#include<stdio.h>
#include<windows.h>
#include<string.h>
#include"detours.h"
#pragma comment (lib ,"detours.lib" )
HANDLE(WINAPI * oldCreateFileW)(
_In_ LPCWSTR lpFileName,
_In_ DWORD dwDesiredAccess,
_In_ DWORD dwShareMode,
_In_opt_ LPSECURITY_ATTRIBUTES lpSecurityAttributes,
_In_ DWORD dwCreationDisposition,
_In_ DWORD dwFlagsAndAttributes,
_In_opt_ HANDLE hTemplateFile
) = CreateFileW;
HANDLE WINAPI newCreateFileW(
_In_ LPCWSTR lpFileName,
_In_ DWORD dwDesiredAccess,
_In_ DWORD dwShareMode,
_In_opt_ LPSECURITY_ATTRIBUTES lpSecurityAttributes ,
_In_ DWORD dwCreationDisposition,
_In_ DWORD dwFlagsAndAttributes,
_In_opt_ HANDLE hTemplateFile
){
MessageBoxA(0, "劫持成功!" , "系统信息" , 0);
return 0;
}
void Hook()
{
DetourRestoreAfterWith(); //恢复原来状态,
DetourTransactionBegin(); //拦截开始
DetourUpdateThread(GetCurrentThread()); //刷新当前线程
DetourAttach(( void **)&oldCreateFileW, newCreateFileW); //实现函数拦截
DetourTransactionCommit(); //拦截生效
}
void UnHook()
{
DetourTransactionBegin(); //拦截开始
DetourUpdateThread(GetCurrentThread()); //刷新当前线程
DetourDetach(( void **)&oldCreateFileW, newCreateFileW); //撤销拦截函数
DetourTransactionCommit(); //拦截生效
}
_declspec(dllexport) void go(){
MessageBoxA(0, "系统进程劫持成功!" , "系统信息" , 0);
int i = 0;
while (1){
Hook();
if (i == 60){
UnHook();
break;
}
Sleep(1000);
}
}