MHOOK的使用

// dllmain.cpp : 定义 DLL 应用程序的入口点。

#include "stdafx.h"

#include "mhook-lib/mhook.h"

#include

//封包函数//

typedef int (WINAPI *_send)(SOCKET s, const char *buf, int len, int flags);

typedef int (WINAPI *_recv)(SOCKET s, char *buf, int len, int flags);

_send g_trueSend = (_send)GetProcAddress(GetModuleHandleA("Ws2_32"),"send");

_recv g_trueRecv = (_recv)GetProcAddress(GetModuleHandleA("Ws2_32"),"recv");

mhook_func _msend = NULL;

mhook_func _mrecv = NULL;

static int WINAPI hook_send(SOCKET s, const char *buf, int len, int flags)

{

    int ret = g_trueSend(s,buf,len,flags);

    if (ret > 0)

    {

        char *temp = new char[ret];

        memcpy_s(temp,ret,buf,ret);

        if(_msend != NULL)

            _msend(temp,ret);

        delete temp;

    }

    return ret;

}

static int WINAPI hook_recv(SOCKET s, char *buf, int len, int flags)

{

    int ret = g_trueRecv(s,buf,len,flags);

    if (ret > 0)

    {

        char *temp = new char[ret];

        memcpy_s(temp,ret,buf,ret);

        if(_msend != NULL)

            _mrecv(temp,ret);

        delete temp;

    }

    return ret;

}

BOOL APIENTRY DllMain(HMODULE hModule,DWORD  ul_reason_for_call,LPVOID lpReserved)

{

    switch (ul_reason_for_call)

    {

    case DLL_PROCESS_ATTACH:

        //直接在这里HOOK SEND和RECV函数

        Mhook_SetHook((LPVOID*)&g_trueSend,hook_send);

        Mhook_SetHook((LPVOID*)&g_trueRecv,hook_recv);

        break;

    case DLL_THREAD_ATTACH:

        break;

    case DLL_THREAD_DETACH:

        break;

    case DLL_PROCESS_DETACH:

        //直接在这里UNHOOK SEND和RECV函数)

        Mhook_Unhook((LPVOID*)&g_trueSend);

        Mhook_Unhook((LPVOID*)&g_trueRecv);

        break;

    }

    return TRUE;

}

需要实现的函数及.cpp文件

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

// mk.cpp : 定义 DLL 应用程序的导出函数。

//

#include "stdafx.h"

#include "mhook-lib/mhook.h"

extern mhook_func _msend;

extern mhook_func _mrecv;

//ppSystemFunction为系统API,pHookFunction为自己定义的API

BOOL t001(PVOID *ppSystemFunction, PVOID pHookFunction)

{

    return Mhook_SetHook(ppSystemFunction,pHookFunction);

}

//pHookFunction为自己定义的API

BOOL t002(PVOID *ppHookedFunction)

{

    return Mhook_Unhook(ppHookedFunction);

}

BOOL t003(mhook_func pHookSendFunc,mhook_func pHookRecvFuc)

{

    _msend = pHookSendFunc;

    _mrecv = pHookRecvFuc;

    return TRUE;

}

mk.def

1

2

3

4

5

6

LIBRARY

EXPORTS

    ; 此处可以是显式导出

    t001 @1

    t002 @2

    t003 @3

在stdafx.h中添加以下别名

1

typedef void (WINAPI *mhook_func)(char *buf, int len);

最后直接编译生成DLL库就成功了。