contrib/easyhook-localhook.cpp

   1 #include "EasyHook.h"
   2 #include <stdio.h>
   3 #include <conio.h>
   4
   5 BOOL WINAPI MessageBeepHook(__in UINT uType)
   6 {
   7     printf("New Silent MessageBeep\n");
   8     return TRUE;
   9 }
  10
  11 BOOL WINAPI IMPL_GetTextExtentPoint32W(HDC hdc, LPCWSTR lpString, int cbString, LPSIZE lpSize)
  12 {
  13     printf("GetTextExtentPoint32W\n");
  14     return TRUE;
  15 }
  16
  17 BOOL WINAPI IMPL_GetTextExtentPoint32A(HDC hdc, LPCSTR lpString, int cbString, LPSIZE lpSize)
  18 {
  19     printf("GetTextExtentPoint32A\n");
  20     return TRUE;
  21 }
  22
  23 HFONT WINAPI IMPL_CreateFontIndirectW(CONST LOGFONTW *lplf)
  24 {
  25     printf("CreateFontIndirectW\n");
  26     return NULL;
  27 }
  28
  29 HFONT (WINAPI * ORIG_CreateFontIndirectW)(CONST LOGFONTW *lplf);
  30
  31 BOOL (WINAPI * ORIG_MessageBeepHook)(__in UINT);
  32 BOOL (WINAPI * ORIG_GetTextExtentPoint32W)(HDC hdc, LPCWSTR lpString, int cbString, LPSIZE lpSize);
  33 BOOL (WINAPI * ORIG_GetTextExtentPoint32A)(HDC hdc, LPCSTR lpString, int cbString, LPSIZE lpSize);
  34
  35 #define FORCE(expr)     {if(!SUCCEEDED(NtStatus = (expr))) goto ERROR_ABORT;}
  36
  37 extern "C" int main(int argc, wchar_t* argv[])
  38 {
  39     TRACED_HOOK_HANDLE      hHook = new HOOK_TRACE_INFO();
  40     NTSTATUS                NtStatus;
  41     ULONG                   ACLEntries[1] = {0};
  42     UNICODE_STRING*         NameBuffer = NULL;
  43
  44     ORIG_CreateFontIndirectW = CreateFontIndirectW;
  45
  46     FORCE(LhInstallHook(
  47             ORIG_CreateFontIndirectW,
  48             IMPL_CreateFontIndirectW,
  49             (PVOID)0,
  50             hHook));
  51     FORCE(LhSetInclusiveACL(ACLEntries, 1, hHook));
  52
  53     CreateFontIndirectW(0);
  54     CreateFontW(10, 10, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, L"system");
  55     LOGFONTA lf = {};
  56     CreateFontIndirectA(&lf);
  57     CreateFontA(12, 0, 0, 0, 400, 0, 0, 0, 2, 0, 0, 0, 0, "MARLETT");
  58
  59 #if 0
  60     ORIG_GetTextExtentPoint32A = GetTextExtentPoint32A;
  61     FORCE(LhInstallHook(
  62             ORIG_GetTextExtentPoint32A,
  63             IMPL_GetTextExtentPoint32A,
  64             (PVOID)0,
  65             hHook));
  66     HDC hdc = GetDC(NULL);
  67     SIZE size;
  68     FORCE(LhSetInclusiveACL(ACLEntries, 1, hHook));
  69     GetTextExtentPoint32W(hdc, L"abc", 3, &size);
  70     GetTextExtentPointW(hdc, L"abc", 3, &size);
  71     GetTextExtentPoint32A(hdc, "abc", 3, &size);
  72     GetTextExtentPointA(hdc, "abc", 3, &size);
  73 #endif
  74
  75 #if 0
  76     ORIG_MessageBeepHook = MessageBeep;
  77     /*
  78         The following shows how to install and remove local hooks...
  79     */
  80     FORCE(LhInstallHook(
  81             ORIG_MessageBeepHook,
  82             MessageBeepHook,
  83             (PVOID)0,
  84             hHook));
  85
  86     printf(".\n");
  87     // won't invoke the hook handler because hooks are inactive after installation
  88     MessageBeep(123);
  89     getch();
  90
  91     BOOL flags = 1;
  92     FORCE(LhIsThreadIntercepted(hHook, 0, &flags));
  93     printf("Intercepted %d\n", flags);
  94     // activate the hook for the current thread
  95     FORCE(LhSetInclusiveACL(ACLEntries, 1, hHook));
  96     FORCE(LhIsThreadIntercepted(hHook, 0, &flags));
  97     printf("Intercepted %d\n", flags);
  98
  99     printf(".\n");
 100     // will be redirected into the handler...
 101     MessageBeep(123);
 102     getch();
 103
 104     FORCE(LhSetGlobalExclusiveACL(ACLEntries, 1));
 105     printf(".\n");
 106     // will be redirected into the handler...
 107     MessageBeep(123);
 108     getch();
 109
 110     FORCE(LhSetGlobalInclusiveACL(ACLEntries, 1));
 111     printf(".\n");
 112     // will be redirected into the handler...
 113     MessageBeep(123);
 114     getch();
 115
 116     printf(".\n");
 117     // won't invoke the hook handler because hooks are inactive after installation
 118     ORIG_MessageBeepHook(123);
 119     getch();
 120 #endif
 121     // this will also invalidate "hHook", because it is a traced handle...
 122     LhUninstallAllHooks();
 123     // this will do nothing because the hook is already removed...
 124     LhUninstallHook(hHook);
 125
 126     printf(".\n");
 127     // will be redirected into the handler...
 128     MessageBeep(123);
 129     getch();
 130
 131     // now we can safely release the traced handle
 132     delete hHook;
 133
 134     hHook = NULL;
 135
 136     // even if the hook is removed, we need to wait for memory release
 137     LhWaitForPendingRemovals();
 138
 139     return 0;
 140
 141 ERROR_ABORT:
 142
 143     if(hHook != NULL)
 144         delete hHook;
 145
 146     if(NameBuffer != NULL)
 147         free(NameBuffer );
 148
 149     printf("\n[Error(0x%p)]: \"%S\" (code: %d {0x%p})\n", (PVOID)NtStatus, RtlGetLastErrorString(), RtlGetLastError(), (PVOID)RtlGetLastError());
 150
 151     _getch();
 152
 153     return NtStatus;
 154 }
 155