lenheart/DNF_DLL
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1211

Browse Source
This commit is contained in:
947330670@qq.com
2022-09-06 00:08:26 +08:00
parent e17ffc3965
commit 91d57c13f0
232 changed files with 191628 additions and 250 deletions
Download Patch File Download Diff File Expand all files Collapse all files

248
test/Detours/samples/tryman/Makefile Normal file
View File

@@ -0,0 +1,248 @@
##############################################################################
##
## Detours Test Program
##
## Microsoft Research Detours Package
##
## Copyright (c) Microsoft Corporation. All rights reserved.
##
!include ..\common.mak
BIND_X86=$(ROOT)\bin.x86
BIND_X64=$(ROOT)\bin.x64
LIBS = $(LIBS) kernel32.lib
##############################################################################
all: dirs \
$(BIND)\tstman$(DETOURS_BITS).dll \
$(BIND)\tryman$(DETOURS_BITS).exe \
$(BIND)\size$(DETOURS_BITS).exe \
\
$(BIND)\managed-x64.exe \
$(BIND)\managed-ia64.exe \
$(BIND)\managed-x86.exe \
$(BIND)\managed-any.exe \
$(BIND)\managed-any32.exe \
\
!IF $(DETOURS_SOURCE_BROWSING)==1
$(OBJD)\tstman$(DETOURS_BITS).bsc \
$(OBJD)\tryman$(DETOURS_BITS).bsc \
!ENDIF
option
##############################################################################
dirs:
@if not exist $(BIND) mkdir $(BIND) && echo. Created $(BIND)
@if not exist $(OBJD) mkdir $(OBJD) && echo. Created $(BIND)
$(OBJD)\tstman.obj : tstman.cpp
$(OBJD)\tstman.res : tstman.rc
$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\tstman$(DETOURS_BITS).lib: \
$(OBJD)\tstman.obj $(OBJD)\tstman.res $(DEPS)
cl /LD $(CFLAGS) /Fe$(@R).dll /Fd$(@R).pdb \
$(OBJD)\tstman.obj $(OBJD)\tstman.res \
/link $(LINKFLAGS) /subsystem:console \
/export:DetourFinishHelperProcess,@1,NONAME \
/export:Test3264 \
$(LIBS)
$(OBJD)\tstman$(DETOURS_BITS).bsc : tstman.obj
bscmake /v /n /o $@ tstman.sbr
$(OBJD)\tryman.obj : tryman.cpp
$(BIND)\tryman$(DETOURS_BITS).exe : $(OBJD)\tryman.obj $(DEPS) $(BIND)\tstman$(DETOURS_BITS).lib
cl $(CFLAGS) /Fe$@ /Fd$(@R).pdb $(OBJD)\tryman.obj \
/link $(LINKFLAGS) $(LIBS) $(BIND)\tstman$(DETOURS_BITS).lib \
/subsystem:console
$(OBJD)\tryman$(DETOURS_BITS).bsc : $(OBJD)\tryman.obj
bscmake /v /n /o $@ $(OBJD)\tryman.sbr
$(OBJD)\size.obj : size.cpp
$(BIND)\size$(DETOURS_BITS).exe : $(OBJD)\size.obj $(DEPS)
cl $(CFLAGS) /Fe$@ /Fd$(@R).pdb $(OBJD)\size.obj \
/link $(LINKFLAGS) $(LIBS) \
/subsystem:console /fixed:no
$(OBJD)\size$(DETOURS_BITS).bsc : $(OBJD)\size.obj
bscmake /v /n /o $@ $(OBJD)\size.sbr
$(BIND)\key.snk:
if not exist $(BIND)\key.snk sn -k $(BIND)\key.snk
CSCFLAGS=/nowarn:1607 /unsafe- /optimize+ /debug+ /warnaserror
$(BIND)\managed-x64.exe : $(BIND)\key.snk managed.cs
csc /nologo $(CSCFLAGS) /platform:x64 /keyfile:$(BIND)\key.snk \
/out:$(BIND)\managed-x64.exe managed.cs
$(BIND)\managed-ia64.exe : $(BIND)\key.snk managed.cs
csc /nologo $(CSCFLAGS) /platform:itanium /keyfile:$(BIND)\key.snk \
/out:$(BIND)\managed-ia64.exe managed.cs
$(BIND)\managed-x86.exe : $(BIND)\key.snk managed.cs
csc /nologo $(CSCFLAGS) /platform:x86 /keyfile:$(BIND)\key.snk \
/out:$(BIND)\managed-x86.exe managed.cs
$(BIND)\managed-any.exe : $(BIND)\key.snk managed.cs
csc /nologo $(CSCFLAGS) /platform:anycpu /keyfile:$(BIND)\key.snk \
/out:$(BIND)\managed-any.exe managed.cs
$(BIND)\managed-any32.exe : $(BIND)\key.snk managed.cs
-csc /nologo $(CSCFLAGS) /platform:anycpu32bitpreferred /keyfile:$(BIND)\key.snk \
/out:$(BIND)\managed-any32.exe managed.cs
##############################################################################
clean:
-del *~ 2>nul
-del $(BIND)\managed-*.* 2>nul
-del $(BIND)\tstman*.* 2>nul
-del $(BIND)\tryman*.* 2>nul
-del $(BIND)\size*.* 2>nul
-rmdir /q /s $(OBJD) 2>nul
realclean: clean
-rmdir /q /s $(OBJDS) 2>nul
############################################### Install non-bit-size binaries.
!IF "$(DETOURS_OPTION_PROCESSOR)" != ""
$(OPTD)\tstman$(DETOURS_OPTION_BITS).dll:
$(OPTD)\tstman$(DETOURS_OPTION_BITS).pdb:
$(OPTD)\tryman$(DETOURS_OPTION_BITS).exe:
$(OPTD)\tryman$(DETOURS_OPTION_BITS).pdb:
$(OPTD)\size$(DETOURS_OPTION_BITS).exe:
$(OPTD)\size$(DETOURS_OPTION_BITS).pdb:
$(BIND)\tstman$(DETOURS_OPTION_BITS).dll : $(OPTD)\tstman$(DETOURS_OPTION_BITS).dll
@if exist $? copy /y $? $(BIND) >nul >nul && echo. $@ copied.
$(BIND)\tstman$(DETOURS_OPTION_BITS).pdb : $(OPTD)\tstman$(DETOURS_OPTION_BITS).pdb
@if exist $? copy /y $? $(BIND) >nul >nul && echo. $@ copied.
$(BIND)\tryman$(DETOURS_OPTION_BITS).exe : $(OPTD)\tryman$(DETOURS_OPTION_BITS).exe
@if exist $? copy /y $? $(BIND) >nul >nul && echo. $@ copied.
$(BIND)\tryman$(DETOURS_OPTION_BITS).pdb : $(OPTD)\tryman$(DETOURS_OPTION_BITS).pdb
@if exist $? copy /y $? $(BIND) >nul >nul && echo. $@ copied.
$(BIND)\size$(DETOURS_OPTION_BITS).exe : $(OPTD)\size$(DETOURS_OPTION_BITS).exe
@if exist $? copy /y $? $(BIND) >nul >nul && echo. $@ copied.
$(BIND)\size$(DETOURS_OPTION_BITS).pdb : $(OPTD)\size$(DETOURS_OPTION_BITS).pdb
@if exist $? copy /y $? $(BIND) >nul >nul && echo. $@ copied.
option: \
$(BIND)\tstman$(DETOURS_OPTION_BITS).dll \
$(BIND)\tstman$(DETOURS_OPTION_BITS).pdb \
$(BIND)\tryman$(DETOURS_OPTION_BITS).exe \
$(BIND)\tryman$(DETOURS_OPTION_BITS).pdb \
$(BIND)\size$(DETOURS_OPTION_BITS).exe \
$(BIND)\size$(DETOURS_OPTION_BITS).pdb \
!ELSE
option:
!ENDIF
##############################################################################
# !IF "$(DETOURS_TARGET_PROCESSOR)" == "X64"
# #!MESSAGE Building for 64-bit X64.
# DETOURS_SOURCE_BROWSING = 0
# !ELSEIF "$(DETOURS_TARGET_PROCESSOR)" == "IA64"
# #!MESSAGE Building for 64-bit IA64.
# !ELSEIF "$(DETOURS_TARGET_PROCESSOR)" == "X86"
# #!MESSAGE Building for 32-bit X86.
# !ELSE
!if "$(DETOURS_OPTION_PROCESSOR)" != ""
test: all size32 size64
!else
test: all
!endif
@echo ---- Trying native binary w/o test ----------------------
$(BIND)\tryman$(DETOURS_BITS).exe
@echo.
@echo ---- Trying native binary -------------------------------
$(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\tryman$(DETOURS_BITS).exe
@echo.
@echo ---- Trying anycpu managed binary -----------------------
-$(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\managed-any.exe
@echo.
@echo ---- Trying anycpu managed 32-bit preferrred binary -----
-if exist $(BIND)\managed-any32.exe $(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\managed-any32.exe
@echo.
@echo ---- Trying x86 managed binary --------------------------
-$(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\managed-x86.exe
@echo.
@echo ---- Trying x64 managed binary --------------------------
-$(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\managed-x64.exe
@echo.
@echo ---- Trying ia64 managed binary -------------------------
-$(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\managed-ia64.exe
@echo.
testm: all
csc managed.cs
@echo.
$(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\managed-any.exe
@echo.
size: all
@echo.
$(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\size$(DETOURS_BITS).exe 10
@echo.
size32: all
@echo.
$(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\size32.exe 10
@echo.
size64: all
@echo.
$(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\size64.exe 10
@echo.
sizedbg: all
@echo.
windbg -o $(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\size$(DETOURS_BITS).exe 10
@echo.
tx: all
cd $(MAKEDIR)\..\..\src
nmake /nologo
cd $(MAKEDIR)\..\..\samples\withdll
nmake /nologo
cd $(MAKEDIR)
rem $(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\managed.exe
windbg -g -o $(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\managed-any.exe
mx: all
cd $(MAKEDIR)\..\..\src
nmake /nologo
cd $(MAKEDIR)\..\..\samples\withdll
nmake /nologo
cd $(MAKEDIR)
$(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\tryman$(DETOURS_BITS).exe
test-managed: all
@echo ---- Trying anycpu managed binary -----------------------
-$(BIND)\withdll.exe -d:$(BIND)\tstman$(DETOURS_BITS).dll $(BIND)\managed-any.exe
@echo.
@echo ---- Trying x86 managed binary --------------------------
-$(BIND_X86)\withdll.exe -d:$(BIND_X86)\tstman32.dll $(BIND_X86)\managed-x86.exe
@echo.
@echo ---- Trying anycpu managed 32-bit preferrred binary -----
-if exist $(BIND_X86)\managed-any32.exe $(BIND_X86)\withdll.exe -d:$(BIND_X86)\tstman32.dll $(BIND_X86)\managed-any32.exe
@echo.
@echo ---- Trying x64 managed binary --------------------------
-$(BIND)\withdll.exe -d:$(BIND_X64)\tstman64.dll $(BIND)\managed-x64.exe
################################################################# End of File.

48
test/Detours/samples/tryman/managed.cs Normal file
View File

@@ -0,0 +1,48 @@
using System;
using System.Reflection;
using System.Runtime.InteropServices;
[assembly: AssemblyProduct("Microsoft Research Detours")]
[assembly: AssemblyCompany("Microsoft Corporation")]
[assembly: AssemblyVersion("1.0.0.0")]
public class Test
{
// [DllImport("kernel32.dll", CharSet=CharSet.Auto, SetLastError=true)]
// static extern IntPtr LoadLibrary([In, MarshalAs(UnmanagedType.LPStr)] string lpFileName);
[DllImport("kernel32", CharSet=CharSet.Auto, SetLastError=true)]
static extern IntPtr LoadLibrary(string lpFileName);
public static int Main()
{
if (IntPtr.Size == 4) {
Console.WriteLine(" *** Managed code with 32-bit runtime ({0})",
Environment.Version);
}
else if (IntPtr.Size == 8) {
Console.WriteLine(" *** Managed code with 64-bit runtime ({0})",
Environment.Version);
}
else {
Console.WriteLine(" *** Managed code of unknown IntPtr.Size: {0}", IntPtr.Size);
}
if (IntPtr.Size == 4) {
if (LoadLibrary("tstman32.dll") == (IntPtr)0) {
Console.WriteLine("--------: managed code failed to load tstman32.dll");
}
}
else {
if (LoadLibrary("tstman64.dll") == (IntPtr)0) {
Console.WriteLine("--------: managed code failed to load tstman64.dll");
}
}
return 0;
}
}

94
test/Detours/samples/tryman/size.cpp Normal file
View File

@@ -0,0 +1,94 @@
//////////////////////////////////////////////////////////////////////////////
//
// Detour Test Program (sleepold.cpp of sleepold.exe)
//
// Microsoft Research Detours Package
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#pragma warning(push)
#if _MSC_VER > 1400
#pragma warning(disable:6102 6103) // /analyze warnings
#endif
#include <strsafe.h>
#pragma warning(pop)
#include <detours.h>
int __cdecl main(int argc, char **argv)
{
STARTUPINFOA si;
PROCESS_INFORMATION pi;
CHAR szFullExe[MAX_PATH];
CHAR szCommand[MAX_PATH];
PCHAR pszFileExe;
PCHAR pszExe;
ZeroMemory(&si, sizeof(si));
ZeroMemory(&pi, sizeof(pi));
si.cb = sizeof(si);
if (argc != 2) {
printf("size" DETOURS_STRINGIFY(DETOURS_BITS) ".exe:"
" must take a single integer argument.\n");
fflush(stdout);
return 3;
}
int repeats = atoi(argv[1]);
if (repeats <= 0) {
printf("size" DETOURS_STRINGIFY(DETOURS_BITS) ".exe:"
" End of the road, repeats=0.\n");
fflush(stdout);
return 0;
}
if ((repeats % 2) == 0) {
#ifdef DETOURS_OPTION_BITS
pszExe = "size" DETOURS_STRINGIFY(DETOURS_OPTION_BITS) ".exe";
#else
pszExe = "size" DETOURS_STRINGIFY(DETOURS_BITS) ".exe";
#endif
}
else {
pszExe = "size" DETOURS_STRINGIFY(DETOURS_BITS) ".exe";
}
if (!SearchPathA(NULL, pszExe, ".exe", ARRAYSIZE(szFullExe), szFullExe, &pszFileExe)) {
pszExe = "size" DETOURS_STRINGIFY(DETOURS_BITS) ".exe";
SearchPathA(NULL, pszExe, ".exe", ARRAYSIZE(szFullExe), szFullExe, &pszFileExe);
}
StringCchPrintfA(szCommand, sizeof(szCommand), "%s %d", pszExe, repeats - 1);
printf("size" DETOURS_STRINGIFY(DETOURS_BITS) ".exe:"
" [%s]\n", szCommand);
fflush(stdout);
SetLastError(0);
if (!CreateProcessA(szFullExe[0] ? szFullExe : NULL, szCommand,
NULL, NULL, TRUE, 0, NULL, NULL, &si, &pi)) {
DWORD dwError = GetLastError();
printf("size" DETOURS_STRINGIFY(DETOURS_BITS) ".exe:"
" CreateProcess failed: %ld\n", dwError);
return 1;
}
WaitForSingleObject(pi.hProcess, INFINITE);
DWORD dwResult = 0;
if (!GetExitCodeProcess(pi.hProcess, &dwResult)) {
printf("size" DETOURS_STRINGIFY(DETOURS_BITS) ".exe:"
" GetExitCodeProcess failed: %ld\n", GetLastError());
return 9010;
}
return 0;
}
//
///////////////////////////////////////////////////////////////// End of File.

23
test/Detours/samples/tryman/tryman.cpp Normal file
View File

@@ -0,0 +1,23 @@
//////////////////////////////////////////////////////////////////////////////
//
// Detours Test Program (tryman.cpp of tryman.exe)
//
// Microsoft Research Detours Package
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
#include <windows.h>
extern int WINAPI Test3264(int arg);
int __cdecl main(int argc, char ** argv)
{
(void)argv;
int ret = 0;
ret = Test3264(argc);
return ret == 0 ? ret : 0;
}
//
///////////////////////////////////////////////////////////////// End of File.

334
test/Detours/samples/tryman/tstman.cpp Normal file
View File

@@ -0,0 +1,334 @@
//////////////////////////////////////////////////////////////////////////////
//
// Detours Test Program (tstman.cpp of tstman.dll)
//
// Microsoft Research Detours Package
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// This DLL doesn't detour any APIs, but it does enumerate the modules
// loaded in a process and look at their size and processor target.
//
#include <stdio.h>
#include <windows.h>
#pragma warning(push)
#if _MSC_VER > 1400
#pragma warning(disable:6102 6103) // /analyze warnings
#endif
#include <strsafe.h>
#pragma warning(pop)
#include "detours.h"
static HMODULE s_hInst = NULL;
static CHAR s_szDllPath[MAX_PATH];
static int (WINAPI * TrueEntryPoint)(VOID) = NULL;
static int (WINAPI * RawEntryPoint)(VOID) = NULL;
BOOL (WINAPI * Real_CreateProcessA)(LPCSTR a0,
LPSTR a1,
LPSECURITY_ATTRIBUTES a2,
LPSECURITY_ATTRIBUTES a3,
BOOL a4,
DWORD a5,
LPVOID a6,
LPCSTR a7,
struct _STARTUPINFOA* a8,
LPPROCESS_INFORMATION a9)
= CreateProcessA;
BOOL (WINAPI * Real_CreateProcessW)(LPCWSTR a0,
LPWSTR a1,
LPSECURITY_ATTRIBUTES a2,
LPSECURITY_ATTRIBUTES a3,
BOOL a4,
DWORD a5,
LPVOID a6,
LPCWSTR a7,
struct _STARTUPINFOW* a8,
LPPROCESS_INFORMATION a9)
= CreateProcessW;
BOOL WINAPI Mine_CreateProcessA(LPCSTR lpApplicationName,
LPSTR lpCommandLine,
LPSECURITY_ATTRIBUTES lpProcessAttributes,
LPSECURITY_ATTRIBUTES lpThreadAttributes,
BOOL bInheritHandles,
DWORD dwCreationFlags,
LPVOID lpEnvironment,
LPCSTR lpCurrentDirectory,
LPSTARTUPINFOA lpStartupInfo,
LPPROCESS_INFORMATION lpProcessInformation)
{
BOOL rv = 0;
__try {
rv = DetourCreateProcessWithDllExA(lpApplicationName,
lpCommandLine,
lpProcessAttributes,
lpThreadAttributes,
bInheritHandles,
dwCreationFlags,
lpEnvironment,
lpCurrentDirectory,
lpStartupInfo,
lpProcessInformation,
s_szDllPath,
Real_CreateProcessA);
} __finally {
};
return rv;
}
BOOL WINAPI Mine_CreateProcessW(LPCWSTR lpApplicationName,
LPWSTR lpCommandLine,
LPSECURITY_ATTRIBUTES lpProcessAttributes,
LPSECURITY_ATTRIBUTES lpThreadAttributes,
BOOL bInheritHandles,
DWORD dwCreationFlags,
LPVOID lpEnvironment,
LPCWSTR lpCurrentDirectory,
LPSTARTUPINFOW lpStartupInfo,
LPPROCESS_INFORMATION lpProcessInformation)
{
BOOL rv = 0;
__try {
rv = DetourCreateProcessWithDllExW(lpApplicationName,
lpCommandLine,
lpProcessAttributes,
lpThreadAttributes,
bInheritHandles,
dwCreationFlags,
lpEnvironment,
lpCurrentDirectory,
lpStartupInfo,
lpProcessInformation,
s_szDllPath,
Real_CreateProcessW);
} __finally {
};
return rv;
}
void DumpModuleInfo(HMODULE hModule)
{
PBYTE pbModule = (PBYTE)hModule;
PIMAGE_DOS_HEADER pidh = (PIMAGE_DOS_HEADER)pbModule;
PIMAGE_NT_HEADERS pinh = (PIMAGE_NT_HEADERS)(pbModule + pidh->e_lfanew);
CHAR szFile[MAX_PATH] = "";
GetModuleFileNameA(hModule, szFile, sizeof(szFile));
CHAR szMagic[64];
CHAR szMachine[64];
CHAR szClr[64];
PIMAGE_DATA_DIRECTORY pdir
= (pinh->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC)
? ((PIMAGE_NT_HEADERS32)pinh)->OptionalHeader.DataDirectory
: ((PIMAGE_NT_HEADERS64)pinh)->OptionalHeader.DataDirectory;
if (pdir[IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR].VirtualAddress != 0 &&
pdir[IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR].Size != 0) {
PDETOUR_CLR_HEADER pch
= (PDETOUR_CLR_HEADER)
(pbModule + pdir[IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR].VirtualAddress);
if ((pch->Flags & 0x3) == 0x0) {
StringCchPrintfA(szClr, ARRAYSIZE(szClr), "clr "); // 32- or 64-bit.
}
else if ((pch->Flags & 0x3) == 0x1) {
StringCchPrintfA(szClr, ARRAYSIZE(szClr), "clri "); // IL-Only, 32- or 64-bit.
}
else if ((pch->Flags & 0x3) == 0x2) {
StringCchPrintfA(szClr, ARRAYSIZE(szClr), "clr32 "); // must be 32-bit.
}
else if ((pch->Flags & 0x3) == 0x3) {
StringCchPrintfA(szClr, ARRAYSIZE(szClr), "clr32i"); // IL-Only, must be 32-bit.
}
}
else {
StringCchPrintfA(szClr, ARRAYSIZE(szClr), " ");
}
if (pinh->OptionalHeader.Magic == 0x10b) {
StringCchPrintfA(szMagic, ARRAYSIZE(szMagic), "32");
}
else if (pinh->OptionalHeader.Magic == 0x20b) {
StringCchPrintfA(szMagic, ARRAYSIZE(szMagic), "64");
}
else {
StringCchPrintfA(szMagic, ARRAYSIZE(szMagic), "??");
}
if (pinh->FileHeader.Machine == 0x8664) {
StringCchPrintfA(szMachine, ARRAYSIZE(szMachine), "x64", pinh->FileHeader.Machine);
}
else if (pinh->FileHeader.Machine == 0x014c) {
StringCchPrintfA(szMachine, ARRAYSIZE(szMachine), "x86", pinh->FileHeader.Machine);
}
else if (pinh->FileHeader.Machine == 0x0200) {
StringCchPrintfA(szMachine, ARRAYSIZE(szMachine), "i64", pinh->FileHeader.Machine);
}
else if (pinh->FileHeader.Machine == 0x01c0) {
StringCchPrintfA(szMachine, ARRAYSIZE(szMachine), "arm", pinh->FileHeader.Machine);
}
else {
StringCchPrintfA(szMachine, ARRAYSIZE(szMachine), "%04x", pinh->FileHeader.Machine);
DWORD dwSize = DetourGetSizeOfPayloads(hModule);
if (dwSize > 0) {
StringCchPrintfA(szMachine, ARRAYSIZE(szMachine), " ");
StringCchPrintfA(szFile, ARRAYSIZE(szFile), "-- %d byte payload.", dwSize);
}
}
printf("%16I64x: %s %s %s %s\n", (ULONG64)hModule, szMagic, szMachine, szClr, szFile);
}
void DumpMemory(PBYTE pbData, DWORD cbData)
{
for (DWORD i = 0; i < cbData; i += 16) {
printf(" %p:", pbData + i);
for (DWORD j = 0; j < 16; j++) {
if (i + j < cbData) {
printf("%02x", pbData[i+j]);
}
else {
printf(" ");
}
}
printf(" ");
for (DWORD j = 0; j < 16; j++) {
if (i + j < cbData) {
if ( pbData[i+j] >= ' ' && pbData[i+j] < 127) {
printf("%c", pbData[i+j]);
}
else {
printf(".");
}
}
else {
printf(" ");
}
}
printf("\n");
}
}
int WINAPI Test3264(int arg)
{
return arg + 1;
}
int WINAPI TestEntryPoint(VOID)
{
#if DETOURS_64BIT
printf("----------------: ");
#else
printf("--------: ");
#endif
printf("Calling EntryPoint() from detour.\n");
fflush(stdout);
return TrueEntryPoint();
}
BOOL WINAPI DllMain(HINSTANCE hinst, DWORD dwReason, LPVOID reserved)
{
(void)hinst;
(void)reserved;
if (DetourIsHelperProcess()) {
return TRUE;
}
if (dwReason == DLL_PROCESS_ATTACH) {
DetourRestoreAfterWith();
s_hInst = hinst;
GetModuleFileNameA(s_hInst, s_szDllPath, ARRAYSIZE(s_szDllPath));
#if DETOURS_64BIT
printf("----------------: ");
#else
printf("--------: ");
#endif
SYSTEM_INFO si;
GetSystemInfo(&si);
if (si.wProcessorArchitecture == 9) {
printf("x64 Processor\n");
}
else if (si.wProcessorArchitecture == 0) {
printf("x86 Processor\n");
}
else if (si.wProcessorArchitecture == 6) {
printf("ia64 Processor\n");
}
else {
printf("%04x Processor\n", si.wProcessorArchitecture);
}
HMODULE hSelf = GetModuleHandle(NULL);
HMODULE hTest = (HMODULE)DetourGetContainingModule(DetourCodeFromPointer(Test3264, NULL));
HMODULE hKern = (HMODULE)DetourGetContainingModule(DetourCodeFromPointer(CreateProcessW, NULL));
DumpModuleInfo(hSelf);
DumpModuleInfo(hTest);
DumpModuleInfo(hKern);
for (HINSTANCE hInst = NULL; (hInst = DetourEnumerateModules(hInst)) != NULL;) {
if (hInst == hSelf || hInst == hTest || hInst == hKern) {
continue;
}
DumpModuleInfo(hInst);
}
fflush(stdout);
TrueEntryPoint = (int (WINAPI *)(VOID))DetourGetEntryPoint(NULL);
RawEntryPoint = TrueEntryPoint;
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)TrueEntryPoint, TestEntryPoint);
DetourAttach(&(PVOID&)Real_CreateProcessA, Mine_CreateProcessA);
DetourAttach(&(PVOID&)Real_CreateProcessW, Mine_CreateProcessW);
LONG error = DetourTransactionCommit();
#if DETOURS_64BIT
printf("----------------: ");
#else
printf("--------: ");
#endif
if (error == NO_ERROR) {
printf("Detoured EntryPoint().\n");
}
else {
printf("Error detouring EntryPoint(): %ld (@ %p)\n", error, RawEntryPoint);
__debugbreak();
}
}
else if (dwReason == DLL_PROCESS_DETACH) {
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)TrueEntryPoint, TestEntryPoint);
DetourDetach(&(PVOID&)Real_CreateProcessA, Mine_CreateProcessA);
DetourDetach(&(PVOID&)Real_CreateProcessW, Mine_CreateProcessW);
LONG error = DetourTransactionCommit();
if (error != NO_ERROR) {
printf("Error detach detours failed: %ld\n", error);
}
}
return TRUE;
}
//
///////////////////////////////////////////////////////////////// End of File.

17
test/Detours/samples/tryman/tstman.rc Normal file
View File

@@ -0,0 +1,17 @@
//////////////////////////////////////////////////////////////////////////////
//
// Version information for tstman.rc.
//
// Microsoft Research Detours Package
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
#include "detver.h"
#define VER_INTERNALNAME_STR "tstman" DETOURS_STRINGIFY(DETOURS_BITS)
#define VER_ORIGINALFILENAME_STR "tstman" DETOURS_STRINGIFY(DETOURS_BITS) ".dll"
#define VER_FILEDESCRIPTION_STR "Detours 32/64-bit Test Module"
#define VER_COMPANYNAME_STR "Microsoft Corporation"
#include "common.ver"