the shutdown event WaitForSingleObject(event, INFINITE); CloseHandle(event); } // FinalizeMadCHook is needed only if you're using the static madCHook.lib FinalizeMadCHook(); UpdateStatus(SERVICE_STOPPED); } }
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow) { // InitializeMadCHook is needed only if you're using the static madCHook.lib InitializeMadCHook(); ShowExplorerCmdLine(); // FinalizeMadCHook is needed only if you're using the static madCHook.lib FinalizeMadCHook(); return true; }
/// /// @brief /// void StartHook() { pRule = new CWeb_Rule; InitializeMadCHook(); /// TODO : CoCreateInstance Hook HookAPI("ntdll.dll", "ZwResumeThread", (PVOID)ZwResumeThreadCallback, (PVOID*)&ZwResumeThreadNext); HookAPI("Comdlg32.dll", "GetOpenFileNameW", (PVOID)GetOpenFileNameWCallback, (PVOID*)&GetOpenFileNameWNext); HookAPI("Comdlg32.dll", "GetOpenFileNameA", (PVOID)GetOpenFileNameACallback, (PVOID*)&GetOpenFileNameANext); HookAPI("Shell32.dll", "DragQueryFileW", (PVOID)DragQueryFileWCallback, (PVOID*)&DragQueryFileWNext); HookAPI("Shell32.dll", "DragQueryFileA", (PVOID)DragQueryFileACallback, (PVOID*)&DragQueryFileANext); HookAPI("Ws2_32.dll", "send", (PVOID)sendCallback, (PVOID*)&sendNext); HookAPI("Ws2_32.dll", "WSASend", (PVOID)WSASendCallback, (PVOID*)&WSASendNext); HookAPI("Wininet.dll", "InternetWriteFile", (PVOID)InternetWriteFileCallback, (PVOID*)&InternetWriteFileNext); HookAPI("Ole32.dll", "CoCreateInstance", CoCreateInstanceCallback, (PVOID*) &CoCreateInstanceNext); }