C++實(shí)現(xiàn)修改函數(shù)代碼HOOK的封裝方法

2020-01-26 15:13:33

字體：大中小

來源：轉(zhuǎn)載

供稿：網(wǎng)友

本文實(shí)例講述了C++實(shí)現(xiàn)修改函數(shù)代碼HOOK的封裝方法，分享給大家供大家參考。具體實(shí)現(xiàn)方法如下：

一、對外的接口如下：

1. 類初始化時(shí)對函數(shù)HOOK
2. 取消掛鉤：
void UnHook();
3. 重新掛鉤：
void ReHook();

在初始化時(shí)HOOK的代碼：

復(fù)制代碼代碼如下:

*(DWORD*)(m_btNewBytes+1) = (DWORD)pfnHook;

8個(gè)字節(jié)的代碼地址 0xB8, 0x00, 0x00,0x40,0x00,0xFF,0xE0,0x00 只要把第二位和第三位的數(shù)據(jù)改成函數(shù)的地址，調(diào)用原先的函數(shù)時(shí)就會調(diào)到自定義的函數(shù)執(zhí)行.

二、實(shí)現(xiàn)方法：

.h頭文件如下：

復(fù)制代碼代碼如下:

#ifndef  _ULHOOK_H__  
#define _ULHOOK_H__  
  
#include <Windows.h>  
#pragma once  
class CULHook  
{  
public:  
    CULHook(LPSTR lpszModName, LPSTR lpszFuncNme, PROC pfnHook);  
    ~CULHook(void);  
  
    //取消掛鉤  
    void UnHook();  
    //重新掛鉤  
    void ReHook();  
protected:  
    PROC m_pfnOrig;  
    BYTE m_btNewBytes[8];  
    BYTE m_btOldBytes[8];  
    HMODULE m_hModule;  
};  
  
#endif

.cpp源文件如下：

復(fù)制代碼代碼如下:

#include "ULHook.h"  
  
CULHook::CULHook(LPSTR lpszModName, LPSTR lpszFuncNme, PROC pfnHook)  
{  
    BYTE btNewBytes[] = {0xB8, 0x00, 0x00,0x40,0x00,0xFF,0xE0,0x00};  
    memcpy(m_btNewBytes, btNewBytes, 8);  
    *(DWORD*)(m_btNewBytes+1) = (DWORD)pfnHook;  
  
    m_hModule = ::LoadLibraryA(lpszModName);  
    if (NULL == m_hModule)  
    {  
        m_pfnOrig = NULL;  
        return;  
    }  
    m_pfnOrig = (PROC)::GetProcAddress(m_hModule, lpszFuncNme);  
    if (NULL != m_pfnOrig)  
    {  
        MEMORY_BASIC_INFORMATION mbi = {0};  
        DWORD dwOldProtect;  
        ::VirtualQuery(m_pfnOrig, &mbi, sizeof(mbi));  
        ::VirtualProtect(m_pfnOrig, 8, PAGE_READWRITE, &dwOldProtect);  
        memcpy(m_btOldBytes, m_pfnOrig, 8);  
        ::WriteProcessMemory(GetCurrentProcess(), (VOID*)m_pfnOrig, m_btNewBytes, 8, NULL);  
        ::VirtualProtect(m_pfnOrig, 8, dwOldProtect, NULL);  
    }  
}  
  
CULHook::~CULHook(void)  
{  
    UnHook();  
    if (m_hModule!=NULL)  
    {  
        ::FreeLibrary(m_hModule);  
    }  
}  
void CULHook::UnHook()  
{  
    if (m_pfnOrig != NULL)  
    {  
        MEMORY_BASIC_INFORMATION mbi = {0};  
        DWORD dwOldProtect;  
        ::VirtualQuery(m_pfnOrig, &mbi, sizeof(mbi));  
        ::VirtualProtect(m_pfnOrig, 8, PAGE_READWRITE, &dwOldProtect);  
        ::WriteProcessMemory(GetCurrentProcess(), (VOID*)m_pfnOrig, m_btOldBytes, 8, NULL);  
        ::VirtualProtect(m_pfnOrig, 8, dwOldProtect, NULL);  
    }  
}  
  
void CULHook::ReHook()  
{  
    if (m_pfnOrig != NULL)  
    {  
        MEMORY_BASIC_INFORMATION mbi = {0};  
        DWORD dwOldProtect;  
        ::VirtualQuery(m_pfnOrig, &mbi, sizeof(mbi));  
        ::VirtualProtect(m_pfnOrig, 8, PAGE_READWRITE, &dwOldProtect);  
        ::WriteProcessMemory(GetCurrentProcess(), (VOID*)m_pfnOrig, m_btNewBytes, 8, NULL);  
        ::VirtualProtect(m_pfnOrig, 8, dwOldProtect, NULL);  
    }  
}