小弟最近学习API HOOK,在http://www.itchina8.com/bbs/viewthread.php?tid=12995发现一篇讲API HOOK的文章,但是,小弟看了半天没有完全弄懂,程序的原理我基本上都弄清了,但是,文章中“第一个程序”、“第二个程序”、“第三个程序”之间的关系我没有弄清楚,我把第一个程序 Unit mess全部写到一个EXE中,程序运行正常,但是,当我把unit mess中的代码写到DLL中然后
exports
API_Hookup,Un_API_Hook;
再到EXE中调用API_Hookup却没有用,不知道应该如何解决
exports
API_Hookup,Un_API_Hook;
再到EXE中调用API_Hookup却没有用,不知道应该如何解决
看了一篇文章,发现和网上那些常见的文章有点区别,按照文中的办法试了试,竟然成功了
unit Unit4;interface
uses
Windows;type
mymsgboxa=function(hWnd: HWND; lpText, lpCaption: PAnsiChar; uType: UINT): Integer; stdcall;
Tjump=packed record
jumpcode:Byte;
addr:mymsgboxa;
MoveEAX:Word;
reservedbyte:Byte;
end;var
old,jmp:Tjump;
processhandle:THandle;
oldmsgboxa:Pointer;
dwsize:DWORD;
hookhd:THandle;procedure load;
implementation
function mybox(hWnd: HWND; lpText, lpCaption: PAnsiChar; uType: UINT): Integer; stdcall;
begin
MessageBoxW(hWnd,'APIHook成功,感谢各位高人相助','Hook OK',uType);
end;
procedure HookApi;
var
DllMoudle:THandle;
begin
processhandle:=GetCurrentProcess;
DllMoudle:=LoadLibrary('user32.dll');
oldmsgboxa:=GetProcAddress(DllMoudle,'MessageBoxA');
jmp.jumpcode:=$B8;
jmp.addr:=@mybox;
jmp.MoveEAX:=$E0FF;
ReadProcessMemory(processhandle,oldmsgboxa,@old,8,dwsize);
WriteProcessMemory(processhandle,oldmsgboxa,@jmp,8,dwsize);
end;
procedure HookEnd;
begin
WriteProcessMemory(processhandle,oldmsgboxa,@old,8,dwsize);
end;
function msghook(ncode,wparam,lparam:Integer):LRESULT;stdcall;
begin
hookapi;
Result:=CallNextHookEx(hookhd,ncode,wparam,lparam);
end;
procedure load;
begin
hookhd:=SetWindowsHookEx(WH_GETMESSAGE,@msghook,HInstance,0);
end;end.