打印.cpp
#include <iostream>
#include <Windows.h>
int main()
{
while (true)
{
std::cout << "Hello World!\n";
Sleep(500);
}
}
钩子.cpp
#include "pch.h"
#include <detours.h>
#include <iostream>
#pragma comment(lib,"detours.lib")
BOOL(WINAPI* OriginalWriteFile)(
HANDLE hFile,
LPCVOID lpBuffer,
DWORD nNumberOfBytesToWrite,
LPDWORD lpNumberOfBytesWritten,
LPOVERLAPPED lpOverlapped
) = WriteFile;
BOOL WINAPI HookedWriteFile(
HANDLE hFile,
LPCVOID lpBuffer,
DWORD nNumberOfBytesToWrite,
LPDWORD lpNumberOfBytesWritten,
LPOVERLAPPED lpOverlapped
) {
HANDLE stdOutput = GetStdHandle(STD_OUTPUT_HANDLE);
std::cout << "HOOK" << std::endl;
if (hFile == stdOutput) {
const char* prefix = "[Hooked]: ";
std::string newMessage = prefix + std::string((const char*)lpBuffer, nNumberOfBytesToWrite);
return OriginalWriteFile(hFile, newMessage.c_str(), newMessage.size(), lpNumberOfBytesWritten, lpOverlapped);
}
return OriginalWriteFile(hFile, lpBuffer, nNumberOfBytesToWrite, lpNumberOfBytesWritten, lpOverlapped);
}
size_t(__cdecl* OriginalFWrite)(
const void* buffer,
size_t size,
size_t count,
FILE* stream
) = fwrite;
size_t __cdecl HookedFWrite(
const void* buffer,
size_t size,
size_t count,
FILE* stream
) {
const char* prefix = "[Hooked]: ";
std::string newMessage = prefix + std::string((const char*)buffer, size * count);
return OriginalFWrite(newMessage.c_str(), size, count, stream);
}
std::ostream& (__cdecl* OriginalOstreamOperator)(std::ostream&, const char*) = nullptr;
std::ostream& __cdecl HookedOstreamOperator(std::ostream& os, const char* c)
{
OutputDebugString(L"asdasdasd");
const char* prefix = "[Hooked]: ";
OriginalOstreamOperator(os, prefix); // Adding prefix
return OriginalOstreamOperator(os, c); // Original call
}
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
std::cout << OriginalWriteFile << std::endl;
OutputDebugString(L"HOOK START");
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
std::cout << OriginalFWrite << std::endl;
DetourAttach(&(PVOID&)OriginalWriteFile, HookedWriteFile);
DetourAttach(&(PVOID&)OriginalFWrite, HookedFWrite);
DetourAttach(&(PVOID&)OriginalOstreamOperator, HookedOstreamOperator);
DetourTransactionCommit();
break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)OriginalWriteFile, HookedWriteFile);
DetourDetach(&(PVOID&)OriginalFWrite, HookedFWrite);
DetourDetach(&(PVOID&)OriginalOstreamOperator, HookedOstreamOperator);
DetourTransactionCommit();
break;
}
return TRUE;
}
我还尝试了WriteConsoleA、WriteConsoleW和WriteFile。 这些方法都不起作用。它仍然输出 Hello World! 如何使用HOOK获取控制台内容或者修改内容?
我发现他们没有被叫到。 我用x32dbg做了断点检查,发现WriteFile和FWrite被调用了,但是我编写的HOOK却没有被调用。
运行:
759F3C50
776D6E80
Hello World!
Hello World!
Hello World!
Hello World!
我发现了错误。原因是我没有在
breakDLL_THREAD_ATTACHDLL_THREAD_DETACH我将
breakDLL_THREAD_ATTACHDLL_THREAD_DETACHcase DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;