[ת]C/C++ HOOK API£¨Ô­ÀíÉîÈëÆÊÎöÖ® LoadLibraryA£©

9Ô¶¼¿ì½áÊøÁË£¬Ö®Ç°Ò»Ö±Ã¦µ½Ð´×Ô¼ºµÄ¶«Î÷¼ÓÉÏÉÏ°à¡£»ù±¾Ã»ÓÐʱ¼äÑо¿Ï»ã±àºÍC C++·½ÃæµÄ¸ÐÐËȤµÄ¶«Î÷¡£ÔÙÔõô˵Â9Ô»¹ÊǵÃдһƪÈö£¬ÒÔºóÿÔÂÖÁÉÙһƪ°É¡£¸ø×Ô¼º¶¨ÁË£¬Ï£Íû´ó¼Ò¼à¶½¡£ºÙºÙ£¡
ÕâƪÎÄÕ¾ÍÀ´Ì¸Ì¸Æ½³£ºÜ³£¼ûµÄHOOK¼¼Êõ£¬ÕâÀïÄØ¡£Ð´µÃ±È½Ï¼òµ¥£¬·½·¨ºÜ¶à¡£Ö»½²Ô­Àí£¡Ï£Íû´óÄñÃDZðÍÂÎÒ¿ÚË®¹þ - -¡£ºÃ£¡ÇÐÈëÕýÌâ¡£
Ê×ÏÈÊǸÅÄî°É¡£Ê²Ã´Êǹ³×Ó£¨HOOK£©£¿
¹³×Ó(Hook)£¬ÊÇWindowsÏûÏ¢´¦Àí»úÖƵÄÒ»¸öƽ̨,Ó¦ÓóÌÐò¿ÉÒÔÔÚÉÏÃæÉèÖÃ×Ó³ÌÒÔ¼àÊÓÖ¸¶¨´°¿ÚµÄijÖÖÏûÏ¢£¬¶øÇÒËù¼àÊӵĴ°¿Ú¿ÉÒÔÊÇÆäËû½ø³ÌËù´´½¨µÄ¡£µ±ÏûÏ¢µ½´ïºó£¬ÔÚÄ¿±ê´°¿Ú´¦Àíº¯Êý֮ǰ´¦ÀíËü¡£¹³×Ó»úÖÆÔÊÐíÓ¦ÓóÌÐò½Ø»ñ´¦ÀíwindowÏûÏ¢»òÌض¨Ê¼þ¡£
¹³×Óʵ¼ÊÉÏÊÇÒ»¸ö´¦ÀíÏûÏ¢µÄ³ÌÐò¶Î£¬Í¨¹ýϵͳµ÷Ó㬰ÑËü¹ÒÈëϵͳ¡£Ã¿µ±Ìض¨µÄÏûÏ¢·¢³ö£¬ÔÚûÓе½´ïÄ¿µÄ´°¿ÚÇ°£¬¹³×Ó³ÌÐò¾ÍÏȲ¶»ñ¸ÃÏûÏ¢£¬Ò༴¹³×Óº¯ÊýÏȵõ½¿ØÖÆȨ¡£Õâʱ¹³×Óº¯Êý¼´¿ÉÒÔ¼Ó¹¤´¦Àí£¨¸Ä±ä£©¸ÃÏûÏ¢£¬Ò²¿ÉÒÔ²»×÷´¦Àí¶ø¼ÌÐø´«µÝ¸ÃÏûÏ¢£¬»¹¿ÉÒÔÇ¿ÖƽáÊøÏûÏ¢µÄ´«µÝ¡£
ÕâÉÏÃæÖ»ÊÇÒ»¸ö¸ÅÄ¶ÔËüÓÐËùÁ˽â¶øÒÑ¡£ÉÏÃæÖ÷ÒªÓ¦ÓÃÔÚWindowsÏûÏ¢´¦Àí»úÖÆÀïÃæµÄÒ»¸ö½âÊÍ¡£ÕâÀïÎÒÖ»Êǵ¥´¿µÄ̸̸À¹½ØÎÒÃdz£ÓõÄLoadLibraryA¼ÓÔØÕâ¸öº¯Êý¡£ÈÃÎÒÃǵijÌÐò»òÕßÄ¿±ê³ÌÐòÔÚµ÷ÓÃÕâ¸öº¯Êý¼ÓÔØÁ´½Ó¿âµÄʱºò£¬ÏÈÖ´ÐÐÎÒÃÇ×Ô¼ºÐ´µÄº¯Êý£¬È»ºóÔÚ½øÐÐÕý³£¼ÓÔØ¡£Í¨Ë×µÄ˵¾ÍÊÇa----->b.  ÎÒÃÇÔÚÖмä¼ÓÉÏÒ»¸öc¡£ a-------->c----->bÈÃËûÏÈÖ´ÐÐcÈ»ºóÔÙÖ´ÐÐb¡£ÕâÀïµÄc¾ÍÊÇÎÒÃÇ×Ô¼ºµÄº¯ÊýÁË¡£
ºÇºÇ£¬¸ÅÄî˵µÃ²î²»¶àÁË£¬¿ªÊ¼Ðж¯Ð´´úÂëÈö£º
#include <iostream>
#include <Windows.h>
using namespace std;
#pragma warning( disable: 4309 )
#pragma warning( disable: 4311 )

typedef HMODULE ( WINAPI *HOOKAPI )( IN LPCSTR );
#define MYHOOKMETHOD ( __fun ) HMODULE WINAPI __fun
#define DECLARE_REGISTER ( __0bj, __lawfunc, __newfunc ) Inline_Hook< HOOKAPI, 1 > __Obj( __lawfunc, __newfunc )

struct __InlineHOOK_Base
{
DWORD _argsBytes;
void* _lawFunc;
void* _newFunc;
char _lawByteCode[16];
char _newByteCode[16];

bool unhook ( void )
{
// It's hooked.
if ( memcmp( _newByteCode, _lawFunc, 16 ) == 0 )
{
DWORD dwOldFlag;
VirtualProtect( _lawFunc, 8, PAGE_EXECUTE_READW