C++ (Cpp) PerformCallBack4の例

プログラミング言語: C++ (Cpp)

メソッド/関数: PerformCallBack4

hotexamples.comのコード掲載数: 4

C++ (Cpp) PerformCallBack4 - 4件のコード例が見つかりました。すべてオープンソースプロジェクトから抽出されたC++ (Cpp)のPerformCallBack4の実例で、最も評価が高いものを厳選しています。コード例の評価を行っていただくことで、より質の高いコード例が表示されるようになります。

コード例 #1

ファイルを表示

ファイル: InterceptEngine.cpp プロジェクト: f059074251/interested

BOOL InstallHook()
{
    static long s_lCount = 0;
    if (InterlockedIncrement(&s_lCount) > 1)
    {
		// no need to install again
		return TRUE;
	}

	BOOL bResult = TRUE;

	if (m_hDestProcess == NULL)
	{
		int iAPISetId = SH_WMGR; 
		DWORD dwOldPermissions = 0;
		SetKMode(TRUE);
		dwOldPermissions = SetProcPermissions(-1);    
		__try
		{
			CINFO ** pSystemAPISets = (CINFO**)(UserKInfo[KINX_APISETS]);
			m_hDestProcess = pSystemAPISets[iAPISetId]->m_pProcessServer->hProc;

			CALLBACKINFO cbi;
			ZeroMemory(&cbi, sizeof(CALLBACKINFO));
			cbi.m_hDestinationProcessHandle = m_hDestProcess;
			cbi.m_pFunction = (FARPROC)MapPtrToProcess(GetProcAddress(GetModuleHandle(L"COREDLL"), L"LoadLibraryW"), m_hDestProcess);
			cbi.m_pFirstArgument = (LPVOID)MapPtrToProcess(L"\\Windows\\FingerSuiteDll.dll", GetCurrentProcess());
			m_hDllInst = (HINSTANCE)PerformCallBack4(&cbi, 0,0,0); //returns the HINSTANCE from LoadLibraryW

			Sleep(1000);

			ZeroMemory(&cbi, sizeof(CALLBACKINFO));
			cbi.m_hDestinationProcessHandle = m_hDestProcess;
			cbi.m_pFunction = (FARPROC)MapPtrToProcess(GetProcAddress(m_hDllInst, L"StartHookOnServer"), m_hDestProcess);
			cbi.m_pFirstArgument = NULL; 
			DWORD dw = PerformCallBack4(&cbi, 0,0,0); //returns 1 if correctly executed		

			Sleep(1000);
		}
		__except(FilterException(GetExceptionInformation()))
		{
			bResult = FALSE;
		}
		if(dwOldPermissions)
		{
			SetProcPermissions(dwOldPermissions);
		}
		SetKMode(FALSE);
	}

コード例 #2

ファイルを表示

ファイル: InjectDLL.cpp プロジェクト: ultrashot/utask

int InjectDLL(HANDLE Proc, wchar_t *LibraryName)
{
    // Trying to get current HookLibraryReady event state
    HANDLE hEvent = CreateEvent(NULL, FALSE, FALSE, UTASK_GLOBAL_HOOKLIB_READY_EVENT);
    if (ReadEvent(hEvent, 0) == 0)
        return 1;

    HMODULE coredll = GetModuleHandle(L"coredll.dll");

    DWORD result = 1;
    if (coredll)
    {
        // Loading our library to gwes.exe memory space
        CALLBACKINFO ci;
        ci.hProc = Proc;
        ci.pfn = (FARPROC)MapPtrToProcess(GetProcAddress(coredll, L"LoadLibraryW"),
                                          Proc);
        ci.pvArg0 = MapPtrToProcess(LibraryName, GetCurrentProcess());
        PerformCallBack4(&ci);

        Sleep(2000);
        // Waiting for HookLibraryReady event pulsation for 3000 ms
        result = ReadEvent(hEvent, 3000);
    }
    CloseHandle(hEvent);
    return result;
};

コード例 #3

ファイルを表示

ファイル: InterceptEngine.cpp プロジェクト: f059074251/interested

void * AllocateMemInKernelProc(int p_iSize)
{
	LPVOID pAllocated = NULL;
	// find process id of nk.exe
	HANDLE snapShot = INVALID_HANDLE_VALUE;
	DWORD dwNKProcessId = 0;
	__try
	{
	    snapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS | TH32CS_SNAPNOHEAPS, 0);
	    if (snapShot != INVALID_HANDLE_VALUE)
		{
			// Build new list
			PROCESSENTRY32 processEntry;
			processEntry.dwSize = sizeof(PROCESSENTRY32);
			BOOL ret = Process32First(snapShot, &processEntry);
			while (ret == TRUE)
			{
				if (lstrcmpi(processEntry.szExeFile, L"nk.exe") == 0)
				{
					dwNKProcessId = processEntry.th32ProcessID;
					break;
				}
				ret = Process32Next(snapShot, &processEntry);
			}
			CloseToolhelp32Snapshot(snapShot);
		}
	} __except (EXCEPTION_EXECUTE_HANDLER)
	{
		if (snapShot != INVALID_HANDLE_VALUE)
		{
			CloseToolhelp32Snapshot(snapShot);
		}
		return NULL;
	}

	HANDLE hNKProcess = OpenProcess(0, FALSE, dwNKProcessId);
	if (hNKProcess == NULL)
		return NULL;

	HINSTANCE hCoreDll = LoadLibrary(_T("COREDLL"));
	CALLBACKINFO cbi;
	cbi.m_hDestinationProcessHandle = hNKProcess;
	cbi.m_pFunction = (FARPROC)MapPtrToProcess(GetProcAddress(hCoreDll, L"VirtualAlloc"), hNKProcess);
	cbi.m_pFirstArgument = (LPVOID)0; 
	DWORD dwParam2 = p_iSize;
    DWORD dwParam3 = MEM_COMMIT;
	DWORD dwParam4 = PAGE_EXECUTE_READWRITE;
	DWORD dwPtr = PerformCallBack4(&cbi, dwParam2, dwParam3, dwParam4); //returns 1 if correctly executed	

	pAllocated = MapPtrToProcess( (LPVOID)dwPtr, hNKProcess);
	CloseHandle(hNKProcess);
	return pAllocated;
}

コード例 #4

ファイルを表示

ファイル: TestApiSetHook.cpp プロジェクト: hjgode/fileIOmon

int _tmain(int argc, _TCHAR* argv[])
{
	BOOL bMode = SetKMode(TRUE);
    DWORD dwPerm = SetProcPermissions(0xFFFFFFFF);

	CINFO **SystemAPISets= (CINFO **)KData.aInfo[KINX_APISETS];
	for(int i=0; i<NUM_SYSTEM_SETS; i++)
	{
		DEBUGMSG(1, (L"SystemAPISets[%d]:\n",i));
		DEBUGMSG(1, (L"API set: %s\n", getApiName(i)));
		if(SystemAPISets[i]==0)
		{
			DEBUGMSG(1, (L"  NULL\n"));
			continue;
		}
		DEBUGMSG(1, (L"  acName:      %S\n",SystemAPISets[i]->acName));	//use %S (capital S) as acName is char*
		DEBUGMSG(1, (L"  cMethods:    %d\n",SystemAPISets[i]->cMethods));
		DEBUGMSG(1, (L"  handle type: %i\n",SystemAPISets[i]->type));
		DEBUGMSG(1, (L"  disp type:   %s\n",getDispType(SystemAPISets[i]->disp)));
		
		DEBUGMSG(1, (L"\n"));
	}

	DWORD Tmp= (FIRST_METHOD-FAULT_ADDR)/APICALL_SCALE;  
	DWORD ApiSet=(Tmp>>HANDLE_SHIFT)&HANDLE_MASK;
    DWORD Method=Tmp&METHOD_MASK;

	// validate
	if(ApiSet>NUM_SYSTEM_SETS)
	{
		DEBUGMSG(1, (L"Invalid ApiSet\n"));
		return 0;
	}
	if(SystemAPISets[ApiSet]==0)
	{
		DEBUGMSG(1, (L"Invalid ApiSet\n"));
		return 0;
	}
	if(SystemAPISets[ApiSet]->cMethods<=Method)
	{
		DEBUGMSG(1, (L"Invalid method number\n"));
		return 0;
	}

	// I support only filesystem and similar hooks that are processed inside filesys.exe
	if(SystemAPISets[ApiSet]->pServer==0)
	{
		DEBUGMSG(1, (L"Calls with pServer==0 are not supported\n"));
		return 0;
	}

	// get server process and inject DLL there
	HANDLE Proc=SystemAPISets[ApiSet]->pServer->hProc;

	void *Ptr=MapPtrToProcess(L"TestApiSetHookDll.dll",GetCurrentProcess());
    CALLBACKINFO ci;
	ci.hProc=Proc;
	void *t=GetProcAddress(GetModuleHandle(L"coredll.dll"),L"LoadLibraryW");
	ci.pfn=(FARPROC)MapPtrToProcess(t,Proc);
	ci.pvArg0=Ptr;
	PerformCallBack4(&ci);
	Sleep(1000);	// allow PerformCallBack4 to finish before exit. Better enum loaded DLLs or use events

	// bug in VS2005b1 causes DllMain not to be called in DLLs
	HMODULE Hm=LoadLibrary(L"TestApiSetHookDll.dll");
	void *Fn=GetProcAddress(Hm,L"PerformHook");
	if(Hm==0 || Fn==0)
	{
		DEBUGMSG(1, (L"Unable to load library\n"));
		return 0;
	}
	ci.hProc=Proc;
	ci.pfn=(FARPROC)MapPtrToProcess(Fn,Proc);
	ci.pvArg0=Proc;			// pass the hooked process ID as parameter to be sure that we are called from the context of hooked process
	PerformCallBack4(&ci);	// so we call function ourselves, fortunately DLLs are loaded at the same address in all processes
	Sleep(3000);	

	DEBUGMSG(1, (L"exit\n"));
	MessageBox(GetForegroundWindow(),L"CreateFileW hooked!",L"Done",0);
	FreeLibrary(Hm);
	return 0;
}