H
hcm0790
Unregistered / Unconfirmed
GUEST, unregistred user!
我想在文件打开(保存)之前获得文件的控制权,如xls或doc文件,希望当他们被打开时能够获得它们的文件名和内容,在对内容进行审核之后,再把控制权移交回相应的程式,如不能通过审核,则拒绝打开该文件。 时间紧,希望提供源码。分不够可再加,现金也行。
H
hcm0790
Unregistered / Unconfirmed
GUEST, unregistred user!
高人在哪呀
A
apacheii
Unregistered / Unconfirmed
GUEST, unregistred user!
用ShellHook
白
白河愁
Unregistered / Unconfirmed
GUEST, unregistred user!
可以用我写的 API Hook 控件,不需要任何相关知识.
H
hcm0790
Unregistered / Unconfirmed
GUEST, unregistred user!
白河愁: 谢谢你的回复, 请问如何取得你的API Hook控件, 有没使用说明, 若方便, 可发Email: hcm0790@163.com
H
hcm0790
Unregistered / Unconfirmed
GUEST, unregistred user!
白河愁: 谢谢你的回复, 请问如何取得你的API Hook控件, 有没使用说明, 若方便, 可发Email: hcm0790@163.com
暗
暗夜中独舞
Unregistered / Unconfirmed
GUEST, unregistred user!
我这里有一份API HOOK的
暗
暗夜中独舞
Unregistered / Unconfirmed
GUEST, unregistred user!
(* ------------------------------------------- *)<br>(* PermuteFunction功能 :用 NewFunc替代 OldFunc *)<br>(* Windows Me + Delphi 5.0 *)<br>(* ------------------------------------------ *)<br>unit HookAPI;<br><br>interface<br><br>uses<br> Windows, Classes ;<br><br><br>type<br> TImportCode = packed record<br> JumpInstruction: Word;<br> AddressOfPointerToFunction: ^Pointer;<br> end;<br> PImportCode = ^TImportCode;<br><br>type<br> PImage_Import_Entry = ^Image_Import_Entry;<br> Image_Import_Entry = record<br> Characteristics : DWORD;<br> TimeDateStamp : DWORD;<br> MajorVersion : Word;<br> MinorVersion : Word;<br> Name : DWORD;<br> LookupTable : DWORD;<br> end;<br><br> Function TrueFunctionAddress(Code: Pointer): Pointer;<br> Function PermuteFunction(OldFunc, NewFunc: Pointer): Integer;<br><br>implementation<br><br><br>function TrueFunctionAddress(Code: Pointer): Pointer;<br>var func: PImportCode;<br>begin<br>Result := Code;<br>if Code = nil then exit;<br>try<br>func := code;<br>if (func.JumpInstruction=$25FF) then begin<br>Result := func.AddressOfPointerToFunction^;<br>end;<br>except<br>Result := nil;<br>end;<br>end;<br><br>Function PermuteFunction(OldFunc, NewFunc: Pointer): Integer;<br>var IsDone: TList;<br>Function PermuteAddrInModule(hModule: THandle; OldFunc, NewFunc: Pointer): Integer;<br>var<br>Dos : PImageDosHeader;<br>NT : PImageNTHeaders;<br>ImportDesc : PImage_Import_Entry;<br>RVA : DWORD;<br>Func : ^Pointer;<br>DLL : String;<br>f : Pointer;<br>written : DWORD;<br>begin<br>Result := 0;<br>Dos := Pointer(hModule);<br>if IsDone.IndexOf(Dos) >= 0 then exit;<br>IsDone.Add(Dos);<br>OldFunc := TrueFunctionAddress(OldFunc);<br>if IsBadReadPtr(Dos,SizeOf(TImageDosHeader)) then exit;<br>if Dos.e_magic <> IMAGE_DOS_SIGNATURE then exit;<br>NT := Pointer(Integer(Dos) + dos._lfanew);<br>RVA := NT^.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress;<br><br>if RVA = 0 then exit;<br>ImportDesc := pointer(integer(Dos)+RVA);<br>While(ImportDesc^.Name<>0) do<br>begin<br>DLL := PChar(Integer(Dos) + ImportDesc^.Name);<br>PermuteAddrInModule(GetModuleHandle(PChar(DLL)),OldFunc,NewFunc);<br>Func := Pointer(Integer(DOS) + ImportDesc.LookupTable);<br>While Func^ <> nil do<br>begin<br>f := TrueFunctionAddress(Func^);<br>if f = OldFunc then<br>begin<br>WriteProcessMemory(GetCurrentProcess,Func,@NewFunc,4,written);<br>If Written > 0 then Inc(Result);<br>end;<br>Inc(Func);<br>end;<br>Inc(ImportDesc);<br>end;<br>end;<br><br>begin<br>IsDone := TList.Create;<br>try<br>Result := PermuteAddrInModule(GetModuleHandle(nil),OldFunc,NewFunc);<br>finally<br>IsDone.Free;<br>end;<br>end;<br>end.
暗
暗夜中独舞
Unregistered / Unconfirmed
GUEST, unregistred user!
我做过hook createfile的<br>给你参考下 希望可以帮到你
暗
暗夜中独舞
Unregistered / Unconfirmed
GUEST, unregistred user!
unit mess;<br><br>interface<br><br>uses<br> Windows,Messages,SysUtils,Classes,HookAPI;<br><br> procedure API_Hookup;<br> procedure Un_API_Hook;<br><br>var<br> FuncMessageboxA, FuncMessageboxW: PImportCode;<br><br>implementation<br><br>type<br> TMessageA = function(hwn: hwnd; lptext: pchar; lpcapion: pchar; utype: cardinal): integer; stdcall;<br> TMessageW = function(hwn: hwnd; lptext: pwidechar; lpcapion: pwidechar; utype: cardinal): integer; stdcall;<br><br> TCreateFile = function(lpFileName: PChar; dwDesiredAccess, dwShareMode: DWORD;<br> lpSecurityAttributes: PSecurityAttributes; dwCreationDisposition, dwFlagsAndAttributes: DWORD;<br> hTemplateFile: THandle): THandle; stdcall;<br> TCreateFileA = function(lpFileName: PAnsiChar; dwDesiredAccess, dwShareMode: DWORD;<br> lpSecurityAttributes: PSecurityAttributes; dwCreationDisposition, dwFlagsAndAttributes: DWORD;<br> hTemplateFile: THandle): THandle; stdcall;<br> TCreateFileW = function(lpFileName: PWideChar; dwDesiredAccess, dwShareMode: DWORD;<br> lpSecurityAttributes: PSecurityAttributes; dwCreationDisposition, dwFlagsAndAttributes: DWORD;<br> hTemplateFile: THandle): THandle; stdcall;<br><br>var<br> OldMessageBoxA: TMessageA;<br> OldMessageBoxW: TMessageW;<br><br> OldCreateFile: TCreateFile;<br> OldCreateFileA: TCreateFileA;<br> OldCreateFileW: TCreateFileW;<br><br>function MyBoxA(hwn:hwnd;lptext
char;lpcapionchar;utype:cardinal): integer; stdcall;<br>begin<br> result := OldMessageBoxA(hwn, 'Succes Hook A !', lpcapion, utype);<br>end;<br><br>function MyBoxw(hwn:hwnd;lptextwidechar;lpcapionwidechar;utype:cardinal): integer; stdcall;<br>begin<br> result := OldMessageBoxW(hwn, '成功挂上W!', lpcapion, utype);<br>end;<br><br>function MyCreateFile(lpFileName: PChar; dwDesiredAccess, dwShareMode: DWORD;<br> lpSecurityAttributes: PSecurityAttributes; dwCreationDisposition, dwFlagsAndAttributes: DWORD;<br> hTemplateFile: THandle): THandle; stdcall;<br>var<br> F:TextFile;<br>begin<br> oldCreateFile('c:/chenyi.txt',dwDesiredAccess, dwShareMode,lpSecurityAttributes,dwCreationDisposition,dwFlagsAndAttributes,hTemplateFile);<br>AssignFile(F,'c:/record.txt');<br>//writeln(f,'dads');<br>CloseFile(F);<br> result:=oldCreateFile(lpFileName,dwDesiredAccess, dwShareMode,lpSecurityAttributes,dwCreationDisposition,dwFlagsAndAttributes,hTemplateFile);<br>end;<br><br>function MyCreateFileA(lpFileName: PAnsiChar; dwDesiredAccess, dwShareMode: DWORD;<br> lpSecurityAttributes: PSecurityAttributes; dwCreationDisposition, dwFlagsAndAttributes: DWORD;<br> hTemplateFile: THandle): THandle; stdcall;<br>var<br> F:TextFile;<br>begin<br>oldCreateFile('c:/chenyi.txt',dwDesiredAccess, dwShareMode,lpSecurityAttributes,dwCreationDisposition,dwFlagsAndAttributes,hTemplateFile);<br>AssignFile(F,'c:/chenyi.txt');<br>Writeln(f,lpFileName);<br> result:=oldCreateFileA(lpFileName,dwDesiredAccess, dwShareMode,lpSecurityAttributes,dwCreationDisposition,dwFlagsAndAttributes,hTemplateFile);<br>end;<br><br>function MyCreateFileW(lpFileName: PWideChar; dwDesiredAccess, dwShareMode: DWORD;<br> lpSecurityAttributes: PSecurityAttributes; dwCreationDisposition, dwFlagsAndAttributes: DWORD;<br> hTemplateFile: THandle): THandle; stdcall;<br>begin<br>oldCreateFile('c:/chenyi.txt',dwDesiredAccess, dwShareMode,lpSecurityAttributes,dwCreationDisposition,dwFlagsAndAttributes,hTemplateFile);<br> result:=oldCreateFilew(lpFileName,dwDesiredAccess, dwShareMode,lpSecurityAttributes,dwCreationDisposition,dwFlagsAndAttributes,hTemplateFile);<br>end;<br><br><br>procedure API_Hookup;<br>begin<br> if @OldMessageBoxA = nil then<br> @OldMessageBoxA := TrueFunctionAddress(@messageboxA);<br> if @OldMessageBoxW = nil then<br> @OldMessageBoxW := TrueFunctionAddress(@messageboxW);<br><br> PermuteFunction(@OldMessageBoxA, @MyBoxA);<br> PermuteFunction(@OldMessageBoxW, @MyBoxW);<br><br> if @OldCreateFile = nil then<br> @OldCreateFile := TrueFunctionAddress(@CreateFile);<br> if @OldCreateFileA = nil then<br> @OldCreateFileA := TrueFunctionAddress(@CreateFileA);<br> if @OldCreateFileW = nil then<br> @OldCreateFileW := TrueFunctionAddress(@CreateFileW);<br><br> PermuteFunction(@OldCreateFile, @MyCreateFile);<br> PermuteFunction(@OldCreateFileA, @MyCreateFileA);<br> PermuteFunction(@OldCreateFileW, @MyCreateFileW);<br><br>end;<br><br>procedure Un_API_hook;<br>begin<br> If @OldMessageBoxA <> nil then begin<br> PermuteFunction(@MyBoxA, @OldMessageboxA);<br> PermuteFunction(@MyBoxW, @OldMessageboxW);<br> end;<br><br> if @OldCreateFile <> nil then<br> PermuteFunction(@MyCreateFile, @OldCreateFile);<br> if @OldCreateFileA <> nil then<br> PermuteFunction(@MyCreateFileA, @OldCreateFileA);<br> if @OldCreateFileW <> nil then<br> PermuteFunction(@MyCreateFileW, @OldCreateFileW);<br>end;<br><br>initialization<br> FuncMessageboxA := @MessageboxA;<br> FuncMessageboxW := @MessageboxW;<br><br>finalization<br> Un_API_hook;<br><br>end.
char;lpcapionchar;utype:cardinal): integer; stdcall;<br>begin<br> result := OldMessageBoxA(hwn, 'Succes Hook A !', lpcapion, utype);<br>end;<br><br>function MyBoxw(hwn:hwnd;lptextwidechar;lpcapionwidechar;utype:cardinal): integer; stdcall;<br>begin<br> result := OldMessageBoxW(hwn, '成功挂上W!', lpcapion, utype);<br>end;<br><br>function MyCreateFile(lpFileName: PChar; dwDesiredAccess, dwShareMode: DWORD;<br> lpSecurityAttributes: PSecurityAttributes; dwCreationDisposition, dwFlagsAndAttributes: DWORD;<br> hTemplateFile: THandle): THandle; stdcall;<br>var<br> F:TextFile;<br>begin<br> oldCreateFile('c:/chenyi.txt',dwDesiredAccess, dwShareMode,lpSecurityAttributes,dwCreationDisposition,dwFlagsAndAttributes,hTemplateFile);<br>AssignFile(F,'c:/record.txt');<br>//writeln(f,'dads');<br>CloseFile(F);<br> result:=oldCreateFile(lpFileName,dwDesiredAccess, dwShareMode,lpSecurityAttributes,dwCreationDisposition,dwFlagsAndAttributes,hTemplateFile);<br>end;<br><br>function MyCreateFileA(lpFileName: PAnsiChar; dwDesiredAccess, dwShareMode: DWORD;<br> lpSecurityAttributes: PSecurityAttributes; dwCreationDisposition, dwFlagsAndAttributes: DWORD;<br> hTemplateFile: THandle): THandle; stdcall;<br>var<br> F:TextFile;<br>begin<br>oldCreateFile('c:/chenyi.txt',dwDesiredAccess, dwShareMode,lpSecurityAttributes,dwCreationDisposition,dwFlagsAndAttributes,hTemplateFile);<br>AssignFile(F,'c:/chenyi.txt');<br>Writeln(f,lpFileName);<br> result:=oldCreateFileA(lpFileName,dwDesiredAccess, dwShareMode,lpSecurityAttributes,dwCreationDisposition,dwFlagsAndAttributes,hTemplateFile);<br>end;<br><br>function MyCreateFileW(lpFileName: PWideChar; dwDesiredAccess, dwShareMode: DWORD;<br> lpSecurityAttributes: PSecurityAttributes; dwCreationDisposition, dwFlagsAndAttributes: DWORD;<br> hTemplateFile: THandle): THandle; stdcall;<br>begin<br>oldCreateFile('c:/chenyi.txt',dwDesiredAccess, dwShareMode,lpSecurityAttributes,dwCreationDisposition,dwFlagsAndAttributes,hTemplateFile);<br> result:=oldCreateFilew(lpFileName,dwDesiredAccess, dwShareMode,lpSecurityAttributes,dwCreationDisposition,dwFlagsAndAttributes,hTemplateFile);<br>end;<br><br><br>procedure API_Hookup;<br>begin<br> if @OldMessageBoxA = nil then<br> @OldMessageBoxA := TrueFunctionAddress(@messageboxA);<br> if @OldMessageBoxW = nil then<br> @OldMessageBoxW := TrueFunctionAddress(@messageboxW);<br><br> PermuteFunction(@OldMessageBoxA, @MyBoxA);<br> PermuteFunction(@OldMessageBoxW, @MyBoxW);<br><br> if @OldCreateFile = nil then<br> @OldCreateFile := TrueFunctionAddress(@CreateFile);<br> if @OldCreateFileA = nil then<br> @OldCreateFileA := TrueFunctionAddress(@CreateFileA);<br> if @OldCreateFileW = nil then<br> @OldCreateFileW := TrueFunctionAddress(@CreateFileW);<br><br> PermuteFunction(@OldCreateFile, @MyCreateFile);<br> PermuteFunction(@OldCreateFileA, @MyCreateFileA);<br> PermuteFunction(@OldCreateFileW, @MyCreateFileW);<br><br>end;<br><br>procedure Un_API_hook;<br>begin<br> If @OldMessageBoxA <> nil then begin<br> PermuteFunction(@MyBoxA, @OldMessageboxA);<br> PermuteFunction(@MyBoxW, @OldMessageboxW);<br> end;<br><br> if @OldCreateFile <> nil then<br> PermuteFunction(@MyCreateFile, @OldCreateFile);<br> if @OldCreateFileA <> nil then<br> PermuteFunction(@MyCreateFileA, @OldCreateFileA);<br> if @OldCreateFileW <> nil then<br> PermuteFunction(@MyCreateFileW, @OldCreateFileW);<br>end;<br><br>initialization<br> FuncMessageboxA := @MessageboxA;<br> FuncMessageboxW := @MessageboxW;<br><br>finalization<br> Un_API_hook;<br><br>end.
暗
暗夜中独舞
Unregistered / Unconfirmed
GUEST, unregistred user!
我还有个API HOOK的类 需要的话我发给你
H
hcm0790
Unregistered / Unconfirmed
GUEST, unregistred user!
暗夜中独舞:謝謝你的熱情幫助, 請把相關資料發到 hcm0790@163.com
H
hcm0790
Unregistered / Unconfirmed
GUEST, unregistred user!
发分了
