Location:
Search - SockHookF
Search list
Description: 一、前言
前一段时间发表了一篇文章 “Hook API 工具”,没有附带主程序的源代码,这几天翻出来代码加了些注释,现在补上。不过大家还是最好看看牛的书,书上讲解很详细。
二、对代码的简单说明
总共3个工程,1个主程序,1个HookDll, 1个例子Dll。主程序负责启动进程,并将 HookDll 注入。还有一些额外的功能,比如显示 Log, 例子Dll的信息,导出函数等,HookDll 在 DllMain 启动的时候根据配置钩住指定的 API 函数
三、这种方法的缺点
这种方法是在系统 API 函数起始代码 和 自定义代码之间切换。在多线程的环境下,如果正在切换的过程,其它线程调用这个函数,会出现异常,同时,如果已经切换回系统代码,其它线程对这个API 的调用将抓不到。解决方法就是不要切换,这点应该是可以做到的。
四、结束语
在例子Dll 中,模仿了 ws_32.dll 的输出函数,但是不全,而且 Log 信息也不足,感兴趣的朋友如果有比较全的版本别忘了发给我一份 :)
程序大家可以随意修改,保留那个林月如的 Icon 就行了 ^_^
-one, the preamble some time ago published an article entitled "Hook API tool," not incidental to the main program source code, which turned out a few days code plus some notes now fill. But we still look at the best cattle in the book, spoke on the very detailed. Two of the code simple instructions a total of three projects, a program, a HookDll, an example Dll. Main program to start the process and will HookDll injection. There are some additional features, such as Log shows examples Dll information derived function, in DllMain HookDll boot time configuration hooked designated API Function 3, the shortcomings of this method This method is the system API function code and starting from the definition of switching between code. In multithreaded environment, if the switching proces
Platform: |
Size: 146432 |
Author: ddd |
Hits: