我想做个DLL用来拦截我的一个程序的消息:
#pragma data_seg("hookdll")
HHOOK hHook = NULL;
HINSTANCE hgInstance = NULL;
BYTE btNewBytes[8] = { 0x0B8, 0x0, 0x0, 0x40, 0x0, 0x0FF, 0x0E0, 0 };
DWORD dwOldBytes[3][2]; #pragma data_seg()
BOOL bIsHas = FALSE;
DWORD pSend = 0;
DWORD pRecv = 0;
HANDLE handle = 0;int new_send (SOCKET s,const char FAR * buf, int len,int flags)
{
DWORD dwSize;
CStdioFile f;
f.Open("d.txt",CFile::modeReadWrite);
f.WriteString(buf);
WriteProcessMemory(handle,(void*)pSend,(void*)dwOldBytes[0],sizeof(DWORD)*2,&dwSize);
return pSend(s,buf,len,flags);//这里怎么不行?怎么转换下??
}
LRESULT CALLBACK MessageProc(int nCode, WPARAM wParam, LPARAM lParam)
{
HWND hwnd;
HMODULE hLib;
DWORD hid;
DWORD dwSize;
if(!bIsHas)
{
hwnd = FindWindow("Client","XianJieZhuan / Build - Jun 23 2005 Ver 0.30.10");
hid=SendMessage(hwnd,WM_USER+1,0,0);
bIsHas = TRUE;
handle = OpenProcess(PROCESS_ALL_ACCESS,TRUE,hid);//这里得到的
进程HANDLE是对的吗?
我是根据主窗口来得到的~ }
if(hwnd)
{
AfxMessageBox("找到了");
hLib = LoadLibrary("ws2_32.dll"); pSend = (DWORD) GetProcAddress(hLib,"send");
pRecv = (DWORD) GetProcAddress(hLib,"recv");
ReadProcessMemory(handle,(void*) pSend,(void*) dwOldBytes[0],sizeof(DWORD)*2,&dwSize);
*(DWORD *)( btNewBytes + 1 ) = (DWORD)new_send; //这个为什么从第二个字节改起???
WriteProcessMemory( handle, (void *)pSend, (void *)btNewBytes, sizeof(DWORD)*2, &dwSize ); //ReadProcessMemory(handle, (void *)pRecv, (void *)dwOldBytes[1], sizeof(DWORD)*2, &dwSize );
//*(DWORD *)( btNewBytes + 1 ) = (DWORD)new_recv;
//WriteProcessMemory( handle, (void *)pRecv, (void *)btNewBytes, sizeof(DWORD)*2, &dwSize );
}
}
请问我那里做的不对???希望高手能赐教,好让我学习学习啊,对进程什么的理解都有好出,希望高手不要吝啬
#pragma data_seg("hookdll")
HHOOK hHook = NULL;
HINSTANCE hgInstance = NULL;
BYTE btNewBytes[8] = { 0x0B8, 0x0, 0x0, 0x40, 0x0, 0x0FF, 0x0E0, 0 };
DWORD dwOldBytes[3][2]; #pragma data_seg()
BOOL bIsHas = FALSE;
DWORD pSend = 0;
DWORD pRecv = 0;
HANDLE handle = 0;int new_send (SOCKET s,const char FAR * buf, int len,int flags)
{
DWORD dwSize;
CStdioFile f;
f.Open("d.txt",CFile::modeReadWrite);
f.WriteString(buf);
WriteProcessMemory(handle,(void*)pSend,(void*)dwOldBytes[0],sizeof(DWORD)*2,&dwSize);
return pSend(s,buf,len,flags);//这里怎么不行?怎么转换下??
}
LRESULT CALLBACK MessageProc(int nCode, WPARAM wParam, LPARAM lParam)
{
HWND hwnd;
HMODULE hLib;
DWORD hid;
DWORD dwSize;
if(!bIsHas)
{
hwnd = FindWindow("Client","XianJieZhuan / Build - Jun 23 2005 Ver 0.30.10");
hid=SendMessage(hwnd,WM_USER+1,0,0);
bIsHas = TRUE;
handle = OpenProcess(PROCESS_ALL_ACCESS,TRUE,hid);//这里得到的
进程HANDLE是对的吗?
我是根据主窗口来得到的~ }
if(hwnd)
{
AfxMessageBox("找到了");
hLib = LoadLibrary("ws2_32.dll"); pSend = (DWORD) GetProcAddress(hLib,"send");
pRecv = (DWORD) GetProcAddress(hLib,"recv");
ReadProcessMemory(handle,(void*) pSend,(void*) dwOldBytes[0],sizeof(DWORD)*2,&dwSize);
*(DWORD *)( btNewBytes + 1 ) = (DWORD)new_send; //这个为什么从第二个字节改起???
WriteProcessMemory( handle, (void *)pSend, (void *)btNewBytes, sizeof(DWORD)*2, &dwSize ); //ReadProcessMemory(handle, (void *)pRecv, (void *)dwOldBytes[1], sizeof(DWORD)*2, &dwSize );
//*(DWORD *)( btNewBytes + 1 ) = (DWORD)new_recv;
//WriteProcessMemory( handle, (void *)pRecv, (void *)btNewBytes, sizeof(DWORD)*2, &dwSize );
}
}
请问我那里做的不对???希望高手能赐教,好让我学习学习啊,对进程什么的理解都有好出,希望高手不要吝啬
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货