Click here to Skip to main content
Click here to Skip to main content
Add your own
alternative version

DLL Injection and function interception tutorial

, 23 Oct 2003
How to inject a DLL into a running process and then intercept function calls in statically linked DLLs.
injecto_src.zip
Injecto_src
src
DLL
DLL.dsw
DLL.dsp
EXE
EXE.dsp
EXE.dsw
OPCODES2.HLP
IntelCodeTable.pdf
adams_asm_tut
STARS.PAS
download.info
PALETTE.DAT
PLASMA.DAT
SINTABLE.DAT
//Lol, no, this isn't build for win64
//32bit address spacing only..


#include <windows.h>
#include "HookAPI.h"
#include <iostream>
#define Append(text) AppendLog(text, strlen(text))
#define LogFile "d:\\logs\\sniffer\\LOG.txt"

using namespace std;

/////
	//////////
	
	HINSTANCE			g_hInst=0;
	HANDLE				hLogFile=0;

	///

	HANDLE OpenLog(char *Filename);
	BOOL CloseLog(HANDLE h=hLogFile);
	DWORD AppendLog(char *str, DWORD uSize, HANDLE h=hLogFile);
	int HookWinsockProcs();

	///

	BOOL				IsLogging=false;

	//////////
////


BOOL WINAPI DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID _Reserved)
{
	switch(dwReason)
	{
	case DLL_PROCESS_ATTACH:
		g_hInst = hInstance;
		hLogFile = OpenLog(LogFile);
		Append("\r\n************************\r\nDLL_PROCESS_ATTACH\r\n");
		HookWinsockProcs();

		return true;
		break;

	case DLL_THREAD_ATTACH:
		Append("DLL_THREAD_ATTACH\r\n");
		break;

	case DLL_THREAD_DETACH:
		Append("DLL_THREAD_DETACH\r\n");
		break;

	case DLL_PROCESS_DETACH:
		Append("DLL_PROCESS_DETACH\r\n********************\r\n\r\n");
		CloseLog();
		return true;
		break;
	}//end switch(dwReason)

	return true;
}

//===========================
//  Related to LOG file
//
HANDLE OpenLog(char *Filename)
{
	HANDLE hLogFile;

	hLogFile = CreateFile( Filename, GENERIC_WRITE, FILE_SHARE_READ, 0, OPEN_ALWAYS,0,0);
	if(hLogFile!=INVALID_HANDLE_VALUE)
		IsLogging = true;//SetFilePointer(hLogFile, 0,0, FILE_END);//*/
	
	return hLogFile;
}

BOOL CloseLog(HANDLE h)
{
	IsLogging = false;
	return CloseHandle(h);
}

//returns written bytes
DWORD AppendLog(char *str, DWORD uSize, HANDLE h)
{
	DWORD written;
	if(!IsLogging) return 0;

	SetFilePointer( h, 0, 0, FILE_END );
	WriteFile(h, str, uSize, &written, 0);

	return written;
}
//
//
//============================

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

Share

About the Author

CrankHank

Qatar Qatar
Nasser R. Rowhani
Programming simply pumps my adrenaline..
 
Okay... I like people critisizing me...
Let me fix this article...

| Advertise | Privacy | Mobile
Web01 | 2.8.141022.2 | Last Updated 24 Oct 2003
Article Copyright 2003 by CrankHank
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid