Пример #1
0
void UnhookAll()
{
    if (NumOfHooks)
    {
        for (int i=NumOfHooks-1; i >= 0; i--)
            UnhookAPI(hooks[i].lpRealFunc);
    }
    return;
}
Пример #2
0
void UnhookMod(HMODULE hMod)
{
    PIMAGE_DOS_HEADER dos=(PIMAGE_DOS_HEADER)hMod;
    PIMAGE_FILE_HEADER pfh=(PIMAGE_FILE_HEADER)((ULONG_PTR)hMod+dos->e_lfanew+4);
    PIMAGE_OPTIONAL_HEADER poh=(PIMAGE_OPTIONAL_HEADER)(pfh+1);

    for (int i=NumOfHooks-1; i >= 0; i--)
    {
        if ((u_int)hooks[i].lpHandler-(u_int)hMod < poh->SizeOfImage)
            UnhookAPI(hooks[i].lpRealFunc);
    }
    return;
}
Пример #3
0
//------------------------------------------------------------------------------------------
//	Function name:	DllMain
//	Description:	The dll's main entry point
//	Parameters:		Parameters are used to determine the creation purpose.
//	Returns:		TRUE.
//------------------------------------------------------------------------------------------
BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
	if (ul_reason_for_call == DLL_PROCESS_ATTACH)
	{
		//DisableThreadLibraryCalls(hModule);
		HookHandle = hModule;
		HookAPI();
	}
	else if (ul_reason_for_call == DLL_PROCESS_DETACH)
	{
		UnhookAPI();
	}
	return TRUE;
}
Пример #4
0
void *HookAPI(LPVOID lpFunc,LPVOID lpHandler)
{
    void *lpRet=NULL;
    if (GetHookInfo(lpFunc))
        UnhookAPI(lpFunc);

    if (NumOfHooks < MAX_HOOKS-1)
    {
        void *lpBackup=MemAlloc(JUMP_SIZE*4);
        ULONG_PTR *lpTable=0;
#ifdef _AMD64_
        lpTable=(ULONG_PTR *)MemAlloc(sizeof(ULONG_PTR)*MAX_JUMPS);
        LPVOID lpRelay=malloc_SomewhereAroundHere(lpFunc,sizeof(JMP_REL));
        if (!lpRelay)
        {
            MemFree(lpBackup);
            return lpRet;
        }
#endif
        SIZE_T dwBackupCodeSize=0;
        void *lpBridge=CreateBridge(lpFunc,lpBackup,&dwBackupCodeSize,&lpTable[1]);
        if (lpBridge)
        {
            EnterCriticalSection(&csHookApi);

                hooks[NumOfHooks].lpRealFunc=lpFunc;
                hooks[NumOfHooks].lpBridge=lpBridge;
                hooks[NumOfHooks].lpHandler=lpHandler;
                hooks[NumOfHooks].lpBackup=lpBackup;
                hooks[NumOfHooks].dwCodeSize=dwBackupCodeSize;
#ifdef _AMD64_
                hooks[NumOfHooks].lpRelay=lpRelay;
                hooks[NumOfHooks].lpTable=lpTable;
                WriteAbsoluteJump(lpRelay,lpHandler,lpTable);
                WriteRelativeJump(lpFunc,lpRelay);
#else
                WriteRelativeJump(lpFunc,lpHandler);
#endif
                NumOfHooks++;
                lpRet=lpBridge;

            LeaveCriticalSection(&csHookApi);
        }
    }
    return lpRet;
}
Пример #5
0
///
///	@brief	api 후킹 해제
///
void EndHook()
{
	UnhookAPI((PVOID*)&ZwResumeThreadNext);

	UnhookAPI((PVOID*)&GetOpenFileNameWNext);
	UnhookAPI((PVOID*)&GetOpenFileNameANext);

	UnhookAPI((PVOID*)&DragQueryFileWNext);
	UnhookAPI((PVOID*)&DragQueryFileANext);

	UnhookAPI((PVOID*)&sendNext);
	UnhookAPI((PVOID*)&WSASendNext);

	UnhookAPI((PVOID*)&InternetWriteFileNext);

	FinalizeMadCHook();
	
	EjectDLLToControlProcess();
}