void InstallHooks(void) { //no fancyshit! sprintf or LogAPI are not allowed in the here (dllmain is a funny spot) msg("***** Installing Hooks *****"); ADDHOOK(HttpOpenRequest); ADDHOOK(InternetConnect); ADDHOOK(InternetReadFile); ADDHOOK(InternetCrackUrl); ADDHOOK(HttpSendRequest); ADDHOOK(HttpOpenRequestA); ADDHOOK(InternetConnectA); ADDHOOK(InternetCrackUrlA); ADDHOOK(HttpSendRequestA); //ADDHOOK(URLDownloadToFileA); //can not link to urlmon if you want to load via appinit_dlls! //ADDHOOK(URLDownloadToCacheFile); }
{ return _wrename( FromUTF8( _OldFilename ), FromUTF8( _NewFilename ) ); } ///////////////////////////////////////////////////////////// // // Hook adding // ///////////////////////////////////////////////////////////// void AddUtf8FileHooks( void ) { #define ADDHOOK(module,name) \ pfn##name = reinterpret_cast < FUNC_##name > ( DetourFunction ( DetourFindFunction ( module, #name ), reinterpret_cast < PBYTE > ( My##name ) ) ); \ assert( pfn##name ); ADDHOOK( "Kernel32.dll", CreateFileA ) ADDHOOK( "Kernel32.dll", LoadLibraryA ) ADDHOOK( "Kernel32.dll", LoadLibraryExA ) ADDHOOK( "Kernel32.dll", SetDllDirectoryA ) ADDHOOK( "Kernel32.dll", SetCurrentDirectoryA ) ADDHOOK( "Gdi32.dll", AddFontResourceExA ) ADDHOOK( "Gdi32.dll", RemoveFontResourceExA ) ADDHOOK( "Kernel32.dll", RemoveDirectoryA ) ADDHOOK( "Kernel32.dll", GetDiskFreeSpaceExA ) ADDHOOK( "Kernel32.dll", GetFileAttributesA ) ADDHOOK( "Kernel32.dll", SetFileAttributesA ) ADDHOOK( "Shell32.dll", ShellExecuteA ) ADDHOOK( "Kernel32.dll", CreateDirectoryA ) ADDHOOK( "Kernel32.dll", CopyFileA ) ADDHOOK( "Kernel32.dll", MoveFileA ) ADDHOOK( "Kernel32.dll", DeleteFileA )
* POSSIBILITY OF SUCH DAMAGE. */ #include "hook.h" #include "hooks/io.h" typedef struct { const char *name; uintptr_t original; uintptr_t hook; } hook_t; static hook_t __hooks[] = { ADDHOOK( strlen ) }; #define NHOOKS ( sizeof(__hooks) / sizeof(__hooks[0] ) ) uintptr_t find_original( const char *name ) { for( size_t i = 0; i < NHOOKS; ++i ) { if( strcmp( __hooks[i].name, name ) == 0 ){ return __hooks[i].original; } } HOOKLOG( "[%d] !!! COULD NOT FIND ORIGINAL POINTER OF FUNCTION '%s' !!!", getpid(), name ); return 0; }
void InstallHooks(void) { ADDHOOK(LoadLibraryA); ADDHOOK(WriteFile); ADDHOOK(CreateFileA); ADDHOOK(WriteFileEx); ADDHOOK(_lcreat); ADDHOOK(_lopen); ADDHOOK(_lread); ADDHOOK(_lwrite); ADDHOOK(CreateProcessA); ADDHOOK(WinExec); ADDHOOK(ExitProcess); ADDHOOK(ExitThread); ADDHOOK(GetProcAddress); ADDHOOK(WaitForSingleObject); ADDHOOK(CreateRemoteThread); ADDHOOK(OpenProcess); ADDHOOK(WriteProcessMemory); ADDHOOK(GetModuleHandleA); ADDHOOK(accept); ADDHOOK(bind); ADDHOOK(closesocket); ADDHOOK(connect); ADDHOOK(gethostbyaddr); ADDHOOK(gethostbyname); ADDHOOK(gethostname); ADDHOOK(listen); ADDHOOK(recv); ADDHOOK(send); ADDHOOK(shutdown); ADDHOOK(socket); ADDHOOK(WSASocketA); ADDHOOK(system); ADDHOOK(fopen); ADDHOOK(fwrite); ADDHOOK(URLDownloadToFileA); ADDHOOK(URLDownloadToCacheFile); }