void WINAPI ServiceProc(DWORD argCnt, LPSTR *args)
// this is the main function of our service, we do all the work here...
{
HANDLE event;
CHAR evName [MAX_PATH];
// the first thing we shall do here is to register a service control handler
statusHandle = RegisterServiceCtrlHandlerA(CServiceName, ServiceHandler);
if (statusHandle) {
UpdateStatus(SERVICE_START_PENDING);
// InitializeMadCHook is needed only if you're using the static madCHook.lib
InitializeMadCHook();
// now we create our ipc queue
if (CreateIpcQueue(CServiceName, DllInjectIpcHandler)) {
// create a shutdown event, which we need later
lstrcpyA(evName, CServiceName);
lstrcatA(evName, "ShutdownEvent");
event = CreateGlobalEvent(evName, true, false);
// okay, initialization is done
UpdateStatus(SERVICE_RUNNING);
// here our service does the real work
// our injection service does nothing but listen to our ipc queue
// the ipc queue has its own thread, so we just wait for the shutdown event
WaitForSingleObject(event, INFINITE);
CloseHandle(event);
}
// FinalizeMadCHook is needed only if you're using the static madCHook.lib
FinalizeMadCHook();
UpdateStatus(SERVICE_STOPPED);
}
}
int WINAPI WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
// InitializeMadCHook is needed only if you're using the static madCHook.lib
InitializeMadCHook();
ShowExplorerCmdLine();
// FinalizeMadCHook is needed only if you're using the static madCHook.lib
FinalizeMadCHook();
return true;
}
///
/// @brief api 후킹 해제
///
void EndHook()
{
UnhookAPI((PVOID*)&ZwResumeThreadNext);
UnhookAPI((PVOID*)&GetOpenFileNameWNext);
UnhookAPI((PVOID*)&GetOpenFileNameANext);
UnhookAPI((PVOID*)&DragQueryFileWNext);
UnhookAPI((PVOID*)&DragQueryFileANext);
UnhookAPI((PVOID*)&sendNext);
UnhookAPI((PVOID*)&WSASendNext);
UnhookAPI((PVOID*)&InternetWriteFileNext);
FinalizeMadCHook();
EjectDLLToControlProcess();
}
