开通博客赚积分
发布资源赚积分
分类

源码开发语言/平台
当前位置:首页 > 源码/资料 > Windows编程 > 钩子与API截获 > 查看源码
mydll.cpp
资源名称:HookAPI [点击查看]
上传用户:nbcables
上传日期:2007-01-11
资源大小:1243k
文件大小:7k
源码类别:

钩子与API截获

开发平台:

Visual C++

mydll.cpp:源码内容
  1. // ------------------------------------- //
  2. // 您如果要使用本文件,请不要删除本说明  //
  3. // ------------------------------------- //
  4. //             HOOKAPI 开发例子          //
  5. //   Copyright 2002 编程沙龙 Paladin     //
  6. //       www.ProgramSalon.com            //
  7. // ------------------------------------- //
  9. #include "stdafx.h"
  10. #include <stdio.h>
  11. #include "mydll.h"
  13. #ifdef WIN95
  14. #pragma code_seg("_INIT")
  15. #pragma comment(linker,"/SECTION:.bss,RWS /SECTION:.data,RWS /SECTION:.rdata,RWS /SECTION:.text,RWS /SECTION:_INIT,RWS ")
  16. #pragma comment(linker,"/BASE:0xBFF70000")
  17. #endif
  19. BOOL APIENTRY DllMain( HANDLE hModule, 
  20.                        DWORD  ul_reason_for_call, 
  21.                        LPVOID lpReserved
  22.  )
  23. {
  24.     return TRUE;
  25. }
  27. void WriteLog(char *fmt,...)
  28. {
  29. va_list args;
  30. char modname[200];
  32. char temp[5000];
  33. HANDLE hFile;
  35. GetModuleFileName(NULL, modname, sizeof(modname));
  37. if((hFile =CreateFile("c:\hookapi.log", GENERIC_WRITE, 0, NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL)) <0)
  38. {
  39. return;
  40. }
  42. _llseek((HFILE)hFile, 0, SEEK_END);
  44. wsprintf(temp, "mydll.dll:%s:", modname);
  45. DWORD dw;
  46. WriteFile(hFile, temp, strlen(temp), &dw, NULL);
  48. va_start(args,fmt);
  49. vsprintf(temp, fmt, args);
  50. va_end(args);
  52. WriteFile(hFile, temp, strlen(temp), &dw, NULL);
  54. wsprintf(temp, "rn");
  55. WriteFile(hFile, temp, strlen(temp), &dw, NULL);
  57. _lclose((HFILE)hFile);
  58. }
  60. HANDLE WINAPI myCreateFileA(LPCSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile)
  61. {          
  62. char temp[200];
  63. GetModuleFileName(NULL, temp, sizeof(temp));
  64. WriteLog("%s, myCreateFileA:filename=%s", temp, lpFileName);
  65. //MessageBox(NULL, temp, "mydll", MB_OK);
  66. if(strstr(lpFileName, "aaa") !=NULL) return NULL;
  67. return CreateFileA(lpFileName, dwDesiredAccess, dwShareMode, lpSecurityAttributes,
  68. dwCreationDisposition, dwFlagsAndAttributes, hTemplateFile);
  69. }
  71. HANDLE WINAPI myCreateFileW(LPCWSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile)
  72. {
  73. //MessageBox(NULL, "myCreateFileW", "ok", MB_OK);
  74.                               
  75. char temp[200];
  76. GetModuleFileName(NULL, temp, sizeof(temp));
  77. char fname[128];
  78. WideCharToMultiByte( CP_ACP, 0, lpFileName, -1, fname, 128,NULL,NULL); 
  80. WriteLog("%s, myCreateFileW:filename=%s", temp, fname);
  81. //MessageBox(NULL, temp, "mydll", MB_OK);
  83. if(strstr(fname, "aaa.txt") !=NULL)
  84. {
  85. WriteLog("CreateFileW aaa found!");
  86. return CreateFileA("c:\temp\bbb.txt", dwDesiredAccess, dwShareMode, lpSecurityAttributes,
  87. dwCreationDisposition, dwFlagsAndAttributes, hTemplateFile);
  88. //SetLastError(ERROR_FILE_NOT_FOUND);
  89. //return NULL;
  90. }
  92. return CreateFileW(lpFileName, dwDesiredAccess, dwShareMode, lpSecurityAttributes,
  93. dwCreationDisposition, dwFlagsAndAttributes, hTemplateFile);
  94. }
  96. BOOL WINAPI myDeleteFileA(LPCSTR lpFileName)
  97. {
  98. char temp[200];
  99. GetModuleFileName(NULL, temp, sizeof(temp));
  100. WriteLog("%s,n myDeleteFileA:filename=%s", temp, lpFileName);
  101. if(strstr(temp, "aaa") !=NULL)
  102. {
  103. WriteLog("DeleteFileA aaa found!");
  104. SetLastError(ERROR_FILE_NOT_FOUND);
  105. return NULL;
  106. }
  108. return DeleteFileA(lpFileName);
  109. }
  111. BOOL WINAPI myDeleteFileW(LPCWSTR lpFileName)
  112. {
  113. char temp[200];
  114. GetModuleFileName(NULL, temp, sizeof(temp));
  115. char fname[128];
  116. WideCharToMultiByte( CP_ACP, 0, lpFileName, -1, fname, 128,NULL,NULL); 
  117. WriteLog("%s,n myDeleteFileW:filename=%s", temp, fname);
  118. if(strstr(fname, "aaa") !=NULL)
  119. {
  120. WriteLog("DeleteFileW aaa found!");
  121. SetLastError(ERROR_FILE_NOT_FOUND);
  122. return NULL;
  123. }
  125. return DeleteFileW(lpFileName);
  126. }
  128. BOOL WINAPI myReadFile(HANDLE hFile, LPVOID lpBuffer, DWORD nNumberOfBytesToRead,
  129. LPDWORD lpNumberOfBytesRead, LPOVERLAPPED lpOverlapped)
  130. {
  131. WriteLog("ReadFile:handle=%x", hFile);
  133. return ReadFile(hFile, lpBuffer, nNumberOfBytesToRead, lpNumberOfBytesRead, lpOverlapped);
  134. }
  136. BOOL WINAPI myReadFileEx(HANDLE hFile, LPVOID lpBuffer, DWORD nNumberOfBytesToRead,
  137. LPOVERLAPPED lpOverlapped, LPOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine)
  138. {
  139. WriteLog("ReadFileEx");
  141. return ReadFileEx(hFile, lpBuffer, nNumberOfBytesToRead,
  142. lpOverlapped, lpCompletionRoutine);
  143. }
  145. BOOL WINAPI myWriteFile(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite,
  146. LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped)
  147. {
  148. WriteLog("WriteFile");
  150. return WriteFile(hFile, lpBuffer, nNumberOfBytesToWrite, lpNumberOfBytesWritten,
  151. lpOverlapped);
  152. }
  154. BOOL WINAPI myWriteFileEx(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite,
  155. LPOVERLAPPED lpOverlapped, LPOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine)
  156. {
  157. WriteLog("WriteFileEx");
  159. return WriteFileEx(hFile, lpBuffer, nNumberOfBytesToWrite, lpOverlapped, lpCompletionRoutine);
  160. }
  162. DWORD WINAPI myCreateProcessW(
  163. LPCWSTR lpApplicationName,
  164. LPWSTR lpCommandLine, 
  165. LPSECURITY_ATTRIBUTES lpProcessAttributes,
  166. LPSECURITY_ATTRIBUTES lpThreadAttributes,
  167. BOOL bInheritHandles,
  168. DWORD dwCreationFlags,
  169. LPVOID lpEnvironment,
  170. LPCWSTR lpCurrentDirectory,
  171. LPSTARTUPINFOW lpStartupInfo,
  172. LPPROCESS_INFORMATION lpProcessInformation
  173. )
  174. {
  175. char cmd[600];
  176. int len =WideCharToMultiByte( CP_ACP, 0, lpCommandLine, -1, cmd, sizeof(cmd),NULL,NULL); 
  177. cmd[len] =0;
  179. WriteLog("CreateProcessW :cmd=%s", cmd);
  181. BOOL ifsuccess = CreateProcessW(lpApplicationName,
  182. lpCommandLine, lpProcessAttributes,
  183. lpThreadAttributes, bInheritHandles, dwCreationFlags, lpEnvironment,
  184. lpCurrentDirectory, lpStartupInfo, lpProcessInformation);
  185. DWORD err =GetLastError();
  186. SetLastError(err);
  188. return (DWORD)ifsuccess;
  189. }
  191. DWORD WINAPI myCreateProcessA(
  192. LPCSTR lpApplicationName,
  193. LPSTR lpCommandLine, 
  194. LPSECURITY_ATTRIBUTES lpProcessAttributes,
  195. LPSECURITY_ATTRIBUTES lpThreadAttributes,
  196. BOOL bInheritHandles,
  197. DWORD dwCreationFlags,
  198. LPVOID lpEnvironment,
  199. LPCSTR lpCurrentDirectory,
  200. LPSTARTUPINFO lpStartupInfo,
  201. LPPROCESS_INFORMATION lpProcessInformation
  202. )
  203. {
  205. BOOL ifsuccess = CreateProcessA(lpApplicationName,
  206. lpCommandLine, lpProcessAttributes,
  207. lpThreadAttributes, bInheritHandles, dwCreationFlags, lpEnvironment,
  208. lpCurrentDirectory, lpStartupInfo, lpProcessInformation);
  209. DWORD err =GetLastError();
  210. WriteLog("CreateProcessA %s", lpCommandLine);
  211. SetLastError(err);
  213. return (DWORD)ifsuccess;
  214. }
  216. MYAPIINFO myapi_info[] =
  217. {
  218. {"KERNEL32.DLL", "CreateFileA", 7, "myCreateFileA"},
  219. {"KERNEL32.DLL", "CreateFileW", 7, "myCreateFileW"},
  220. {"KERNEL32.DLL", "DeleteFileA", 1, "myDeleteFileA"},
  221. {"KERNEL32.DLL", "DeleteFileW", 1, "myDeleteFileW"},
  222. {"KERNEL32.DLL", "ReadFile", 5, "myReadFile"},
  223. {"KERNEL32.DLL", "ReadFileEx", 5, "myReadFileEx"},
  224. {"KERNEL32.DLL", "WriteFile", 5, "myWriteFile"},
  225. {"KERNEL32.DLL", "WriteFileEx", 5, "myWriteFileEx"},
  226. {"KERNEL32.DLL", "CreateProcessW", 10, "myCreateProcessW"},
  227. {"KERNEL32.DLL", "CreateProcessA", 10, "myCreateProcessA"},
  228. {NULL,NULL,NULL}
  229. };
  231. MYAPIINFO *GetMyAPIInfo()
  232. {
  233. return &myapi_info[0];
  234. }