detours.h
上传用户:tianheyiqi
上传日期:2010-04-16
资源大小:282k
文件大小:21k
源码类别:

外挂编程

开发平台:

Visual C++

  1. //////////////////////////////////////////////////////////////////////////////
  2. //
  3. //  File:       detours.h
  4. //  Module:     detours.lib
  5. //
  6. //  Detours for binary functions.  Version 1.5 (Build 46)
  7. //
  8. //  Copyright 1995-2001, Microsoft Corporation
  9. //
  10. #pragma once
  11. #ifndef _DETOURS_H_
  12. #define _DETOURS_H_
  13. #pragma comment(lib, "detours")
  14. //////////////////////////////////////////////////////////////////////////////
  15. //
  16. #ifndef GUID_DEFINED
  17. #define GUID_DEFINED
  18. typedef struct  _GUID
  19. {
  20.     DWORD Data1;
  21.     WORD Data2;
  22.     WORD Data3;
  23.     BYTE Data4[ 8 ];
  24. } GUID;
  25. #endif // !GUID_DEFINED
  26. #if defined(__cplusplus)
  27. #ifndef _REFGUID_DEFINED
  28. #define _REFGUID_DEFINED
  29. #define REFGUID             const GUID &
  30. #endif // !_REFGUID_DEFINED
  31. #else // !__cplusplus
  32. #ifndef _REFGUID_DEFINED
  33. #define _REFGUID_DEFINED
  34. #define REFGUID             const GUID * const
  35. #endif // !_REFGUID_DEFINED
  36. #endif // !__cplusplus
  37. //
  38. //////////////////////////////////////////////////////////////////////////////
  39. #ifdef __cplusplus
  40. extern "C" {
  41. #endif // __cplusplus
  42. /////////////////////////////////////////////////// Instruction Target Macros.
  43. //
  44. #define DETOUR_INSTRUCTION_TARGET_NONE          ((PBYTE)0)
  45. #define DETOUR_INSTRUCTION_TARGET_DYNAMIC       ((PBYTE)~0ul)
  46. /////////////////////////////////////////////////////////// Trampoline Macros.
  47. //
  48. // DETOUR_TRAMPOLINE(trampoline_prototype, target_name)
  49. //
  50. // The naked trampoline must be at least DETOUR_TRAMPOLINE_SIZE bytes.
  51. //
  52. #define DETOUR_TRAMPOLINE_SIZE          32
  53. #define DETOUR_SECTION_HEADER_SIGNATURE 0x00727444   // "Dtr"
  54. #define DETOUR_TRAMPOLINE(trampoline,target) 
  55. static PVOID __fastcall _Detours_GetVA_##target(VOID) 
  56.     return ⌖ 
  57. __declspec(naked) trampoline 
  58.     __asm { nop };
  59.     __asm { nop };
  60.     __asm { call _Detours_GetVA_##target };
  61.     __asm { jmp eax };
  62.     __asm { ret };
  63.     __asm { nop };
  64.     __asm { nop };
  65.     __asm { nop };
  66.     __asm { nop };
  67.     __asm { nop };
  68.     __asm { nop };
  69.     __asm { nop };
  70.     __asm { nop };
  71.     __asm { nop };
  72.     __asm { nop };
  73.     __asm { nop };
  74.     __asm { nop };
  75.     __asm { nop };
  76.     __asm { nop };
  77.     __asm { nop };
  78.     __asm { nop };
  79.     __asm { nop };
  80.     __asm { nop };
  81.     __asm { nop };
  82.     __asm { nop };
  83.     __asm { nop };
  84.     __asm { nop };
  85. }
  86. #define DETOUR_TRAMPOLINE_EMPTY(trampoline) 
  87. __declspec(naked) trampoline 
  88.     __asm { nop };
  89.     __asm { nop };
  90.     __asm { xor eax, eax };
  91.     __asm { mov eax, [eax] };
  92.     __asm { ret };
  93.     __asm { nop };
  94.     __asm { nop };
  95.     __asm { nop };
  96.     __asm { nop };
  97.     __asm { nop };
  98.     __asm { nop };
  99.     __asm { nop };
  100.     __asm { nop };
  101.     __asm { nop };
  102.     __asm { nop };
  103.     __asm { nop };
  104.     __asm { nop };
  105.     __asm { nop };
  106.     __asm { nop };
  107.     __asm { nop };
  108.     __asm { nop };
  109.     __asm { nop };
  110.     __asm { nop };
  111.     __asm { nop };
  112.     __asm { nop };
  113.     __asm { nop };
  114.     __asm { nop };
  115.     __asm { nop };
  116.     __asm { nop };
  117.     __asm { nop };
  118. }
  119. /////////////////////////////////////////////////////////// Binary Structures.
  120. //
  121. #pragma pack(push, 8)
  122. typedef struct _DETOUR_SECTION_HEADER
  123. {
  124.     DWORD       cbHeaderSize;
  125.     DWORD       nSignature;
  126.     DWORD       nDataOffset;
  127.     DWORD       cbDataSize;
  128.     
  129.     DWORD       nOriginalImportVirtualAddress;
  130.     DWORD       nOriginalImportSize;
  131.     DWORD       nOriginalBoundImportVirtualAddress;
  132.     DWORD       nOriginalBoundImportSize;
  133.     
  134.     DWORD       nOriginalIatVirtualAddress;
  135.     DWORD       nOriginalIatSize;
  136.     DWORD       nOriginalSizeOfImage;
  137.     DWORD       nReserve;
  138. } DETOUR_SECTION_HEADER, *PDETOUR_SECTION_HEADER;
  139. typedef struct _DETOUR_SECTION_RECORD
  140. {
  141.     DWORD       cbBytes;
  142.     DWORD       nReserved;
  143.     GUID        guid;
  144. } DETOUR_SECTION_RECORD, *PDETOUR_SECTION_RECORD;
  145. #pragma pack(pop)
  146. #define DETOUR_SECTION_HEADER_DECLARE(cbSectionSize) 
  147.       sizeof(DETOUR_SECTION_HEADER),
  148.       DETOUR_SECTION_HEADER_SIGNATURE,
  149.       sizeof(DETOUR_SECTION_HEADER),
  150.       (cbSectionSize),
  151.       
  152.       0,
  153.       0,
  154.       0,
  155.       0,
  156.       
  157.       0,
  158.       0,
  159.       0,
  160.       0,
  161. }
  162. ///////////////////////////////////////////////////////////// Binary Typedefs.
  163. //
  164. typedef BOOL (CALLBACK *PF_DETOUR_BINARY_BYWAY_CALLBACK)(PVOID pContext,
  165.                                                          PCHAR pszFile,
  166.                                                          PCHAR *ppszOutFile);
  167. typedef BOOL (CALLBACK *PF_DETOUR_BINARY_FILE_CALLBACK)(PVOID pContext,
  168.                                                         PCHAR pszOrigFile,
  169.                                                         PCHAR pszFile,
  170.                                                         PCHAR *ppszOutFile);
  171. typedef BOOL (CALLBACK *PF_DETOUR_BINARY_SYMBOL_CALLBACK)(PVOID pContext,
  172.                                                           DWORD nOrdinal,
  173.                                                           PCHAR pszOrigSymbol,
  174.                                                           PCHAR pszSymbol,
  175.                                                           PCHAR *ppszOutSymbol);
  176. typedef BOOL (CALLBACK *PF_DETOUR_BINARY_FINAL_CALLBACK)(PVOID pContext);
  177. typedef BOOL (CALLBACK *PF_DETOUR_BINARY_EXPORT_CALLBACK)(PVOID pContext,
  178.                                                           DWORD nOrdinal,
  179.                                                           PCHAR pszName,
  180.                                                           PBYTE pbCode);
  181. typedef VOID * PDETOUR_BINARY;
  182. typedef VOID * PDETOUR_LOADED_BINARY;
  183. //////////////////////////////////////////////////////// Trampoline Functions.
  184. //
  185. PBYTE WINAPI DetourFunction(PBYTE pbTargetFunction,
  186.                             PBYTE pbDetourFunction);
  187. BOOL WINAPI DetourFunctionWithEmptyTrampoline(PBYTE pbTrampoline,
  188.                                               PBYTE pbTarget,
  189.                                               PBYTE pbDetour);
  190. BOOL WINAPI DetourFunctionWithEmptyTrampolineEx(PBYTE pbTrampoline,
  191.                                                 PBYTE pbTarget,
  192.                                                 PBYTE pbDetour,
  193.                                                 PBYTE *ppbRealTrampoline,
  194.                                                 PBYTE *ppbRealTarget,
  195.                                                 PBYTE *ppbRealDetour);
  196. BOOL  WINAPI DetourFunctionWithTrampoline(PBYTE pbTrampoline,
  197.                                           PBYTE pbDetour);
  198. BOOL  WINAPI DetourFunctionWithTrampolineEx(PBYTE pbTrampoline,
  199.                                             PBYTE pbDetour,
  200.                                             PBYTE *ppbRealTrampoline,
  201.                                             PBYTE *ppbRealTarget);
  202. BOOL  WINAPI DetourRemove(PBYTE pbTrampoline, PBYTE pbDetour);
  203. ////////////////////////////////////////////////////////////// Code Functions.
  204. //
  205. PBYTE WINAPI DetourFindFunction(PCHAR pszModule, PCHAR pszFunction);
  206. PBYTE WINAPI DetourGetFinalCode(PBYTE pbCode, BOOL fSkipJmp);
  207. PBYTE WINAPI DetourCopyInstruction(PBYTE pbDst, PBYTE pbSrc, PBYTE *ppbTarget);
  208. PBYTE WINAPI DetourCopyInstructionEx(PBYTE pbDst,
  209.                                      PBYTE pbSrc,
  210.                                      PBYTE *ppbTarget,
  211.                                      LONG *plExtra);
  212. ///////////////////////////////////////////////////// Loaded Binary Functions.
  213. //
  214. HMODULE WINAPI DetourEnumerateModules(HMODULE hModuleLast);
  215. PBYTE WINAPI DetourGetEntryPoint(HMODULE hModule);
  216. BOOL WINAPI DetourEnumerateExports(HMODULE hModule,
  217.                                    PVOID pContext,
  218.                                    PF_DETOUR_BINARY_EXPORT_CALLBACK pfExport);
  219. PBYTE WINAPI DetourFindPayload(HMODULE hModule, REFGUID rguid, DWORD *pcbData);
  220. DWORD WINAPI DetourGetSizeOfPayloads(HMODULE hModule);
  221. ///////////////////////////////////////////////// Persistent Binary Functions.
  222. //
  223. BOOL WINAPI DetourBinaryBindA(PCHAR pszFile, PCHAR pszDll, PCHAR pszPath);
  224. BOOL WINAPI DetourBinaryBindW(PWCHAR pwzFile, PWCHAR pwzDll, PWCHAR pwzPath);
  225. #ifdef UNICODE
  226. #define DetourBinaryBind  DetourBinaryBindW
  227. #else
  228. #define DetourBinaryBind  DetourBinaryBindA
  229. #endif // !UNICODE
  230. PDETOUR_BINARY WINAPI DetourBinaryOpen(HANDLE hFile);
  231. PBYTE WINAPI DetourBinaryEnumeratePayloads(PDETOUR_BINARY pBinary,
  232.                                            GUID *pGuid,
  233.                                            DWORD *pcbData,
  234.                                            DWORD *pnIterator);
  235. PBYTE WINAPI DetourBinaryFindPayload(PDETOUR_BINARY pBinary,
  236.                                      REFGUID rguid,
  237.                                      DWORD *pcbData);
  238. PBYTE WINAPI DetourBinarySetPayload(PDETOUR_BINARY pBinary,
  239.                                     REFGUID rguid,
  240.                                     PBYTE pbData,
  241.                                     DWORD cbData);
  242. BOOL WINAPI DetourBinaryDeletePayload(PDETOUR_BINARY pBinary, REFGUID rguid);
  243. BOOL WINAPI DetourBinaryPurgePayloads(PDETOUR_BINARY pBinary);
  244. BOOL WINAPI DetourBinaryResetImports(PDETOUR_BINARY pBinary);
  245. BOOL WINAPI DetourBinaryEditImports(PDETOUR_BINARY pBinary,
  246.                                     PVOID pContext,
  247.                                     PF_DETOUR_BINARY_BYWAY_CALLBACK pfByway,
  248.                                     PF_DETOUR_BINARY_FILE_CALLBACK pfFile,
  249.                                     PF_DETOUR_BINARY_SYMBOL_CALLBACK pfSymbol,
  250.                                     PF_DETOUR_BINARY_FINAL_CALLBACK pfFinal);
  251. BOOL WINAPI DetourBinaryWrite(PDETOUR_BINARY pBinary, HANDLE hFile);
  252. BOOL WINAPI DetourBinaryClose(PDETOUR_BINARY pBinary);
  253. /////////////////////////////////////////////// First Chance Exception Filter.
  254. //
  255. LPTOP_LEVEL_EXCEPTION_FILTER WINAPI
  256. DetourFirstChanceExceptionFilter(LPTOP_LEVEL_EXCEPTION_FILTER lpTopLevelFilter);
  257. ///////////////////////////////////////////////// Create Process & Inject Dll.
  258. //
  259. typedef BOOL (WINAPI *PDETOUR_CREATE_PROCESS_ROUTINEA)
  260.     (LPCSTR lpApplicationName,
  261.      LPSTR lpCommandLine,
  262.      LPSECURITY_ATTRIBUTES lpProcessAttributes,
  263.      LPSECURITY_ATTRIBUTES lpThreadAttributes,
  264.      BOOL bInheritHandles,
  265.      DWORD dwCreationFlags,
  266.      LPVOID lpEnvironment,
  267.      LPCSTR lpCurrentDirectory,
  268.      LPSTARTUPINFOA lpStartupInfo,
  269.      LPPROCESS_INFORMATION lpProcessInformation);
  270. typedef BOOL (WINAPI *PDETOUR_CREATE_PROCESS_ROUTINEW)
  271.     (LPCWSTR lpApplicationName,
  272.      LPWSTR lpCommandLine,
  273.      LPSECURITY_ATTRIBUTES lpProcessAttributes,
  274.      LPSECURITY_ATTRIBUTES lpThreadAttributes,
  275.      BOOL bInheritHandles,
  276.      DWORD dwCreationFlags,
  277.      LPVOID lpEnvironment,
  278.      LPCWSTR lpCurrentDirectory,
  279.      LPSTARTUPINFOW lpStartupInfo,
  280.      LPPROCESS_INFORMATION lpProcessInformation);
  281.                                   
  282. BOOL WINAPI DetourCreateProcessWithDllA(LPCSTR lpApplicationName,
  283.                                         LPSTR lpCommandLine,
  284.                                         LPSECURITY_ATTRIBUTES lpProcessAttributes,
  285.                                         LPSECURITY_ATTRIBUTES lpThreadAttributes,
  286.                                         BOOL bInheritHandles,
  287.                                         DWORD dwCreationFlags,
  288.                                         LPVOID lpEnvironment,
  289.                                         LPCSTR lpCurrentDirectory,
  290.                                         LPSTARTUPINFOA lpStartupInfo,
  291.                                         LPPROCESS_INFORMATION lpProcessInformation,
  292.                                         LPCSTR lpDllName,
  293.                                         PDETOUR_CREATE_PROCESS_ROUTINEA
  294.                                         pfCreateProcessA);
  295. BOOL WINAPI DetourCreateProcessWithDllW(LPCWSTR lpApplicationName,
  296.                                         LPWSTR lpCommandLine,
  297.                                         LPSECURITY_ATTRIBUTES lpProcessAttributes,
  298.                                         LPSECURITY_ATTRIBUTES lpThreadAttributes,
  299.                                         BOOL bInheritHandles,
  300.                                         DWORD dwCreationFlags,
  301.                                         LPVOID lpEnvironment,
  302.                                         LPCWSTR lpCurrentDirectory,
  303.                                         LPSTARTUPINFOW lpStartupInfo,
  304.                                         LPPROCESS_INFORMATION lpProcessInformation,
  305.                                         LPCWSTR lpDllName,
  306.                                         PDETOUR_CREATE_PROCESS_ROUTINEW
  307.                                         pfCreateProcessW);
  308.                   
  309. #ifdef UNICODE
  310. #define DetourCreateProcessWithDll  DetourCreateProcessWithDllW
  311. #define PDETOUR_CREATE_PROCESS_ROUTINE     PDETOUR_CREATE_PROCESS_ROUTINEW
  312. #else
  313. #define DetourCreateProcessWithDll  DetourCreateProcessWithDllA
  314. #define PDETOUR_CREATE_PROCESS_ROUTINE     PDETOUR_CREATE_PROCESS_ROUTINEA
  315. #endif // !UNICODE
  316. BOOL WINAPI DetourContinueProcessWithDllA(HANDLE hProcess, LPCSTR lpDllName);
  317. BOOL WINAPI DetourContinueProcessWithDllW(HANDLE hProcess, LPCWSTR lpDllName);
  318. #ifdef UNICODE
  319. #define DetourContinueProcessWithDll    DetourContinueProcessWithDllW
  320. #else
  321. #define DetourContinueProcessWithDll    DetourContinueProcessWithDllA
  322. #endif // !UNICODE
  323. //
  324. //////////////////////////////////////////////////////////////////////////////
  325. #ifdef __cplusplus
  326. }
  327. #endif // __cplusplus
  328. /////////////////////////////////////////////////////////////////// Old Names.
  329. //
  330. #define ContinueProcessWithDll            DetourContinueProcessWithDll 
  331. #define ContinueProcessWithDllA           DetourContinueProcessWithDllA
  332. #define ContinueProcessWithDllW           DetourContinueProcessWithDllW
  333. #define CreateProcessWithDll              DetourCreateProcessWithDll 
  334. #define CreateProcessWithDllA             DetourCreateProcessWithDllA
  335. #define CreateProcessWithDllW             DetourCreateProcessWithDllW
  336. #define DETOUR_TRAMPOLINE_WO_TARGET       DETOUR_TRAMPOLINE_EMPTY
  337. #define DetourBinaryPurgePayload          DetourBinaryPurgePayloads
  338. #define DetourEnumerateExportsForInstance DetourEnumerateExports
  339. #define DetourEnumerateInstances          DetourEnumerateModules
  340. #define DetourFindEntryPointForInstance   DetourGetEntryPoint
  341. #define DetourFindFinalCode               DetourGetFinalCode
  342. #define DetourFindPayloadInBinary         DetourFindPayload
  343. #define DetourGetSizeOfBinary             DetourGetSizeOfPayloads
  344. #define DetourRemoveWithTrampoline        DetourRemove
  345. #define PCREATE_PROCESS_ROUTINE           PDETOUR_CREATE_PROCESS_ROUTINE
  346. #define PCREATE_PROCESS_ROUTINEA          PDETOUR_CREATE_PROCESS_ROUTINEA
  347. #define PCREATE_PROCESS_ROUTINEW          PDETOUR_CREATE_PROCESS_ROUTINEW
  348. //
  349. //////////////////////////////////////////////// Detours Internal Definitions.
  350. //
  351. #ifdef __cplusplus
  352. #ifdef DETOURS_INTERNAL
  353. //////////////////////////////////////////////////////////////////////////////
  354. //
  355. #ifdef IMAGEAPI // defined by IMAGEHLP.H
  356. typedef LPAPI_VERSION (NTAPI *PF_ImagehlpApiVersionEx)(LPAPI_VERSION AppVersion);
  357. typedef BOOL (NTAPI *PF_SymInitialize)(IN HANDLE hProcess,
  358.                                        IN LPSTR UserSearchPath,
  359.                                        IN BOOL fInvadeProcess);
  360. typedef DWORD (NTAPI *PF_SymSetOptions)(IN DWORD SymOptions);
  361. typedef DWORD (NTAPI *PF_SymGetOptions)(VOID);
  362. typedef BOOL (NTAPI *PF_SymLoadModule)(IN HANDLE hProcess,
  363.                                        IN HANDLE hFile,
  364.                                        IN PSTR ImageName,
  365.                                        IN PSTR ModuleName,
  366.                                        IN DWORD BaseOfDll,
  367.                                        IN DWORD SizeOfDll);
  368. typedef BOOL (NTAPI *PF_SymGetModuleInfo)(IN HANDLE hProcess,
  369.                                           IN DWORD dwAddr,
  370.                                           OUT PIMAGEHLP_MODULE ModuleInfo);
  371. typedef BOOL (NTAPI *PF_SymGetSymFromName)(IN HANDLE hProcess,
  372.                                            IN LPSTR Name,
  373.                                            OUT PIMAGEHLP_SYMBOL Symbol);
  374. typedef BOOL (NTAPI *PF_BindImage)(IN LPSTR pszImageName,
  375.                                    IN LPSTR pszDllPath,
  376.                                    IN LPSTR pszSymbolPath);
  377. typedef struct _DETOUR_SYM_INFO
  378. {
  379.     HANDLE                   hProcess;
  380.     HMODULE                  hImageHlp;
  381.     PF_ImagehlpApiVersionEx  pfImagehlpApiVersionEx;
  382.     PF_SymInitialize         pfSymInitialize;
  383.     PF_SymSetOptions         pfSymSetOptions;
  384.     PF_SymGetOptions         pfSymGetOptions;
  385.     PF_SymLoadModule         pfSymLoadModule;
  386.     PF_SymGetModuleInfo      pfSymGetModuleInfo;
  387.     PF_SymGetSymFromName     pfSymGetSymFromName;
  388.     PF_BindImage             pfBindImage;
  389. } DETOUR_SYM_INFO, *PDETOUR_SYM_INFO;
  390. PDETOUR_SYM_INFO DetourLoadImageHlp(VOID);
  391. #endif // IMAGEAPI
  392. //////////////////////////////////////////////////////////////////////////////
  393. //
  394. class CDetourEnableWriteOnCodePage
  395. {
  396. public:
  397.     CDetourEnableWriteOnCodePage(PBYTE pbCode, LONG cbCode = DETOUR_TRAMPOLINE_SIZE)
  398.     {
  399.         m_pbCode = pbCode;
  400.         m_cbCode = cbCode;
  401.         m_dwOldPerm = 0;
  402.         m_hProcess = GetCurrentProcess();
  403.         if (m_pbCode && m_cbCode) {
  404.             if (!FlushInstructionCache(m_hProcess, pbCode, cbCode)) {
  405.                 return;
  406.             }
  407.             if (!VirtualProtect(pbCode,
  408.                                 cbCode,
  409.                                 PAGE_EXECUTE_READWRITE,
  410.                                 &m_dwOldPerm)) {
  411.                 return;
  412.             }
  413.         }
  414.     }
  415.     ~CDetourEnableWriteOnCodePage()
  416.     {
  417.         if (m_dwOldPerm && m_pbCode && m_cbCode) {
  418.             DWORD dwTemp = 0;
  419.             if (!FlushInstructionCache(m_hProcess, m_pbCode, m_cbCode)) {
  420.                 return;
  421.             }
  422.             if (!VirtualProtect(m_pbCode, m_cbCode, m_dwOldPerm, &dwTemp)) {
  423.                 return;
  424.             }
  425.         }
  426.     }
  427.     BOOL SetPermission(DWORD dwPerms)
  428.     {
  429.         if (m_dwOldPerm && m_pbCode && m_cbCode) {
  430.             m_dwOldPerm = dwPerms;
  431.             return TRUE;
  432.         }
  433.         return FALSE;
  434.     }
  435.     BOOL IsValid(VOID)
  436.     {
  437.         return m_pbCode && m_cbCode && m_dwOldPerm;
  438.     }
  439. private:
  440.     HANDLE  m_hProcess;
  441.     PBYTE   m_pbCode;
  442.     LONG    m_cbCode;
  443.     DWORD   m_dwOldPerm;
  444. };
  445. //////////////////////////////////////////////////////////////////////////////
  446. //
  447. inline PBYTE DetourGenMovEax(PBYTE pbCode, UINT32 nValue)
  448. {
  449.     *pbCode++ = 0xB8;
  450.     *((UINT32*&)pbCode)++ = nValue;
  451.     return pbCode;
  452. }
  453. inline PBYTE DetourGenMovEbx(PBYTE pbCode, UINT32 nValue)
  454. {
  455.     *pbCode++ = 0xBB;
  456.     *((UINT32*&)pbCode)++ = nValue;
  457.     return pbCode;
  458. }
  459. inline PBYTE DetourGenMovEcx(PBYTE pbCode, UINT32 nValue)
  460. {
  461.     *pbCode++ = 0xB9;
  462.     *((UINT32*&)pbCode)++ = nValue;
  463.     return pbCode;
  464. }
  465. inline PBYTE DetourGenMovEdx(PBYTE pbCode, UINT32 nValue)
  466. {
  467.     *pbCode++ = 0xBA;
  468.     *((UINT32*&)pbCode)++ = nValue;
  469.     return pbCode;
  470. }
  471. inline PBYTE DetourGenMovEsi(PBYTE pbCode, UINT32 nValue)
  472. {
  473.     *pbCode++ = 0xBE;
  474.     *((UINT32*&)pbCode)++ = nValue;
  475.     return pbCode;
  476. }
  477. inline PBYTE DetourGenMovEdi(PBYTE pbCode, UINT32 nValue)
  478. {
  479.     *pbCode++ = 0xBF;
  480.     *((UINT32*&)pbCode)++ = nValue;
  481.     return pbCode;
  482. }
  483. inline PBYTE DetourGenMovEbp(PBYTE pbCode, UINT32 nValue)
  484. {
  485.     *pbCode++ = 0xBD;
  486.     *((UINT32*&)pbCode)++ = nValue;
  487.     return pbCode;
  488. }
  489. inline PBYTE DetourGenMovEsp(PBYTE pbCode, UINT32 nValue)
  490. {
  491.     *pbCode++ = 0xBC;
  492.     *((UINT32*&)pbCode)++ = nValue;
  493.     return pbCode;
  494. }
  495. inline PBYTE DetourGenPush(PBYTE pbCode, UINT32 nValue)
  496. {
  497.     *pbCode++ = 0x68;
  498.     *((UINT32*&)pbCode)++ = nValue;
  499.     return pbCode;
  500. }
  501. inline PBYTE DetourGenPushad(PBYTE pbCode)
  502. {
  503.     *pbCode++ = 0x60;
  504.     return pbCode;
  505. }
  506. inline PBYTE DetourGenPopad(PBYTE pbCode)
  507. {
  508.     *pbCode++ = 0x61;
  509.     return pbCode;
  510. }
  511. inline PBYTE DetourGenJmp(PBYTE pbCode, PBYTE pbJmpDst, PBYTE pbJmpSrc = 0)
  512. {
  513.     if (pbJmpSrc == 0) {
  514.         pbJmpSrc = pbCode;
  515.     }
  516.     *pbCode++ = 0xE9;
  517.     *((INT32*&)pbCode)++ = pbJmpDst - (pbJmpSrc + 5);
  518.     return pbCode;
  519. }
  520. inline PBYTE DetourGenCall(PBYTE pbCode, PBYTE pbJmpDst, PBYTE pbJmpSrc = 0)
  521. {
  522.     if (pbJmpSrc == 0) {
  523.         pbJmpSrc = pbCode;
  524.     }
  525.     *pbCode++ = 0xE8;
  526.     *((INT32*&)pbCode)++ = pbJmpDst - (pbJmpSrc + 5);
  527.     return pbCode;
  528. }
  529. inline PBYTE DetourGenBreak(PBYTE pbCode)
  530. {
  531.     *pbCode++ = 0xcc;
  532.     return pbCode;
  533. }
  534. inline PBYTE DetourGenRet(PBYTE pbCode)
  535. {
  536.     *pbCode++ = 0xc3;
  537.     return pbCode;
  538. }
  539. inline PBYTE DetourGenNop(PBYTE pbCode)
  540. {
  541.     *pbCode++ = 0x90;
  542.     return pbCode;
  543. }
  544. #endif DETOURS_INTERAL
  545. #endif // __cplusplus
  546. #endif // _DETOURS_H_
  547. //
  548. ////////////////////////////////////////////////////////////////  End of File.