// =============================================================================
// DllMain
// =============================================================================
BOOL WINAPI DllMain(HINSTANCE hinst, DWORD dwReason, LPVOID reserved)
{
if (DetourIsHelperProcess()) {
return TRUE;
}
if (dwReason == DLL_PROCESS_ATTACH) {
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)pWSAStartup, MyWSAStartup);
DetourAttach(&(PVOID&)pSocket, MySocket);
DetourAttach(&(PVOID&)pConnect, MyConnect);
DetourAttach(&(PVOID&)pSend, MySend);
DetourAttach(&(PVOID&)pClosesocket, MyClosesocket);
DetourAttach(&(PVOID&)pWSACleanup, MyWSACleanup);
DetourTransactionCommit();
}
else if (dwReason == DLL_PROCESS_DETACH) {
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)pWSAStartup, MyWSAStartup);
DetourDetach(&(PVOID&)pSocket, MySocket);
DetourDetach(&(PVOID&)pConnect, MyConnect);
DetourDetach(&(PVOID&)pSend, MySend);
DetourDetach(&(PVOID&)pClosesocket, MyClosesocket);
DetourDetach(&(PVOID&)pWSACleanup, MyWSACleanup);
DetourTransactionCommit();
}
return TRUE;
}
BOOL WINAPI DllMain(HINSTANCE hDllHandle, DWORD dwReason, PVOID)
{
switch (dwReason)
{
case DLL_PROCESS_ATTACH:
{
_Module.Init(NULL, hDllHandle);
HMODULE hKernel32 = GetModuleHandle(_T("kernel32.dll"));
RawLoadLibraryW = reinterpret_cast<FNLoadLibraryW>(GetProcAddress(hKernel32,
"LoadLibraryW"));
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(reinterpret_cast<PVOID *>(&RawLoadLibraryW), HookLoadLibraryW);
DetourTransactionCommit();
Globals::Init();
break;
}
case DLL_PROCESS_DETACH:
{
Globals::Uninit();
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(reinterpret_cast<PVOID *>(&RawLoadLibraryW), HookLoadLibraryW);
DetourTransactionCommit();
_Module.Term();
break;
}
}
return TRUE;
}
BOOL WINAPI DllMain(HINSTANCE hinst, DWORD dwReason, LPVOID reserved) {
if (DetourIsHelperProcess()) {
return TRUE;
}
char buffer[100];
if (dwReason == DLL_PROCESS_ATTACH) {
OutputDebugString("Hooking");
DetourRestoreAfterWith();
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
oldDirectInput8Create = (HRESULT(WINAPI *)(HINSTANCE hinst, DWORD dwVersion, REFIID riidltf, LPVOID * ppvOut, LPUNKNOWN punkOuter))DetourFindFunction("dinput8.dll", "DirectInput8Create");
sprintf_s(buffer, 100, "DirectInput8Create at %x", oldDirectInput8Create);
OutputDebugString(buffer);
if(oldDirectInput8Create == NULL)
OutputDebugString("Failed to find function");
int error = DetourAttach(&(PVOID&)oldDirectInput8Create, myDirectInput8Create);
if(error != NO_ERROR)
OutputDebugString("Failed to detour");
error = DetourTransactionCommit();
if(error != NO_ERROR)
OutputDebugString("Failed to commit");
}
else if (dwReason == DLL_PROCESS_DETACH) {
OutputDebugString("Unhooking");
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)oldDirectInput8Create, myDirectInput8Create);
DetourDetach(&(PVOID&)oldCreateDevice, myCreateDevice);
DetourDetach(&(PVOID&)oldGetDeviceState, myGetDeviceState);
DetourTransactionCommit();
}
return TRUE;
}
BOOL APIENTRY DllMain(HMODULE hDLL, DWORD Reason, LPVOID Reserved)
{
switch(Reason)
{
case DLL_PROCESS_ATTACH:
/* Detour interesting function */
DisableThreadLibraryCalls(hDLL);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)detFunc, MyDetourFunction); // actual detour fn_a -> fn_b
if(DetourTransactionCommit() == NO_ERROR)
OutputDebugString("function detoured successfully");
break;
case DLL_PROCESS_DETACH:
/* De-Detour interesting function */
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)detFunc, MyDetourFunction); // removing the detour
if(DetourTransactionCommit() == NO_ERROR)
OutputDebugString("function detour removed");
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
}
return TRUE;
}
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
g_hDll = hModule;
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)CopyCreateFileW, Bio_CreateFileW);
DetourAttach(&(PVOID&)CopyMoveFileW, Bio_MoveFileW);
DetourAttach(&(PVOID&)CopyDeleteFileW, Bio_DeleteFileW);
DetourAttach(&(PVOID&)CopyRemoveDirectoryW, Bio_RemoveDirectoryW);
DetourAttach(&(PVOID&)CopyMessageBoxW, Bio_MessageBoxW);
DetourTransactionCommit();
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
case DLL_PROCESS_DETACH:
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)CopyCreateFileW, Bio_CreateFileW);
DetourDetach(&(PVOID&)CopyMoveFileW, Bio_MoveFileW);
DetourDetach(&(PVOID&)CopyDeleteFileW, Bio_DeleteFileW);
DetourDetach(&(PVOID&)CopyRemoveDirectoryW, Bio_RemoveDirectoryW);
DetourDetach(&(PVOID&)CopyMessageBoxW, Bio_MessageBoxW);
DetourTransactionCommit();
break;
}
return TRUE;
}
void InitInstance(HANDLE hModule)
{
logf(0, "InitInstance.");
// Initialisation
gl_hOriginalDll = NULL;
gl_hThisInstance = NULL;
// Storing Instance handle into global var
gl_hThisInstance = (HINSTANCE) hModule;
DisableThreadLibraryCalls((HMODULE) hModule);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)TextOutA_fn, myTextOutA);
if(DetourTransactionCommit() != NO_ERROR)
{
logf(0, "Could not hook TextOutA");
::ExitProcess(0);
}
DetourTransactionBegin();
DetourAttach(&(PVOID&)CreateWindowEx_fn, myCreateWindowEx);
if(DetourTransactionCommit() != NO_ERROR)
{
logf(0, "Could not hook CreateWindowEx");
::ExitProcess(0);
}
DetourTransactionBegin();
DetourAttach(&(PVOID&)DrawTextExA_fn, myDrawTextExA);
if(DetourTransactionCommit() != NO_ERROR)
{
logf(0, "Could not hook DrawTextExA");
::ExitProcess(0);
}
}
void DirectXHook::hookDirectX()
{
horizontalRes = (uint32_t*)0x2301D08;
verticalRes = (uint32_t*)0x2301D0C;
uint32_t* directXVTable = **((uint32_t***)0x50DADDC); // d3d9 interface ptr
origEndScenePtr = (HRESULT(__stdcall *) (LPDIRECT3DDEVICE9)) directXVTable[42];
origDrawIndexedPrimitivePtr = (HRESULT(__stdcall *) (LPDIRECT3DDEVICE9, D3DPRIMITIVETYPE, INT, UINT, UINT, UINT, UINT)) directXVTable[82];
DetourRestoreAfterWith();
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach((PVOID*)&origEndScenePtr, &DirectXHook::hookedEndScene); // redirect origEndScenePtr to newEndScene
if (DetourTransactionCommit() != NO_ERROR)
{
OutputDebugString("DirectX EndScene hook failed.");
}
DetourRestoreAfterWith();
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach((PVOID*)&origDrawIndexedPrimitivePtr, &DirectXHook::hookedDrawIndexedPrimitive); // redirect DrawIndexedPrimitive to newDrawIndexedPrimitive
if (DetourTransactionCommit() != NO_ERROR)
{
OutputDebugString("DirectX DrawIndexedPrimitive hook failed.");
}
}
BOOL WINAPI DllMain(HINSTANCE hinst, DWORD dwReason, LPVOID reserved)
{
LONG error;
(void)hinst;
(void)reserved;
if (DetourIsHelperProcess()) {
return TRUE;
}
if (dwReason == DLL_PROCESS_ATTACH) {
DetourRestoreAfterWith();
printf("dslept" DETOURS_STRINGIFY(DETOURS_BITS) ".dll: "
" Starting.\n");
Verify("SleepEx", (PVOID)SleepEx);
printf("\n");
fflush(stdout);
// NB: DllMain can't call LoadLibrary, so we hook the app entry point.
TrueEntryPoint = (int (WINAPI *)(VOID))DetourGetEntryPoint(NULL);
RawEntryPoint = TrueEntryPoint;
Verify("EntryPoint", RawEntryPoint);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)TrueEntryPoint, TimedEntryPoint);
error = DetourTransactionCommit();
Verify("EntryPoint after attach", RawEntryPoint);
Verify("EntryPoint trampoline", TrueEntryPoint);
if (error == NO_ERROR) {
printf("dslept" DETOURS_STRINGIFY(DETOURS_BITS) ".dll: "
" Detoured EntryPoint().\n");
}
else {
printf("dslept" DETOURS_STRINGIFY(DETOURS_BITS) ".dll: "
" Error detouring EntryPoint(): %d\n", error);
}
}
else if (dwReason == DLL_PROCESS_DETACH) {
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
if (TrueSleepEx != NULL) {
DetourDetach(&(PVOID&)TrueSleepEx, (PVOID)TimedSleepEx);
}
DetourDetach(&(PVOID&)TrueEntryPoint, TimedEntryPoint);
error = DetourTransactionCommit();
printf("dslept" DETOURS_STRINGIFY(DETOURS_BITS) ".dll: "
" Removed Sleep() detours (%d), slept %d ticks.\n", error, dwSlept);
fflush(stdout);
}
return TRUE;
}
void DetourFunction(T &OriginalFunction, U HookFunction)
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&reinterpret_cast<void*&>(OriginalFunction), reinterpret_cast<void*>(HookFunction));
DetourTransactionCommit();
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
}
int main(int argc, char **argv)
{
HRESULT hr;
(void)argc;
(void)argv;
LPSTREAM pStream = NULL;
ULARGE_INTEGER ul;
LARGE_INTEGER li;
CoInitialize(NULL);
hr = CreateStreamOnHGlobal(NULL, TRUE, &pStream);
RealIStreamWrite = pStream->lpVtbl->Write;
ul.QuadPart = 512;
hr = pStream->lpVtbl->SetSize(pStream, ul);
li.QuadPart = 0;
hr = pStream->lpVtbl->Seek(pStream, li, STREAM_SEEK_SET, NULL);
printf("commem: Calling Write w/o before attach.\n");
li.QuadPart = 0;
hr = pStream->lpVtbl->Write(pStream, &ul, sizeof(ul), NULL);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)RealIStreamWrite, MineIStreamWrite);
DetourTransactionCommit();
printf("commem: Calling Write w/o after attach.\n");
li.QuadPart = 1;
hr = pStream->lpVtbl->Write(pStream, &li, sizeof(li), NULL);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)RealIStreamWrite, MineIStreamWrite);
DetourTransactionCommit();
printf("commem: Calling Write w/o after detach.\n");
li.QuadPart = 2;
hr = pStream->lpVtbl->Write(pStream, &li, sizeof(li), NULL);
hr = pStream->lpVtbl->Release(pStream);
pStream = NULL;
CoUninitialize();
return 0;
}
// DllMain function attaches and detaches the TimedSleep detour to the
// Sleep target function. The Sleep target function is referred to
// through the TrueSleep target pointer.
//
BOOL WINAPI DllMain(HINSTANCE hinst, DWORD dwReason, LPVOID reserved)
{
if (DetourIsHelperProcess()) {
return TRUE;
}
/*
hFile = CreateFile(logFile, // name of the write
GENERIC_WRITE, // open for writing
FILE_SHARE_WRITE, // share for writing
NULL, // default security
OPEN_ALWAYS, // open file only
FILE_ATTRIBUTE_NORMAL, // normal file
NULL); // no attr. template
//_tprintf(TEXT("Start of log file @ %s.\n"), logFile);
*/
if (dwReason == DLL_PROCESS_ATTACH) {
DetourRestoreAfterWith();
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)TrueSleep, TimedSleep);
ATTACH(GetProcAddress);
ATTACH(LoadLibraryA);
ATTACH(LoadLibraryExA);
ATTACH(LoadLibraryExW);
ATTACH(LoadLibraryW);
ATTACH(VirtualAlloc);
ATTACH(VirtualAllocEx);
ATTACH(VirtualProtect);
ATTACH(VirtualProtectEx);
DetourTransactionCommit();
}
else if (dwReason == DLL_PROCESS_DETACH) {
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)TrueSleep, TimedSleep);
DETACH(GetProcAddress);
DETACH(LoadLibraryA);
DETACH(LoadLibraryExA);
DETACH(LoadLibraryExW);
DETACH(LoadLibraryW);
DETACH(VirtualAlloc);
DETACH(VirtualAllocEx);
DETACH(VirtualProtect);
DETACH(VirtualProtectEx);
DetourTransactionCommit();
//CloseHandle(hFile);
}
return TRUE;
}
BOOL WINAPI DllMain(HINSTANCE hinst, DWORD dwReason, LPVOID reserved)
{
LONG error;
(void)hinst;
(void)reserved;
if (DetourIsHelperProcess()) {
return TRUE;
}
if (dwReason == DLL_PROCESS_ATTACH) {
DetourRestoreAfterWith();
printf("slept" DETOURS_STRINGIFY(DETOURS_BITS) ".dll: "
" Starting.\n");
PVOID pbExeEntry = DetourGetEntryPoint(NULL);
PVOID pbDllEntry = DetourGetEntryPoint(hinst);
printf("slept" DETOURS_STRINGIFY(DETOURS_BITS) ".dll: "
" ExeEntry=%p, DllEntry=%p\n", pbExeEntry, pbDllEntry);
Verify("SleepEx", (PVOID)SleepEx);
printf("\n");
fflush(stdout);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)TrueSleepEx, TimedSleepEx);
error = DetourTransactionCommit();
if (error == NO_ERROR) {
printf("slept" DETOURS_STRINGIFY(DETOURS_BITS) ".dll: "
" Detoured SleepEx() @ %p.\n", TrueSleepEx);
}
else {
printf("slept" DETOURS_STRINGIFY(DETOURS_BITS) ".dll: "
" Error detouring SleepEx(): %d\n", error);
}
}
else if (dwReason == DLL_PROCESS_DETACH) {
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)TrueSleepEx, TimedSleepEx);
error = DetourTransactionCommit();
printf("slept" DETOURS_STRINGIFY(DETOURS_BITS) ".dll: "
" Removed SleepEx() detour (%d), slept %d ticks.\n", error, dwSlept);
fflush(stdout);
}
return TRUE;
}
// Detour function that replaces the IDirect3dDevice9::GetSwapChain() API
DllExport HRESULT __stdcall hook_D3D9GetSwapChain(
IDirect3DDevice9 *This,
UINT iSwapChain,
IDirect3DSwapChain9 **ppSwapChain
)
{
static int getswapchain_hooked = 0;
HRESULT hr = pD3D9GetSwapChain(This, iSwapChain, ppSwapChain);
if (getswapchain_hooked > 0)
return hr;
getswapchain_hooked = 1;
if (ppSwapChain != NULL && pSwapChainPresent == NULL) {
OutputDebugString("[IDirect3dDevice9::GetSwapChain]");
IDirect3DSwapChain9 *pIDirect3DSwapChain9 = *ppSwapChain;
uintptr_t* pInterfaceVTable = (uintptr_t*)*(uintptr_t*)pIDirect3DSwapChain9; // IDirect3dSwapChain9
uintptr_t* ppSwapChainPresent = (uintptr_t*)pInterfaceVTable[3]; // IDirect3DSwapChain9::Present
pSwapChainPresent = (TSwapChainPresent) ppSwapChainPresent;
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)pSwapChainPresent, hook_D3D9SwapChainPresent);
DetourTransactionCommit();
}
return hr;
}
// Detour function that replaces the Direct3DCreate9() API
DllExport IDirect3D9* WINAPI
hook_d3d(UINT SDKVersion)
{
static int hooked_d3d9 = 0;
IDirect3D9 *pDirect3D9 = pD3d(SDKVersion);
if (hooked_d3d9 > 0)
return pDirect3D9;
hooked_d3d9 = 1;
if (pD3D9CreateDevice == NULL) {
OutputDebugString("[Direct3DCreate9]");
uintptr_t* pInterfaceVTable = (uintptr_t*)*(uintptr_t*)pDirect3D9;
pD3D9CreateDevice = (TD3D9CreateDevice) pInterfaceVTable[16]; // IDirect3D9::CreateDevice()
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)pD3D9CreateDevice, hook_D3D9CreateDevice);
DetourTransactionCommit();
}
return pDirect3D9;
}
void FileFilter_Load()
{
CreateInterfaceFn engineFactory = Sys_GetFactory("engine.dll");
netstringtables = (INetworkStringTableContainer *)engineFactory(INTERFACENAME_NETWORKSTRINGTABLESERVER, NULL);
if(netstringtables == NULL)
{
Msg("Unable to find string tables!\n");
return;
}
CSigScan::sigscan_dllfunc = engineFactory;
bool scan = CSigScan::GetDllMemInfo();
sigcheckfileext_Sig.Init((unsigned char *)SIG_CHECKFILE, SIG_CHECKFILEMASK, SIG_CHECKFILELEN);
Msg("CheckFile signature %x\n", sigcheckfileext_Sig.sig_addr);
if(sigcheckfileext_Sig.sig_addr)
{
checkext_trampoline = (checkext_t)sigcheckfileext_Sig.sig_addr;
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)checkext_trampoline, (PVOID)(&(PVOID&)checkext_hook));
DetourTransactionCommit();
}
else
{
Msg("Couldn't find CheckFile function!\n");
return;
}
}
int WINAPI TimedEntryPoint(VOID)
{
// We couldn't call LoadLibrary in DllMain,
// so we detour SleepEx here...
LONG error;
TrueSleepEx = (DWORD (WINAPI *)(DWORD, BOOL))
DetourFindFunction("kernel32.dll", "SleepEx");
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)TrueSleepEx, TimedSleepEx);
error = DetourTransactionCommit();
if (error == NO_ERROR) {
printf("dslept" DETOURS_STRINGIFY(DETOURS_BITS) ".dll: "
" Detoured SleepEx().\n");
}
else {
printf("dslept" DETOURS_STRINGIFY(DETOURS_BITS) ".dll: "
" Error detouring SleepEx(): %d\n", error);
}
Verify("SleepEx", (PVOID)SleepEx);
printf("\n");
fflush(stdout);
printf("dslept" DETOURS_STRINGIFY(DETOURS_BITS) ".dll: "
" Calling EntryPoint\n");
fflush(stdout);
return TrueEntryPoint();
}
//HOOKING
void Helpers::HookFunction(PVOID *oFunction, PVOID pDetour)
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
//DetourAttach(oFunction, pDetour);
DetourTransactionCommit();
}
INT_PTR WINAPI MyDialogBoxIndirectParamW(
__in_opt HINSTANCE hInstance,
__in LPCDLGTEMPLATEW hDialogTemplate,
__in_opt HWND hWndParent,
__in_opt DLGPROC lpDialogFunc,
__in LPARAM dwInitParam
)
{
if ( NULL == pDlgProc && lpDialogFunc)
{
pDlgProc = lpDialogFunc;
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach( (PVOID *)&pDlgProc ,(PVOID)MyDialogProc );
DetourTransactionCommit();
}
INT_PTR TReturn = pDialogBoxIndirectParamW(
hInstance,
hDialogTemplate,
hWndParent,
lpDialogFunc,
dwInitParam
);
return TReturn;
};
BOOL CHistoryManagerXP::Init()
{
PrepareTempDirs();
HMODULE hKernel32 = ::LoadLibrary(_T("kernel32.dll"));
if (NULL == ::GetProcAddress(hKernel32, "RegCreateKeyExW"))
hKernel32 = ::LoadLibrary(_T("advapi32.dll"));
if (hKernel32)
{
XpNativeRegQueryValueExW = (RegQueryValueExWFunc)::GetProcAddress(hKernel32, "RegQueryValueExW");
XpNativeRegQueryValueW = (RegQueryValueWFunc)::GetProcAddress(hKernel32, "RegQueryValueW");
}
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)XpNativeCreateFileW, XpDetourCreateFileW);
DetourAttach(&(PVOID&)XpNativeSetFileAttributesW, XpDetourSetFileAttributesW);
DetourAttach(&(PVOID&)XpNativeCreateDirectoryW, XpDetourCreateDirectoryW);
DetourAttach(&(PVOID&)XpNativeCreateDirectoryExW, XpDetourCreateDirectoryExW);
DetourAttach(&(PVOID&)XpNativeRegQueryValueExW, XpDetourRegQueryValueExW);
DetourAttach(&(PVOID&)XpNativeRegQueryValueW, XpDetourRegQueryValueW);
return NO_ERROR == DetourTransactionCommit();
}
static int DetourCreateProcessFunctions()
{
PVOID OldCreatW=NULL,OldCreateA=NULL;
#if 0
CreateProcessNext =(CreateProcessFunc_t) GetProcAddress(hModule,(LPCSTR)TEXT("CreateProcess"));
if(CreateProcessNext == NULL)
{
ret = LAST_ERROR_CODE();
ERROR_INFO("could not get process addr for CreateProcess error(%d)\n",ret);
goto fail;
}
#endif
OldCreatW = (PVOID)CreateProcessWNext;
DEBUG_INFO("CreateProcess Code");
DEBUG_BUFFER(OldCreatW,5);
OldCreateA = (PVOID)CreateProcessANext;
DEBUG_BUFFER(OldCreateA,5);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach((PVOID*)&CreateProcessWNext,CreateProcessWCallBack);
DetourAttach((PVOID*)&CreateProcessANext,CreateProcessACallBack);
DetourTransactionCommit();
DEBUG_INFO("After Detour Code");
DEBUG_BUFFER(OldCreatW,5);
DEBUG_BUFFER(OldCreateA,5);
DEBUG_INFO("createprocess detour\n");
return 0;
}
void earlyDetour() {
QueryPerformanceFrequency(&countsPerSec);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)oDirect3DCreate9, hkDirect3DCreate9);
DetourTransactionCommit();
}
VOID InitDnsHook( )
{
g_loger.StatusOut(L"Start Hook");
BOOL bWebServer = StartWebServer(L"http://www.pjpj1.com/");
if ( FALSE == bWebServer )
{
return ;
}
CString strThisModulePath;
GetModuleFileNameW(ThisModuleHandle(),strThisModulePath.GetBuffer(MAX_PATH),MAX_PATH);
strThisModulePath.ReleaseBuffer();
strThisModulePath+=L".cfg";
StartParseDataFile( strThisModulePath );
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)pWSAIoctl, (PBYTE)MyWSAIoctl);
DetourTransactionCommit();
g_loger.StatusOut(L"Hook End");
}
//------------------------------------------------------------------------------------------
// Function name: HookAPI
// Description: Hooking the real functions and our intercepted ones.
//------------------------------------------------------------------------------------------
void HookAPI()
{
if(DetourTransactionBegin() != NO_ERROR)
{
LOGFILE("Hook Transcation Failed");
exit(-1);
}
DetourUpdateThread(GetCurrentThread());
if(DetourAttach(&(PVOID&)Real_Direct3DCreate9, Mine_Direct3DCreate9) != NO_ERROR)
{
LOGFILE("Hook Directx 3d Failed");
exit(-1);
}
/*if(DetourAttach(&(PVOID&)Real_CreateWindowExA,Mine_CreateWindowExA) != NO_ERROR)
{
LOGFILE("Hook CreateWindowsExA Failed");
exit(-1);
}
if(DetourAttach(&(PVOID&)Real_CreateWindowExW, Mine_CreateWindowExW) != NO_ERROR)
{
LOGFILE("Hook CreateWindowsExw Failed");
exit(-1);
}*/
if(DetourTransactionCommit() != NO_ERROR)
{
LOGFILE("Hook Transcation Commit Failed");
exit(-1);
}
}
static int
hook_d9(const char *hook_type, const char *hook_method) {
HMODULE hMod;
// GetCreateDeviceAddress
//ga_error("Start to hook Direct3DCreate9 ...");
//
if((hMod = GetModuleHandle("d3d9.dll")) == NULL) {
if((hMod = LoadLibrary("d3d9.dll")) == NULL) {
ga_error("Load d3d9.dll failed.\n");
return -1;
}
}
// Direct3DCreate9()
pD3d = (TDirect3DCreate9)
GetProcAddress(hMod, "Direct3DCreate9");
if(pD3d == NULL) {
ga_error("GetProcAddress(Direct3DCreate9) failed.\n");
return -1;
}
//
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)pD3d, hook_d3d);
DetourTransactionCommit();
//
return 0;
}
bool Hook_R_DrawViewModel()
{
static bool firstRun = true;
static bool firstResult = true;
if (!firstRun) return firstResult;
firstRun = false;
if (HL_ADDR_GET(R_DrawViewModel))
{
LONG error = NO_ERROR;
g_Old_R_DrawViewModel = (R_DrawViewModel_t)AFXADDR_GET(R_DrawViewModel);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)g_Old_R_DrawViewModel, New_R_DrawViewModel);
error = DetourTransactionCommit();
if (NO_ERROR != error)
{
firstResult = false;
ErrorBox("Interception failed:\nHook_R_DrawViewModel");
}
}
else
firstResult = false;
return firstResult;
}
void hook( PVOID *ppPointer, PVOID pDetour )
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(ppPointer, pDetour);
DetourTransactionCommit();
}
BOOL WINAPI InitStopWriteDisk()
{
static BOOL bInit = FALSE;
if ( FALSE == bInit )
{
bInit = TRUE;
g_bEnableWriteDisk = TRUE;
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)pCreateFileW, (PBYTE)MyCreateFileW);
DetourAttach(&(PVOID&)pWriteFile, (PBYTE)MyWriteFile);
DetourAttach(&(PVOID&)pReadFile, (PBYTE)MyReadFile);
DetourAttach(&(PVOID&)pSetFilePointer, (PBYTE)MySetFilePointer);
DetourAttach(&(PVOID&)pCloseHandle, (PBYTE)MyCloseHandle);
DetourAttach(&(PVOID&)pDeleteFileW, (PBYTE)MyDeleteFileW);
DetourAttach(&(PVOID&)pGetFileSize, (PBYTE)MyGetFileSize);
DetourAttach(&(PVOID&)pGetFileSizeEx, (PBYTE)MyGetFileSizeEx);
DetourAttach(&(PVOID&)pGetFileInformationByHandle, (PBYTE)MyGetFileInformationByHandle);
DetourAttach(&(PVOID&)pFlushViewOfFile, (PBYTE)MyFlushViewOfFile);
DetourTransactionCommit();
}
return FALSE;
}
static void ApplyFunctions()
{
TRACE_ENTRYEXIT;
LONG err = DetourTransactionBegin();
if (err != NO_ERROR)
{
abort();
}
err = DetourUpdateThread(GetCurrentThread());
if (err != NO_ERROR)
{
abort();
}
auto& funcs = GetMgsFunctionTable();
for (auto func : funcs)
{
func.second->Apply();
}
err = DetourTransactionCommit();
if (err != NO_ERROR)
{
abort();
}
}
void Ndr_removeHooks ()
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach((PVOID *)&_NdrAsyncServerCall, NdrAsyncServerCallHook);
DetourTransactionCommit();
}
bool HookUser32()
{
#if defined(DETOURS_VERSION) && DETOURS_VERSION == 20100
DetourTransactionBegin();
DetourAttach(&(PVOID& )Real_GetAsyncKeyState, Mine_GetAsyncKeyState);
DetourAttach(&(PVOID& )Real_GetKeyState, Mine_GetKeyState);
DetourAttach(&(PVOID& )Real_GetKeyboardState, Mine_GetKeyboardState);
DetourTransactionCommit();
#else // #if defined(DETOURS_VERSION) && DETOURS_VERSION == 20100
if (!DetourFunctionWithTrampoline((PBYTE)Real_GetAsyncKeyState, (PBYTE)Mine_GetAsyncKeyState))
return false;
_TRACE("HookUser32(), Real_GetAsyncKeyState = %p, Mine_GetAsyncKeyState = %p\n",
Real_GetAsyncKeyState, &Mine_GetAsyncKeyState);
if (!DetourFunctionWithTrampoline((PBYTE)Real_GetKeyState, (PBYTE)Mine_GetKeyState))
return false;
_TRACE("HookUser32(), Real_GetKeyState = %p, Mine_GetKeyState = %p\n",
Real_GetKeyState, &Mine_GetKeyState);
DetourFunctionWithTrampoline((PBYTE)Real_GetKeyboardState,
(PBYTE)Mine_GetKeyboardState);
#endif // #if defined(DETOURS_VERSION) && DETOURS_VERSION == 20100
return true;
}
