![]() |
General Reading »
Hardware & System »
Cryptography
Advanced
HookAPI source codeBy pudn.comA system wide api source code for windows api hook developpers |
VC6, VC7Win2K, WinXP, Win2003, Dev
|
|
Advanced Search Add to IE Search |
|
|
|
||||||||||||||||
HookAPI is the API SDK that sets up system wide hooks for all windows platforms. It could easily hook 32-bit windows system APIs or 32-bit user-defined DLL. It could be used easily and all you need to do is write a DLL file named mydll.dll or mydll_9x.dll. It is based on ApiSpy32 by Yariv Kaplan.
The code injects two DLLs into the destination application. The first DLL, HookAPIxx.dll, updates the API's first 5 bytes:
papi[0] =0xE8; *(DWORD *)&papi[1] =(DWORD)ProcessCall -(DWORD)papi -CALL_BYTES_SIZE;
socket function:int WINAPI mysocket(int af, int type, int protocol) { WriteLog("debug mysocket, af=%d, type=%d, protocol=%d", af, type, protocol); return socket(af, type, protocol); }
And HookAPIxx.dll hooks the CreateProcessW/CreateProcessA functions, so it can catch the creation of new processes and inject the two DLLs:
#ifdef WINNT if(!strcmp(pinfo->api_name, "CreateProcessW") || !strcmp(pinfo->api_name, "CreateProcessA") ) { pi =(PROCESS_INFORMATION *)pdwParam[9]; if(pi->hProcess) { InjectLib(pi->hProcess, fname); // hook new process<CODE> } } #endif
If you want to use it, then load the first DLL HookAPIxx.dll. If it's an NT system(WinNT/XP/200x), you should call function HookAllProcess() in the DLL and call UnhookAllProcess when you exit. There are other functions in the DLL, like HookOneProcess, HookOneProcess2 to hook one application on NT system.
mydllxx.dll is loaded by HookAPIxx.dll when HookAPIxx.dll is initialized, and then makes the hook:
CHookAPI::CHookAPI()
{
LoadMyDll();
Init();
HookAllAPI();
}It includes the following parts:
many examples source codes, such as;
Hook socket functions like socket,
send,recv,connect, ...Hook file functions like
CreateFile,ReadFile, ...Hook registry functions like
RegOpenKey,RegQueryValue,RegQueryValueEx, ...Delphi sample for Hook socket function
Delphi sample for Hook file function
Hook
ExitWindowsExHook
LoadLibraryandGetProcAddressHook GDI functions like
TextOut,ExtTextOutHook Shell API function like
SHBrowseForFolder,SHGetFileInfo, ...Hiden Processes sample, it can hide processes, task managers cannot find it
Filter Advertisement bar sample, it can filter AD bar of IE or other network application, or filter the data from some ports of TCP/UDP
Message Filter sample, it can filter some messages of the windows
Execute file manager sample, it can forbide some files open, execute, and hidden some folders or files
Net encrypt sample, it can encrypt all the application that wrriten with socket. With this, you will not need encrypt in your application.
hook a ship game to auto drop bomb and auto elude bullet
General
News
Question
Answer
Joke
Rant
Admin
|
PermaLink |
Privacy |
Terms of Use
Last Updated: 31 Jan 2005 Editor: Chris Maunder |
Copyright 2005 by pudn.com Everything else Copyright © CodeProject, 1999-2009 Web13 | Advertise on the Code Project |