Winapi 什么';应用于CreateFile的Detours钩子有什么问题?
在这个小程序中尝试在CreateFile上使用迂回钩子时遇到了一些问题:Winapi 什么';应用于CreateFile的Detours钩子有什么问题?,winapi,hook,detours,Winapi,Hook,Detours,在这个小程序中尝试在CreateFile上使用迂回钩子时遇到了一些问题: #include <windows.h> #include <iostream> int main(HINSTANCE hinst, HINSTANCE hPrevInstance, LPSTR cmdLine, int showCmd) { HANDLE file; DWORD bytesRead, bytesWritten, pos; TCHAR msg[1000];
#include <windows.h>
#include <iostream>
int main(HINSTANCE hinst, HINSTANCE hPrevInstance, LPSTR cmdLine, int showCmd)
{
HANDLE file;
DWORD bytesRead, bytesWritten, pos;
TCHAR msg[1000];
std::cout << "Start creating file \"SampleFile.txt\"" << std::endl;
file = CreateFile(L"C:\\TestHook\\SampleFile.txt", GENERIC_WRITE, 0, NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
std::cout << "\"SampleFile.txt\" added into C folder" << std::endl;
CloseHandle(file);
return 0;
}
#包括
#包括
int main(HINSTANCE hinst、HINSTANCE hPrevInstance、LPSTR cmdLine、int showCmd)
{
处理文件;
DWORD字节读,字节写,位置;
TCHAR msg[1000];
std::cout如果使用的方法不对,则必须获取函数地址才能将其挂接
像这样:
static HANDLE(WINAPI* TrueCreateFile)(LPCWSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode,
LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes,
HANDLE hTemplateFile);
TrueCreateFile HookCreateFile;
HookCreateFile = (TrueCreateFile)GetProcAddress(GetModuleHandle("Kernel32.dll"), "CreateFile");
然后进行实际挂钩:
DetourAttach(&(PVOID&)HookCreateFile, MyCreateFile);
钩子函数不是调用原始函数(TrueCreateFile
),而是递归调用钩子函数。令人惊讶的是,它没有以堆栈溢出结束。
DetourAttach(&(PVOID&)HookCreateFile, MyCreateFile);