A、InLine HOOK 原理分析
B、InLine HOOK 代码编写
C、InLine HOOK 代码测试
在 021_绕过驱动保护 已经讲过一次 in line hook
_declspec(naked)
#pragma pack(1)
//前5字节
77D507EA > 8BFF MOV EDI,EDI
77D507EC /. 55 PUSH EBP
77D507ED |. 8BEC MOV EBP,ESP
My_MessageBoxA地址 401020
#include "stdafx.h"
#include "hook_test.h"
#include <windows.h>
_declspec(naked) int My_MessageBox
(
HWND hWnd, // handle of owner window
LPCTSTR lpText, // address of text in message box
LPCTSTR lpCaption, // address of title of message box
UINT uType // style of message box
)
{
__asm
{ mov bx,bx
PUSH EBP
MOV EBP,ESP
}
printf("Hook Ok %x,%s,%s,%x \n",hWnd,lpText,lpCaption,uType);
__asm
{
jmp oldMessageBoxA+5
}
__asm pop ebp
__asm retn 0x10
}
int main(int argc, char* argv[])
{
// printf("Hello World!\n");
MessageBoxA(NULL,"Hook Test Contect","hook",MB_OK);
printf("End Process \n");
getchar();
return 0;
}