3
#pragma pack(push,1) struct _stdcallthunk { [color=#FF0000] DWORD m_mov; // mov dword ptr [esp+0x4], pThis // (esp+0x4 is hWnd) DWORD m_this; // Our CWindowImpl this pointer BYTE m_jmp; // jmp WndProc DWORD m_relproc; // relative jmp [/color] BOOL Init(DWORD_PTR proc, void* pThis) { m_mov = 0x042444C7; //C7 44 24 0C m_this = PtrToUlong(pThis); m_jmp = 0xe9; m_relproc = DWORD((INT_PTR)proc ((INT_PTR)this+sizeof(_stdcallthunk))); // write block from data cache and // flush from instruction cache FlushInstructionCache(GetCurrentProcess(), this, sizeof(_stdcallthunk)); return TRUE; } // some thunks will dynamically allocate the // memory for the code [color=#FF0000] void* GetCodeAddress() { return this; } [/color] }; #pragma pack(pop)
[已结帖,结帖人:sping_karen]
