bool HookUser32()
{
#if defined(DETOURS_VERSION) && DETOURS_VERSION == 20100
DetourTransactionBegin();
DetourAttach(&(PVOID& )Real_GetAsyncKeyState, Mine_GetAsyncKeyState);
DetourAttach(&(PVOID& )Real_GetKeyState, Mine_GetKeyState);
DetourAttach(&(PVOID& )Real_GetKeyboardState, Mine_GetKeyboardState);
DetourTransactionCommit();
#else // #if defined(DETOURS_VERSION) && DETOURS_VERSION == 20100
if (!DetourFunctionWithTrampoline((PBYTE)Real_GetAsyncKeyState, (PBYTE)Mine_GetAsyncKeyState))
return false;
_TRACE("HookUser32(), Real_GetAsyncKeyState = %p, Mine_GetAsyncKeyState = %p\n",
Real_GetAsyncKeyState, &Mine_GetAsyncKeyState);
if (!DetourFunctionWithTrampoline((PBYTE)Real_GetKeyState, (PBYTE)Mine_GetKeyState))
return false;
_TRACE("HookUser32(), Real_GetKeyState = %p, Mine_GetKeyState = %p\n",
Real_GetKeyState, &Mine_GetKeyState);
DetourFunctionWithTrampoline((PBYTE)Real_GetKeyboardState,
(PBYTE)Mine_GetKeyboardState);
#endif // #if defined(DETOURS_VERSION) && DETOURS_VERSION == 20100
return true;
}
// 拦截函数
void Intercept()
{
// 使用DetourFunctionWithTrampoline函数来截获目标函数。这个函数有两个参数:trampoline函数以
// 及截获函数的指针。因为目标函数已经被加到trampoline函数中,所有不需要在参数中特别指定。
DetourFunctionWithTrampoline((PBYTE)Real_RegCreateKeyExA, (PBYTE)Replace_RegCreateKeyExA);
DetourFunctionWithTrampoline((PBYTE)Real_RegCreateKeyExW, (PBYTE)Replace_RegCreateKeyExW);
DetourFunctionWithTrampoline((PBYTE)Real_RegSetValueExA, (PBYTE)Replace_RegSetValueExA);
DetourFunctionWithTrampoline((PBYTE)Real_RegSetValueExW, (PBYTE)Replace_RegSetValueExW);
DetourFunctionWithTrampoline((PBYTE)Real_RegDeleteKeyA, (PBYTE)Replace_RegDeleteKeyA);
DetourFunctionWithTrampoline((PBYTE)Real_RegDeleteKeyW, (PBYTE)Replace_RegDeleteKeyW);
DetourFunctionWithTrampoline((PBYTE)Real_RegDeleteValueA, (PBYTE)Replace_RegDeleteValueA);
DetourFunctionWithTrampoline((PBYTE)Real_RegDeleteValueW, (PBYTE)Replace_RegDeleteValueW);
DetourFunctionWithTrampoline((PBYTE)Real_RegQueryValueExA, (PBYTE)Replace_RegQueryValueExA);
DetourFunctionWithTrampoline((PBYTE)Real_RegQueryValueExW, (PBYTE)Replace_RegQueryValueExW);
}
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD reason,
LPVOID lpReserved
)
{
if( reason == DLL_PROCESS_ATTACH )
{
//MessageBox( NULL, TEXT("DLL_PROCESS_ATTACH"), TEXT("SwAutoplayFix"), MB_OK );
DetourFunctionWithTrampoline((PBYTE)Real_CreateProcessW, (PBYTE)CreateProcessW_Detour);
DetourFunctionWithTrampoline((PBYTE)Real_CreateProcessA, (PBYTE)CreateProcessA_Detour);
}
else if( reason == DLL_PROCESS_DETACH )
{
//MessageBox( NULL, TEXT("DLL_PROCESS_DETACH"), TEXT("SwAutoplayFix"), MB_OK );
DetourRemoveWithTrampoline((PBYTE)Real_CreateProcessW, (PBYTE)CreateProcessW_Detour);
DetourRemoveWithTrampoline((PBYTE)Real_CreateProcessA, (PBYTE)CreateProcessA_Detour);
}
return TRUE;
}
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
if (ul_reason_for_call == DLL_PROCESS_ATTACH)
{
DetourFunctionWithTrampoline((PBYTE)real_lstrcpynA, (PBYTE)vt_lstrcpynA);
}
else if (ul_reason_for_call == DLL_PROCESS_DETACH)
{
OutputDebugString("[*] Unloading VulnTrace\n");
}
return TRUE;
}
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
OutputDebugString("Detour dll Load!");
DetourFunctionWithTrampoline((PBYTE)CopyOpenProcess, (PBYTE)MyOpenProcess);
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
case DLL_PROCESS_DETACH:
OutputDebugString("Detour dll Exit!");
DetourRemove((PBYTE)CopyOpenProcess, (PBYTE)MyOpenProcess);
break;
}
return TRUE;
}
void CFilterMapper2::Init()
{
if(!fInitialized)
{
DetourFunctionWithTrampoline((PBYTE)Real_CoCreateInstance, (PBYTE)Mine_CoCreateInstance);
DetourFunctionWithTrampoline((PBYTE)Real_RegCloseKey, (PBYTE)Mine_RegCloseKey);
DetourFunctionWithTrampoline((PBYTE)Real_RegFlushKey, (PBYTE)Mine_RegFlushKey);
DetourFunctionWithTrampoline((PBYTE)Real_RegCreateKeyA, (PBYTE)Mine_RegCreateKeyA);
DetourFunctionWithTrampoline((PBYTE)Real_RegCreateKeyW, (PBYTE)Mine_RegCreateKeyW);
DetourFunctionWithTrampoline((PBYTE)Real_RegCreateKeyExA, (PBYTE)Mine_RegCreateKeyExA);
DetourFunctionWithTrampoline((PBYTE)Real_RegCreateKeyExW, (PBYTE)Mine_RegCreateKeyExW);
DetourFunctionWithTrampoline((PBYTE)Real_RegDeleteKeyA, (PBYTE)Mine_RegDeleteKeyA);
DetourFunctionWithTrampoline((PBYTE)Real_RegDeleteKeyW, (PBYTE)Mine_RegDeleteKeyW);
DetourFunctionWithTrampoline((PBYTE)Real_RegDeleteValueA, (PBYTE)Mine_RegDeleteValueA);
DetourFunctionWithTrampoline((PBYTE)Real_RegDeleteValueW, (PBYTE)Mine_RegDeleteValueW);
DetourFunctionWithTrampoline((PBYTE)Real_RegEnumKeyExA, (PBYTE)Mine_RegEnumKeyExA);
DetourFunctionWithTrampoline((PBYTE)Real_RegEnumKeyExW, (PBYTE)Mine_RegEnumKeyExW);
DetourFunctionWithTrampoline((PBYTE)Real_RegEnumValueA, (PBYTE)Mine_RegEnumValueA);
DetourFunctionWithTrampoline((PBYTE)Real_RegEnumValueW, (PBYTE)Mine_RegEnumValueW);
DetourFunctionWithTrampoline((PBYTE)Real_RegOpenKeyA, (PBYTE)Mine_RegOpenKeyA);
DetourFunctionWithTrampoline((PBYTE)Real_RegOpenKeyW, (PBYTE)Mine_RegOpenKeyW);
DetourFunctionWithTrampoline((PBYTE)Real_RegOpenKeyExA, (PBYTE)Mine_RegOpenKeyExA);
DetourFunctionWithTrampoline((PBYTE)Real_RegOpenKeyExW, (PBYTE)Mine_RegOpenKeyExW);
DetourFunctionWithTrampoline((PBYTE)Real_RegQueryInfoKeyA, (PBYTE)Mine_RegQueryInfoKeyA);
DetourFunctionWithTrampoline((PBYTE)Real_RegQueryInfoKeyW, (PBYTE)Mine_RegQueryInfoKeyW);
DetourFunctionWithTrampoline((PBYTE)Real_RegQueryValueA, (PBYTE)Mine_RegQueryValueA);
DetourFunctionWithTrampoline((PBYTE)Real_RegQueryValueW, (PBYTE)Mine_RegQueryValueW);
DetourFunctionWithTrampoline((PBYTE)Real_RegQueryValueExA, (PBYTE)Mine_RegQueryValueExA);
DetourFunctionWithTrampoline((PBYTE)Real_RegQueryValueExW, (PBYTE)Mine_RegQueryValueExW);
DetourFunctionWithTrampoline((PBYTE)Real_RegSetValueA, (PBYTE)Mine_RegSetValueA);
DetourFunctionWithTrampoline((PBYTE)Real_RegSetValueW, (PBYTE)Mine_RegSetValueW);
DetourFunctionWithTrampoline((PBYTE)Real_RegSetValueExA, (PBYTE)Mine_RegSetValueExA);
DetourFunctionWithTrampoline((PBYTE)Real_RegSetValueExW, (PBYTE)Mine_RegSetValueExW);
fInitialized = true;
}
}
//初始化函数
BOOL CGamePlaceApp::InitInstance()
{
//TODO: call AfxInitRichEdit2() to initialize richedit2 library.
Glb().m_release=false;//是否发布版
Glb().m_weblogon=false; //是否互联星空登录
Glb().m_autoreg=false; //不用设置,此变量程序自动改变
#ifndef MY_DEBUG
Glb().m_release=true;//是否发布版
// try
#endif
{
//定义变量
#ifndef MY_DEBUG
CBcfFile _f(CBcfFile::GetAppPath()+"bzgame.bcf");
CString _mutexId = _f.GetKeyVal("BZW","mutexid","GamePlaceChangeed10001000");
CMutex Mutex(FALSE, _mutexId, NULL);////互斥
if (Mutex.Lock(0)==FALSE)
return FALSE;
SetUnhandledExceptionFilter(ExceptionFilter);
#endif
#ifdef BZ_ZLIB
///<读取资源文件
///<先获取密码 add by wxx
CBcfFile fMsg(CBcfFile::GetAppPath()+"bzgame.bcf");
CString strPassWord;
strPassWord = fMsg.GetKeyVal("BZW","LoginIP1","www.szbzw.com");
char *password = strPassWord.GetBuffer(strPassWord.GetLength()+1);
///<读取文件
CUnZipRes unZipRes;
char * pPW=new char[strlen(password)+1];
memcpy(pPW,password,strlen(password)+1);
unZipRes.SetPassWord(pPW);
if(!CBcfFile::IsFileExist("image.r"))///add by wxx 0712
{
MessageBox(NULL,"资源文件有损!","提示",MB_OK);
return FALSE;
}
CString strPackage = CBcfFile::GetAppPath() + "image.r";
BzDui::CPaintManagerUI::SetResourcePackage(strPackage.GetBuffer(),password);
unZipRes.ReadFile("image.r",(unsigned char*)pPW);
delete []pPW;
#endif
//初始化
InitCommonControls();
CWinApp::InitInstance();
#ifndef MY_DEV
// 初始BzCrashRpt
BzCrash_Initiation();
BzCrash_DisableSetUnhandledExceptionFilter();
BzCrash_SetProjectName("D平台大厅");
BzCrash_SetEmailSender("*****@*****.**");
BzCrash_SetEmailReceiver("*****@*****.**");
BzCrash_SetSmtpServer("smtp.sina.com");
BzCrash_SetSmtpUser("bzbugrev");
BzCrash_SetSmtpPassword("1122334455");
BzCrash_DeleteSended(false);
#endif
//初始化 SOCKET
if (!AfxSocketInit())
{
AfxMessageBox(IDP_SOCKETS_INIT_FAILED);
return FALSE;
}
AfxEnableControlContainer();
SetRegistryKey(IDS_REG_KEY);
//设置程序路径
TCHAR szModuleName[MAX_PATH];
DWORD dwLength=GetModuleFileName(AfxGetInstanceHandle(),szModuleName,sizeof(szModuleName));
szModuleName[dwLength-lstrlen(m_pszExeName)-lstrlen(TEXT(".EXE"))-1]=0;
SetCurrentDirectory(szModuleName);
CreateDirectory("CustomFace",NULL);
CString str;
int len=strlen(szModuleName);
szModuleName[len]='\\';
szModuleName[len+1]='\0';
AfxGetApp()->WriteProfileString(TEXT("LogonInfo"),TEXT("Path"),szModuleName);
Glb().m_Path=szModuleName;
//初始化全局资源
AfxInitRichEdit();
CGameImageLink::InitResource();
// 加载钩子
DetourFunctionWithTrampoline((PBYTE)SetScrollInfoT, (PBYTE)SetScrollInfoD);
DetourFunctionWithTrampoline((PBYTE)GetScrollInfoT, (PBYTE)GetScrollInfoD);
DetourFunctionWithTrampoline((PBYTE)SetScrollPosT, (PBYTE)SetScrollPosD);
DetourFunctionWithTrampoline((PBYTE)GetScrollPosT, (PBYTE)GetScrollPosD);
DetourFunctionWithTrampoline((PBYTE)SetScrollRangeT, (PBYTE)SetScrollRangeD);
DetourFunctionWithTrampoline((PBYTE)GetScrollRangeT, (PBYTE)GetScrollRangeD);
DetourFunctionWithTrampoline((PBYTE)ShowScrollBarT, (PBYTE)ShowScrollBarD);
DetourFunctionWithTrampoline((PBYTE)EnableScrollBarT, (PBYTE)EnableScrollBarD);
//引入DirectUI支持,初始化DirectUI
BzDui::CPaintManagerUI::SetInstance(m_hInstance);
CString s = CBcfFile::GetAppPath ();/////本地路径
CString strSkin = m_skinmgr.GetSkinBcfFileName();
CBcfFile f(s + strSkin);
TCHAR szUIPath[MAX_PATH];
CString skinfolder = f.GetKeyVal(m_skinmgr.GetKeyVal(strSkin),"skinfolder",m_skinmgr.GetSkinPath());
wsprintf(szUIPath,"%s",skinfolder);
BzDui::CPaintManagerUI::SetResourcePath(szUIPath);
//建立对话框
CGamePlaceDlg dlg;
m_pMainWnd=&dlg;
//BZUIInitial();
dlg.DoModal();
///////////////////////////////////////////////////////////
///Kylin 20090107 添加最近游戏列表
//CString s=CBcfFile::GetAppPath (false);/////本地路径
//CBcfFile f( s + "bzgame.bcf");
//CString temp="";
//try
//{
// for(int i=0;i<Glb().m_baFavorSave.GetCount();i++)
// {
// temp.Format("%s%i;",temp,Glb().m_baFavorSave[i]);
// }
// f.SetKeyValString(Glb().m_key,"Favor",temp);
//}
//catch (...)
//{
// return FALSE;
//}
///////////////////////////////////////////////////////////
//BZUIShutDown();
}
#ifndef MY_DEBUG
//catch (...)
//{
// //重新启动游戏
// STARTUPINFO StartInfo;
// PROCESS_INFORMATION Info;
// ::memset(&Info,0,sizeof(Info));
// ::memset(&StartInfo,0,sizeof(StartInfo));
// StartInfo.cb=sizeof(StartInfo);
// StartInfo.wShowWindow=SW_SHOWMAXIMIZED;
// CreateProcess(NULL,TEXT("BZW.exe"),NULL,NULL,TRUE,CREATE_DEFAULT_ERROR_MODE,NULL,NULL,&StartInfo,&Info);
//}
#endif
return FALSE;
}
BOOL CMusicApp::InitInstance()
{
// InitCommonControlsEx() is required on Windows XP if an application
// manifest specifies use of ComCtl32.dll version 6 or later to enable
// visual styles. Otherwise, any window creation will fail.
INITCOMMONCONTROLSEX InitCtrls;
InitCtrls.dwSize = sizeof(InitCtrls);
// Set this to include all the common control classes you want to use
// in your application.
InitCtrls.dwICC = ICC_WIN95_CLASSES;
InitCommonControlsEx(&InitCtrls);
CWinApp::InitInstance();
AfxEnableControlContainer();
// Create the shell manager, in case the dialog contains
// any shell tree view or shell list view controls.
CShellManager *pShellManager = new CShellManager;
// Standard initialization
// If you are not using these features and wish to reduce the size
// of your final executable, you should remove from the following
// the specific initialization routines you do not need
// Change the registry key under which our settings are stored
// TODO: You should modify this string to be something appropriate
// such as the name of your company or organization
SetRegistryKey(_T("Local AppWizard-Generated Applications"));
GdiplusStartupInput input; //不能放在下面
GdiplusStartup(&m_GdiplusToken, &input, NULL);
DetourFunctionWithTrampoline((PBYTE)SetScrollInfoT, (PBYTE)SetScrollInfoD);
DetourFunctionWithTrampoline((PBYTE)GetScrollInfoT, (PBYTE)GetScrollInfoD);
DetourFunctionWithTrampoline((PBYTE)SetScrollPosT, (PBYTE)SetScrollPosD);
DetourFunctionWithTrampoline((PBYTE)GetScrollPosT, (PBYTE)GetScrollPosD);
DetourFunctionWithTrampoline((PBYTE)SetScrollRangeT, (PBYTE)SetScrollRangeD);
DetourFunctionWithTrampoline((PBYTE)GetScrollRangeT, (PBYTE)GetScrollRangeD);
DetourFunctionWithTrampoline((PBYTE)ShowScrollBarT, (PBYTE)ShowScrollBarD);
DetourFunctionWithTrampoline((PBYTE)EnableScrollBarT, (PBYTE)EnableScrollBarD);
CMusicDlg dlg;
m_pMainWnd = &dlg;
INT_PTR nResponse = dlg.DoModal();
if (nResponse == IDOK)
{
// TODO: Place code here to handle when the dialog is
// dismissed with OK
}
else if (nResponse == IDCANCEL)
{
// TODO: Place code here to handle when the dialog is
// dismissed with Cancel
}
// Delete the shell manager created above.
if (pShellManager != NULL)
{
delete pShellManager;
}
// Since the dialog has been closed, return FALSE so that we exit the
// application, rather than start the application's message pump.
return FALSE;
}
/*-----------------------------------------------------------------------------
mvee_refresh_hook_lists
-----------------------------------------------------------------------------*/
void mvee_refresh_hook_lists()
{
// printf("refresh hook lists begin\n");
mvee_check_init();
// mvee_is_interposer_region(1);
int pending_hooks = 0;
pthread_mutex_lock(&hook_mutex);
hook_info* prev = pending_list;
hook_info* next_info;
for (hook_info* info = pending_list->next_hook_info; info; info = next_info)
{
next_info = info->next_hook_info;
pending_hooks++;
// check if the target library has been loaded yet...
no_recurse = 1;
void* lib_handle = !strcmp(info->target_library, "*") ? RTLD_NEXT : dlopen(info->target_library, RTLD_NOLOAD);
no_recurse = 0;
if (lib_handle)
{
// printf("LAZY HOOKER: found lib: %s\n", info->target_library);
// find the symbol
void* sym = dlsym(lib_handle, info->target_func);
if (!sym && info->use_debug_syms && info->target_library[0] != '*')
syscall(MVEE_RESOLVE_SYMBOL, info->target_func, info->target_library, &sym);
if (sym)
{
int success;
if (info->use_trampoline)
success = (DetourFunctionWithTrampoline(sym, info->hook_func, info->trampoline_func) == 0);
else
success = (DetourFunction(sym, info->hook_func) == 0);
if (success)
{
info->hook_installed = 1;
pending_hooks--;
// printf("LAZY HOOKER: successfully hooked symbol: %s in lib: %s (handle: 0x%08x)\n",
// info->target_func, info->target_library, lib_handle);
// move to installed list
if (info->hook_once)
{
prev->next_hook_info = info->next_hook_info;
info->next_hook_info = installed_list->next_hook_info;
installed_list->next_hook_info = info;
}
}
else
{
printf("LAZY HOOKER: failed to patch func: %s\n", info->target_func);
prev = info;
}
if (info->callback_func)
info->callback_func(info->target_func, sym);
continue;
}
}
prev = info;
}
pthread_mutex_unlock(&hook_mutex);
// mvee_is_interposer_region(0);
// printf("refresh hook lists end\n");
}
