15,471
社区成员
发帖
与我相关
我的任务
分享
#include <windows.h>
#include <detours.h>
BOOL (WINAPI * SysDeleteFileA)(LPCTSTR lpFileName)= DeleteFile;
BOOL WINAPI MyHookDeleteFileA(LPCTSTR lpFileName);
//如果不注释掉编译总显示error C2440: 'initializing' : cannot convert from '' to 'int (__stdcall *)(const char //*)'的错误,不知为什么?谁能解一下?
//BOOL (WINAPI * SysDeleteFileW)(LPCTSTR lpFileName)= DeleteFileW;
//BOOL WINAPI MyHookDeleteFileW(LPCTSTR lpFileName);
__declspec(dllexport) void ExportFunc(void)
{
}
BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason,LPVOID lpvReserved)
{
switch(fdwReason)
{
case DLL_PROCESS_ATTACH:
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)SysDeleteFileA,MyHookDeleteFileA);
if(DetourTransactionCommit()==NO_ERROR)
{
MessageBox(NULL,"Attach Successfully!","Successful",MB_OK);
}
// DetourTransactionBegin();
// DetourUpdateThread(GetCurrentThread());
// DetourAttach(&(PVOID&)SysDeleteFileW,MyHookDeleteFileW);
break;
case DLL_PROCESS_DETACH:
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)SysDeleteFileA, MyHookDeleteFileA);
if(DetourTransactionCommit()==NO_ERROR)
{
MessageBox(NULL,"Detach Successfully!","Successful",MB_OK);
}
break;
}
return true;
}
BOOL WINAPI MyHookDeleteFileA(LPCTSTR lpFileName)
{
MessageBox(NULL,"You Can Not Delete This File!","ERROR",MB_OK);
return true;
}
/*BOOL WINAPI MyHookDeleteFileW(LPCTSTR lpFileName)
{
return true;
}*/
#include <windows.h>
#include <detours.h>
#include <tchar.h>
//BOOL (WINAPI * SysDeleteFileA)(LPCTSTR lpFileName)= DeleteFile;
//BOOL WINAPI MyHookDeleteFileA(LPCTSTR lpFileName);
BOOL (WINAPI * SysDeleteFileW)(LPCTSTR lpFileName)= DeleteFileW;
BOOL WINAPI MyHookDeleteFileW(LPCTSTR lpFileName);
BOOL (WINAPI *SysMoveFileExW)(LPCTSTR lpExistingFileName,LPCTSTR lpNewFileName,DWORD dwFlags)=MoveFileExW;
BOOL WINAPI MyHookMoveFileExW(LPCTSTR lpExistingFileName,LPCTSTR lpNewFileName,DWORD dwFlags);
HANDLE (WINAPI *SysCreateFileW)(
LPCTSTR lpFileName, // pointer to name of the file
DWORD dwDesiredAccess, // access (read-write) mode
DWORD dwShareMode, // share mode
LPSECURITY_ATTRIBUTES lpSecurityAttributes,
// pointer to security attributes
DWORD dwCreationDisposition, // how to create
DWORD dwFlagsAndAttributes, // file attributes
HANDLE hTemplateFile // handle to file with attributes to
// copy
)=CreateFileW;
HANDLE MyHookCreateFileW(
LPCTSTR lpFileName, // pointer to name of the file
DWORD dwDesiredAccess, // access (read-write) mode
DWORD dwShareMode, // share mode
LPSECURITY_ATTRIBUTES lpSecurityAttributes,
// pointer to security attributes
DWORD dwCreationDisposition, // how to create
DWORD dwFlagsAndAttributes, // file attributes
HANDLE hTemplateFile // handle to file with attributes to
// copy
);
__declspec(dllexport) void ExportFunc(void)
{
}
BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason,LPVOID lpvReserved)
{
switch(fdwReason)
{
case DLL_PROCESS_ATTACH:
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)SysDeleteFileW,MyHookDeleteFileW);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)SysMoveFileExW,MyHookMoveFileExW);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)SysCreateFileW,MyHookCreateFileW);
if(DetourTransactionCommit()==NO_ERROR)
{
MessageBox(NULL,_T("Attach Successfully!"),_T("Successful"),MB_OK);
}
// DetourTransactionBegin();
// DetourUpdateThread(GetCurrentThread());
// DetourAttach(&(PVOID&)SysDeleteFileW,MyHookDeleteFileW);
break;
case DLL_PROCESS_DETACH:
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)SysDeleteFileW, MyHookDeleteFileW);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)SysMoveFileExW, MyHookMoveFileExW);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)SysCreateFileW, MyHookCreateFileW);
if(DetourTransactionCommit()==NO_ERROR)
{
MessageBox(NULL,_T("Detach Successfully!"),_T("Successful"),MB_OK);
}
break;
}
return true;
}
BOOL WINAPI MyHookDeleteFileW(LPCTSTR lpFileName)
{
MessageBox(NULL,_T("You Can Not Delete This File!"),_T("ERROR"),MB_OK);
return true;
}
BOOL WINAPI MyHookMoveFileExW(LPCTSTR lpExistingFileName,LPCTSTR lpNewFileName,DWORD dwFlags)
{
MessageBox(NULL,_T("You Can Not Move This File!"),_T("ERROR"),MB_OK);
return true;
}
HANDLE MyHookCreateFileW(
LPCTSTR lpFileName, // pointer to name of the file
DWORD dwDesiredAccess, // access (read-write) mode
DWORD dwShareMode, // share mode
LPSECURITY_ATTRIBUTES lpSecurityAttributes,
// pointer to security attributes
DWORD dwCreationDisposition, // how to create
DWORD dwFlagsAndAttributes, // file attributes
HANDLE hTemplateFile // handle to file with attributes to
// copy
){
MessageBox(NULL,_T("You Can Not Create File!"),_T("ERROR"),MB_OK);
return NULL;
}