N
nc2t
Unregistered / Unconfirmed
GUEST, unregistred user!
谁能给我写出一个采用陷阱式、截获MessageBox或者MessageBoxA的例子<br>如果是截获TextOutA的例子请不要打扰了,我只要截获MessageBox或者MessageBoxA的例子<br>谢谢!<br>
N
nc2t
Unregistered / Unconfirmed
GUEST, unregistred user!
谁能给我写出一个采用陷阱式、截获MessageBox或者MessageBoxA的例子<br>如果是截获TextOutA的例子请不要打扰了,我只要截获MessageBox或者MessageBoxA的例子<br>谢谢!<br>
N
nc2t
Unregistered / Unconfirmed
GUEST, unregistred user!
自己早已经解决了<br>嘿嘿!!
M
mosker
Unregistered / Unconfirmed
GUEST, unregistred user!
发给我看看嘛.<br>temp@mgnet.cn<br>学习下.
王
王东迪
Unregistered / Unconfirmed
GUEST, unregistred user!
鄙视楼猪
X
xsj_by
Unregistered / Unconfirmed
GUEST, unregistred user!
可不可以发一个给我看看啊,xsj_by@163.com
R
renmingjiang
Unregistered / Unconfirmed
GUEST, unregistred user!
可不可以发给我看看,谢了
R
renmingjiang
Unregistered / Unconfirmed
GUEST, unregistred user!
能不能发给我看看<br>rmj011603235@126.com
A
Anskya
Unregistered / Unconfirmed
GUEST, unregistred user!
program hook;<br><br>uses<br> windows;<br><br>var<br>oldbytes : array [1..8] of byte;<br>newbytes : array [1..8] of byte;<br>process : cardinal;<br><br>function messageboxWhookproc(hWnd: HWND; lpText, lpCaption: PWideChar; uType: UINT): Integer; stdcall;<br>var<br>process: Cardinal;<br>nAUx: Cardinal;<br>begin<br>process := OpenProcess( PROCESS_ALL_ACCESS, True, GetCurrentProcessId );<br>lpText := 'Hahahaha Got hooked!!!';<br>WriteProcessMemory(process, GetProcAddress( GetModuleHandle( 'user32.dll' ), 'MessageBoxW' ) , @oldBytes, 8, nAux );<br>Result := MessageBoxW( hWnd, lpText, lpCaption, uType );<br>WriteProcessMemory(process, GetProcAddress( GetModuleHandle( 'user32.dll' ), 'MessageBoxW' ) , @newbytes, 8, nAux );<br>closehandle(process);<br>end;<br><br>procedure hookit;<br>type<br>TJumpCode = packed record<br>jmp: Byte; // mov eax,<br>addresse: cardinal; // address<br>jmp2, jmp3: byte; // call eax<br>end;<br>var<br>process:Cardinal;<br>location:Cardinal;<br>JmpCode:TJumpCode;<br>nAux
Word;<br>begin<br>process:=OpenProcess( PROCESS_ALL_ACCESS,True, GetCurrentProcessId);<br>location:=Cardinal(GetProcAddress(GetModuleHandle('user32.dll'),'MessageBoxW'));<br>ReadProcessMemory( process, Pointer( location ), @oldbytes, 8, nAux );<br>JmpCode.jmp := $B8; // MOV EAX,<br>JmpCode.addresse := Cardinal( @messageboxWhookproc);<br>JmpCode.jmp2 := $FF;<br>JmpCode.jmp3 := $e0;<br>WriteProcessMemory(process, Pointer( location ), @jmpcode, SizeOf( TJumpCode ), nAux );<br>closehandle(process);<br>end;<br><br><br><br>procedure unhookit;<br>var<br>process: Cardinal;<br>nAux: Cardinal;<br>begin<br>process := OpenProcess( PROCESS_ALL_ACCESS, True, GetCurrentProcessId );<br>WriteProcessMemory(process, GetProcAddress( GetModuleHandle( 'user32.dll' ), 'MessageBoxW' ) , @oldbytes, 8, nAux );<br>closehandle(process);<br>end;<br><br>begin<br>process:=OpenProcess( PROCESS_ALL_ACCESS, True, GetCurrentProcessId );<br>MessageBoxW(0,'i will be hooked very soonner','hook',mb_ok);<br>hookit;<br>MessageBoxW(0,'i will be faked','lol',mb_ok);<br>unhookit;<br>closehandle(process);<br>end.
Word;<br>begin<br>process:=OpenProcess( PROCESS_ALL_ACCESS,True, GetCurrentProcessId);<br>location:=Cardinal(GetProcAddress(GetModuleHandle('user32.dll'),'MessageBoxW'));<br>ReadProcessMemory( process, Pointer( location ), @oldbytes, 8, nAux );<br>JmpCode.jmp := $B8; // MOV EAX,<br>JmpCode.addresse := Cardinal( @messageboxWhookproc);<br>JmpCode.jmp2 := $FF;<br>JmpCode.jmp3 := $e0;<br>WriteProcessMemory(process, Pointer( location ), @jmpcode, SizeOf( TJumpCode ), nAux );<br>closehandle(process);<br>end;<br><br><br><br>procedure unhookit;<br>var<br>process: Cardinal;<br>nAux: Cardinal;<br>begin<br>process := OpenProcess( PROCESS_ALL_ACCESS, True, GetCurrentProcessId );<br>WriteProcessMemory(process, GetProcAddress( GetModuleHandle( 'user32.dll' ), 'MessageBoxW' ) , @oldbytes, 8, nAux );<br>closehandle(process);<br>end;<br><br>begin<br>process:=OpenProcess( PROCESS_ALL_ACCESS, True, GetCurrentProcessId );<br>MessageBoxW(0,'i will be hooked very soonner','hook',mb_ok);<br>hookit;<br>MessageBoxW(0,'i will be faked','lol',mb_ok);<br>unhookit;<br>closehandle(process);<br>end.
X
xsj_by
Unregistered / Unconfirmed
GUEST, unregistred user!
能不能在代码后面加上一些说明啊,让大家看得更清楚一些
9
9903
Unregistered / Unconfirmed
GUEST, unregistred user!
简单点的用madhook就行了