extern "C" DLL_EXPORT BOOL APIENTRY DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
switch (fdwReason)
{
case DLL_PROCESS_ATTACH:
// attach to process
// return FALSE to fail DLL load
HookIAT("MessageBoxA",(DWORD )trampoline) ;
/// the following api will be hooked and the trampoline() function will be executed instead !!
MessageBoxA(NULL,"L0phtTn","HookMe",0);
break;
case DLL_PROCESS_DETACH:
// detach from process
break;
case DLL_THREAD_ATTACH:
// attach to thread
break;
case DLL_THREAD_DETACH:
// detach from thread
break;
}
return TRUE; // succesful
}
static void OnAttach(void)
{
gLog.OpenRelative(CSIDL_MYDOCUMENTS, "\\My Games\\Skyrim Special Edition\\SKSE\\skse64_steam_loader.log");
gLog.SetPrintLevel(IDebugLog::kLevel_Error);
gLog.SetLogLevel(IDebugLog::kLevel_DebugMessage);
FILETIME now;
GetSystemTimeAsFileTime(&now);
_MESSAGE("skse64 loader %08X (steam) %08X%08X %s", PACKED_SKSE_VERSION, now.dwHighDateTime, now.dwLowDateTime, GetOSInfoStr().c_str());
_MESSAGE("loader base addr = %016I64X", g_dllHandle);
_MESSAGE("exe base addr = %016I64X", GetModuleHandle(NULL));
// hook an imported function early so we can inject our code
HookIAT();
}
extc int _export cdecl ODBG_Plugininit(int ollydbgversion, HWND hw, ulong *features)
{
DWORD Size;
TOKEN_LINKED_TOKEN LinkedToken;
UNREFERENCED_PARAMETER(features);
if (ollydbgversion < PLUGIN_VERSION)
return -1;
OllyWindow = hw;
// Get Process Elevation Type
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &OllyToken))
{
MessageBoxA(hw, "Failed to open OllyDbg process token.", PLUGIN_NAME, MB_OK | MB_ICONHAND);
return -1;
}
if (!GetTokenInformation(OllyToken, TokenElevationType, &OllyElevationType, sizeof(OllyElevationType), &Size))
{
MessageBoxA(hw, "Failed to get elevation type from OllyDbg process token.", PLUGIN_NAME, MB_OK | MB_ICONHAND);
CloseHandle(OllyToken);
return -1;
}
// Get LUA Token
switch (OllyElevationType)
{
case TokenElevationTypeFull:
if (!GetTokenInformation(OllyToken, TokenLinkedToken, &LinkedToken, sizeof(LinkedToken), &Size))
{
MessageBoxA(hw, "Failed to get LUA token from OllyDbg process token.", PLUGIN_NAME, MB_OK | MB_ICONHAND);
CloseHandle(OllyToken);
return -1;
}
OllyLUAToken = LinkedToken.LinkedToken;
break;
case TokenElevationTypeLimited:
OllyLUAToken = OllyToken;
break;
default:
OllyLUAToken = NULL;
break;
}
// Hook CreateProcessA
if (!HookIAT(GetModuleHandleA(NULL), "kernel32.dll", "CreateProcessA", CreateProcessAHook, &HookedCreateProcessA))
{
MessageBoxA(hw, "Failed to hook CreateProcessA.", PLUGIN_NAME, MB_OK | MB_ICONHAND);
if (OllyLUAToken != NULL && OllyLUAToken != OllyToken)
CloseHandle(OllyLUAToken);
CloseHandle(OllyToken);
return -1;
}
Addtolist(0, 0, PLUGIN_NAME " has hooked CreateProcessA");
return 0;
}
