Public-Mirror/Textractor
1
0
Fork 1
mirror of https://github.com/Artikash/Textractor.git synced 2024-12-24 01:14:12 +08:00
Code Issues Projects Releases Wiki Activity

prepare for x64 someday

Browse Source
This commit is contained in:
Akash Mozumdar 2018-08-26 15:14:45 -04:00
parent 6d670324f5
commit 0e0d44961c
2 changed files with 53 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
vnrhook/hijack/texthook.cc
View File

@ -25,8 +25,8 @@ TextHook *hookman;
// - Unnamed helpers - // - Unnamed helpers -
#ifndef _WIN64
namespace { // unnamed namespace { // unnamed
#ifndef _WIN64
const BYTE common_hook[] = { const BYTE common_hook[] = {
0x9c, // pushfd 0x9c, // pushfd
@ -78,9 +78,49 @@ namespace { // unnamed
retn // jichi 12/13/2013: return near, see: http://stackoverflow.com/questions/1396909/ret-retn-retf-how-to-use-them retn // jichi 12/13/2013: return near, see: http://stackoverflow.com/questions/1396909/ret-retn-retf-how-to-use-them
} }
} }
#else
const BYTE common_hook[] = {
0x9c, // push rflags
0x50, // push rax
0x53, // push rbx
0x51, // push rcx
0x52, // push rdx
0x54, // push rsp
0x55, // push rbp
0x56, // push rsi
0x57, // push rdi
0x41, 0x50, // push r8
0x41, 0x51, // push r9
0x41, 0x52, // push r10
0x41, 0x53, // push r11
0x41, 0x54, // push r12
0x41, 0x55, // push r13
0x41, 0x56, // push r14
0x41, 0x57, // push r15
0x48, 0x8b, 0xd4, // mov rdx,rsp
0x48, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, // mov rcx, ?? ; pointer to TextHook
0xff, 0x15, 0x02, 0x0, 0x0, 0x0, 0xeb, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, // call TextHook::Send
0x41, 0x5f, // pop r15
0x41, 0x5e, // pop r14
0x41, 0x5d, // pop r13
0x41, 0x5c, // pop r12
0x41, 0x5b, // pop r11
0x41, 0x5a, // pop r10
0x41, 0x59, // pop r9
0x41, 0x58, // pop r8
0x5f, // pop rdi
0x5e, // pop rsi
0x5d, // pop rbp
0x5c, // pop rsp
0x5a, // pop rdx
0x59, // pop rcx
0x5b, // pop rbx
0x58, // pop rax
0x9d, // pop rflags
0xff, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 // jmp @original
};
#endif
} // unnamed namespace } // unnamed namespace
#endif // _WIN32
// - TextHook methods - // - TextHook methods -
@ -235,6 +275,15 @@ bool TextHook::UnsafeInsertHookCode()
memcpy(trampoline + 15, &funcPtr, sizeof(void*)); memcpy(trampoline + 15, &funcPtr, sizeof(void*));
memcpy(trampoline + sizeof(common_hook), &dist, sizeof(dist)); memcpy(trampoline + sizeof(common_hook), &dist, sizeof(dist));
//BYTE* original;
//MH_CreateHook((void*)hp.address, (void*)trampoline, (void**)&original);
//memcpy(trampoline, common_hook, sizeof(common_hook));
//void* thisPtr = (void*)this;
//memcpy(trampoline + 30, &thisPtr, sizeof(void*));
//auto sendPtr = (void(TextHook::*)(void*))&TextHook::Send;
//memcpy(trampoline + 46, &sendPtr, sizeof(sendPtr));
//memcpy(trampoline + sizeof(common_hook) - 8, &original, sizeof(void*));
if (MH_EnableHook((void*)hp.address) != MH_OK) return false; if (MH_EnableHook((void*)hp.address) != MH_OK) return false;
return true; return true;

2
vnrhook/hijack/texthook.h
View File

@ -29,7 +29,7 @@ public:
HookParam hp; HookParam hp;
LPSTR hook_name; LPSTR hook_name;
int name_length; int name_length;
BYTE trampoline[80]; BYTE trampoline[120];
bool InsertHook(); bool InsertHook();
void InitHook(const HookParam &hp, LPCSTR name = 0, WORD set_flag = 0); void InitHook(const HookParam &hp, LPCSTR name = 0, WORD set_flag = 0);