那位大大有HOOK OpenProcess的delphi源代码啊?给个吧。
解决方案 »
- vb翻译成DELPHI报错
- 重新露脸,顺便 散分 结贴。
- 是不是新一轮的招人大潮来了??
- 关于 五岳鑫 TW8VID 语音卡的问题
- 紧急求救:如何实现在pc上的视频输出,不用S端的直接输出方式,可能需要一个卡,可我不知道是啥卡
- 在delphi编写的com中调用了vc的动态连接库,引起内存混乱,求解决方法
- 请教:Delphi如何正确读写Vista下的注册表?
- 有delphi XE可以用的日历控件吗
- 大家救救我!freelibrary 卸载DLL的问题。
- $120: info := 'Max Value'; 语句中最前面的$120是什么意思,有什么作用?谢谢...
- 在Delphi2010里面整了个单例模式,大家看看好用不?
- 简单问题
ProcName: string; CanFail, Unhook: Boolean): Pointer;
var
FromProcDebugThunk, ImportThunk: PWin9xDebugThunk;
IsThunked, FoundProc: Boolean;
NtHeader: PImageNtHeaders;
ImportDir: TImageDataDirectory;
ImportDesc: PImageImportDescriptor;
CurrName: PChar;
ImportEntry: PImageThunkData;
Base: Pointer;
SaveDLLProc: PSaveDLLProc; function IsWin9xDebugThunk(P: Pointer): Boolean;
begin
with PWin9xDebugThunk(P)^ do
Result := (PUSH = $68) and (JMP = $E9);
end; // Mapped or loaded image related functions
function PeMapImgNtHeaders(const BaseAddress: Pointer): PImageNtHeaders;
begin
Result := nil;
if (not IsValidBlockAddr(DWord(BaseAddress), SizeOf(TImageDosHeader))) then Exit; if (PImageDosHeader(BaseAddress)^.e_magic <> IMAGE_DOS_SIGNATURE) or
(PImageDosHeader(BaseAddress)^._lfanew = 0) then Exit; Result := PImageNtHeaders(DWORD(BaseAddress) + DWORD(PImageDosHeader(BaseAddress)^._lfanew));
if (not IsValidBlockAddr(DWord(Result), SizeOf(TImageNtHeaders))) or
(Result^.Signature <> IMAGE_NT_SIGNATURE) then Result := nil
end; procedure CheckFail;
begin
if (not CanFail) then
raise EHookingError.CreateFmt(EHookingErrorStr, [ProcName]);
end;begin
Result := nil; if (OldProc = nil) then
raise EProcNull.CreateFmt(EProcNullStr, [ProcName]); if (ImportModule > SharedMem) and // Shared Area...
(Win32Platform <> VER_PLATFORM_WIN32_NT) then // Win9X/ME ...
raise ESharedArea.CreateFmt(ESharedAreaStr, [ModuleFileName(ImportModule)]); Base := Pointer(ImportModule);
FromProcDebugThunk := PWin9xDebugThunk(OldProc);
IsThunked := (Win32Platform <> VER_PLATFORM_WIN32_NT) and IsWin9xDebugThunk(FromProcDebugThunk);
NtHeader := PeMapImgNtHeaders(Base);
if (NtHeader = nil) then
begin
CheckFail;
Exit;
end; ImportDir := NtHeader.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT];
if (ImportDir.VirtualAddress = 0) then
begin
CheckFail;
Exit;
end; ImportDesc := PImageImportDescriptor(DWORD(Base) + ImportDir.VirtualAddress);
while (ImportDesc^.Name <> 0) do
begin
CurrName := (PChar(Base) + ImportDesc^.Name);
if (StrIComp(CurrName, PChar(ExportModule)) = 0) then
begin
ImportEntry := PImageThunkData(DWORD(Base) + ImportDesc^.FirstThunk);
while (ImportEntry^.Function_ <> 0) do
begin
if IsThunked then
begin
ImportThunk := PWin9xDebugThunk(ImportEntry^.Function_);
FoundProc := IsWin9xDebugThunk(ImportThunk) and
(ImportThunk^.Addr = FromProcDebugThunk^.Addr);
end
else
FoundProc := Pointer(ImportEntry^.Function_) = OldProc;
if FoundProc then
begin
WriteMem(@ImportEntry^.Function_, NewProc, 4);
if (not Unhook) then
begin
New(SaveDLLProc);
SaveDLLProc^.OldProc := OldProc;
SaveDLLProc^.NewProc := NewProc;
SaveDLLProc^.HookModule := ImportModule;
SaveDLLProc^.ExportModule := ExportModule;
DllList.Add(SaveDLLProc);
end;
Result := OldProc;
end;
Inc(ImportEntry);
end;
end;
Inc(ImportDesc);
end; if (not CanFail) and (Result = nil) then
raise EHookingError.CreateFmt(EHookingErrorStr, [ProcName]);
end;