在HOOK netbios这个函数的时候尝试了很多种写法都不能达到修改返回结果的问题
function NewNetbios(P: PNCB): Char; stdcall;
type
TNewNetbios = function (P: PNCB): Char; stdcall;
var
ADAPTER: TADAPTERSTATUS;
ADAPTERold: ^TADAPTERSTATUS; begin Hook[4].UnHook; P^.ncb_buffer:=@ADAPTER;
=
Result := TNewNetbios(Hook[4].BaseAddr)(P);
Hook[4].Hook;
//copymemory(@ADAPTERold,P^.ncb_buffer,sizeOf(TADAPTERSTATUS));
ADAPTERold:=pointer(P^.ncb_buffer);
//copymemory(P^.ncb_buffer,@ADAPTERold,sizeOf(TADAPTERSTATUS));end;其中的结构
PNCB = ^TNCB; TNCBPostProc = procedure(P: PNCB); TNCB = packed record
ncb_command: Char; // command code
ncb_retcode: Char; // return code
ncb_lsn: Char; // local session number
ncb_num: Char; // number of our network name
ncb_buffer: PChar; // address of message buffer
ncb_length: Word; // size of message buffer
ncb_callname: array[0..NCBNAMSZ - 1] of char; // blank-padded name of remote
ncb_name: array[0..NCBNAMSZ - 1] of char; // our blank-padded netname
ncb_rto: Char; // rcv timeout/retry count
ncb_sto: Char; // send timeout/sys timeout
ncb_post: TNCBPostProc; // POST routine address
ncb_lana_num: Char; // lana (adapter) number
ncb_cmd_cplt: Char; // 0xff => commmand pending
ncb_reserve: array[0..9] of Char; // reserved, used by BIOS
ncb_event: THandle; // HANDLE to Win32 event which
// will be set to the signalled
// state when an ASYNCH command
// completes
end;ncb_buffer指向的是一个TADAPTERSTATUS结果,现在要修改返回的结果
尝试过好些种写法,要不就是修改了返回结果还是一样,没修改到MAC, 或者是返回空值,或者就是内存错误
有成功HOOK过的朋友能指教一下吗~!!! 帮帮忙啊!困扰好久啦
function NewNetbios(P: PNCB): Char; stdcall;
type
TNewNetbios = function (P: PNCB): Char; stdcall;
var
ADAPTER: TADAPTERSTATUS;
ADAPTERold: ^TADAPTERSTATUS; begin Hook[4].UnHook; P^.ncb_buffer:=@ADAPTER;
=
Result := TNewNetbios(Hook[4].BaseAddr)(P);
Hook[4].Hook;
//copymemory(@ADAPTERold,P^.ncb_buffer,sizeOf(TADAPTERSTATUS));
ADAPTERold:=pointer(P^.ncb_buffer);
//copymemory(P^.ncb_buffer,@ADAPTERold,sizeOf(TADAPTERSTATUS));end;其中的结构
PNCB = ^TNCB; TNCBPostProc = procedure(P: PNCB); TNCB = packed record
ncb_command: Char; // command code
ncb_retcode: Char; // return code
ncb_lsn: Char; // local session number
ncb_num: Char; // number of our network name
ncb_buffer: PChar; // address of message buffer
ncb_length: Word; // size of message buffer
ncb_callname: array[0..NCBNAMSZ - 1] of char; // blank-padded name of remote
ncb_name: array[0..NCBNAMSZ - 1] of char; // our blank-padded netname
ncb_rto: Char; // rcv timeout/retry count
ncb_sto: Char; // send timeout/sys timeout
ncb_post: TNCBPostProc; // POST routine address
ncb_lana_num: Char; // lana (adapter) number
ncb_cmd_cplt: Char; // 0xff => commmand pending
ncb_reserve: array[0..9] of Char; // reserved, used by BIOS
ncb_event: THandle; // HANDLE to Win32 event which
// will be set to the signalled
// state when an ASYNCH command
// completes
end;ncb_buffer指向的是一个TADAPTERSTATUS结果,现在要修改返回的结果
尝试过好些种写法,要不就是修改了返回结果还是一样,没修改到MAC, 或者是返回空值,或者就是内存错误
有成功HOOK过的朋友能指教一下吗~!!! 帮帮忙啊!困扰好久啦
1 我没那么多分
2 这个问题我自己解决了 主要是指针问题 我开始将PAdapterStatus 写成TAdapterStatus,所以操作起来就有问题,回过头来看都是自己写代码不仔细 ,这个问题只需要定义一个MyAdapter: PAdapterStatus;然后指向P.ncb_buffer 直接操作就行了
结贴可惜没有一个答案