RT
解决方案 »
- CListCtrl重新加载数据时候调用哪个消息?
- C++界面线程更新的问题
- PC从串口收到数据,存入数据库并动态的显示到坐标上
- 在ActiveX生成一个Toolbar
- ODBC访问SQLSERVER更新时提示列名无效!
- 一个关于CFile的简单问题。。。。
- 用CRecordset.Open()开数据库,当我在参数中指定了选择列的SQL语句时就报错,但如果用select * from...全选时就不会出错,怎么回事啊?
- 如何在程序启动完毕之后隐藏主框架窗口?
- 怎么知道mp3文件已经播完了?(MCIWndCreate)
- 活动视图 活动视图的文档 主窗口 应用程序 框架程序
- C++调用matlab时 数组转换成矩阵怎么处理
- 单文档中调用对话框,数据更新显示问题
// FirstDetours.cpp : 定义 DLL 应用程序的入口点。
//#include "stdafx.h"#include <windows.h>
#include "detours.h"#pragma comment(lib, "detours.lib")
#pragma comment(lib, "detoured.lib")
// must have at lease one export function
_declspec(dllexport) void exportfunc()
{
}
//实现ring3下对进程的创建访问拦截 ANSI
BOOL (WINAPI * Real_CreateProcessA)( LPCTSTR lpApplicationName,
LPTSTR lpCommandLine,
LPSECURITY_ATTRIBUTES lpProcessAttributes,
LPSECURITY_ATTRIBUTES lpThreadAttributes,
BOOL bInheritHandles,
DWORD dwCreationFlags,
LPVOID lpEnvironment,
LPCTSTR lpCurrentDirectory,
LPSTARTUPINFO lpStartupInfo,
LPPROCESS_INFORMATION lpProcessInformation)
= CreateProcessA;//实现ring3下对进程的创建访问拦截 Unicode
BOOL (WINAPI * Real_CreateProcessW)( LPCWSTR lpApplicationName,
LPWSTR lpCommandLine,
LPSECURITY_ATTRIBUTES lpProcessAttributes,
LPSECURITY_ATTRIBUTES lpThreadAttributes,
BOOL bInheritHandles,
DWORD dwCreationFlags,
LPVOID lpEnvironment,
LPCWSTR lpCurrentDirectory,
LPSTARTUPINFOW lpStartupInfo,
LPPROCESS_INFORMATION lpProcessInformation)
= CreateProcessW;
BOOL WINAPI Mine_CreateProcessA( LPCSTR lpApplicationName,
LPSTR lpCommandLine,
LPSECURITY_ATTRIBUTES lpProcessAttributes,
LPSECURITY_ATTRIBUTES lpThreadAttributes,
BOOL bInheritHandles,
DWORD dwCreationFlags,
LPVOID lpEnvironment,
LPCSTR lpCurrentDirectory,
LPSTARTUPINFOA lpStartupInfo,
LPPROCESS_INFORMATION lpProcessInformation)
{
if(IDYES == MessageBox( GetForegroundWindow(), "有新进程要启动?", "拦截!", MB_YESNO|MB_ICONINFORMATION ))
return Real_CreateProcessA( lpApplicationName,
lpCommandLine,
lpProcessAttributes,
lpThreadAttributes,
bInheritHandles,
dwCreationFlags,
lpEnvironment,
lpCurrentDirectory,
lpStartupInfo,
lpProcessInformation);
else
return FALSE;
}BOOL WINAPI Mine_CreateProcessW( LPCWSTR lpApplicationName,
LPWSTR lpCommandLine,
LPSECURITY_ATTRIBUTES lpProcessAttributes,
LPSECURITY_ATTRIBUTES lpThreadAttributes,
BOOL bInheritHandles,
DWORD dwCreationFlags,
LPVOID lpEnvironment,
LPCWSTR lpCurrentDirectory,
LPSTARTUPINFOW lpStartupInfo,
LPPROCESS_INFORMATION lpProcessInformation)
{
if(IDYES == MessageBoxW( GetForegroundWindow(), L"有新进程要启动?", L"拦截!", MB_YESNO|MB_ICONINFORMATION ))
return Real_CreateProcessW( lpApplicationName,
lpCommandLine,
lpProcessAttributes,
lpThreadAttributes,
bInheritHandles,
dwCreationFlags,
lpEnvironment,
lpCurrentDirectory,
lpStartupInfo,
lpProcessInformation);
else
return FALSE;
}int (WINAPI *Real_MessageBox)(
HWND hWnd, // handle to owner window
LPCTSTR lpText, // text in message box
LPCTSTR lpCaption, // message box title
UINT uType // message box style
)
=MessageBox;int WINAPI My_MessageBox(
HWND hWnd, // handle to owner window
LPCTSTR lpText, // text in message box
LPCTSTR lpCaption, // message box title
UINT uType // message box style
)
{
return MessageBox(NULL, "Test", "Test", 0);
}
//DllMain函数
BOOL WINAPI DllMain(HINSTANCE hInstDll, DWORD fdwReason, LPVOID lpvReserved)
{
if (DLL_PROCESS_ATTACH == fdwReason)
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)Real_CreateProcessA, Mine_CreateProcessA);
DetourAttach(&(PVOID&)Real_CreateProcessW, Mine_CreateProcessW);
DetourAttach(&(PVOID&)Real_MessageBox, My_MessageBox);
DetourTransactionCommit();
}
else if (DLL_PROCESS_DETACH == fdwReason)
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)Real_CreateProcessA, Mine_CreateProcessA);
DetourDetach(&(PVOID&)Real_CreateProcessW, Mine_CreateProcessW);
DetourDetach(&(PVOID&)Real_MessageBox, My_MessageBox);
DetourTransactionCommit();
}
return TRUE;
}