forked from nogginware/mstscdump
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathNWHookAPI.h
132 lines (98 loc) · 2.62 KB
/
NWHookAPI.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
//======================================================================
//
// NWHookAPI.h
//
// Copyright (C) 2014 Nogginware Corporation
//
// Enables hooking of Windows system calls.
//
// Change History:
//
// 19-Feb-2014 Mike McDonald
// Initial release.
//
//======================================================================
#ifndef NWHookAPI_H
#define NWHookAPI_H
////////////////////////////////////////////////////////////////////////
//
// Microsoft Detours
//
#if defined(USE_DETOURS)
#define NWHOOKAPI_HOOK(_type, _name) _type _name
#define NWHOOKAPI_CALL(_name) (_name)
#if defined(_X86_)
#include "detours15\detours.h"
#define NWHOOKAPI_BEGIN
#define NWHOOKAPI_COMMIT
#define NWHOOKAPI_ATTACH(_proc, _type, _real, _hook) \
{ \
_real = (_type)DetourFunction((PBYTE)_proc, (PBYTE)_hook); \
}
#define NWHOOKAPI_DETACH(_real, _hook) \
{ \
if (_real) DetourRemove((PBYTE)_real, (PBYTE)_hook); \
}
#elif defined(_AMD64_)
#include "detours21\detours.h"
#define NWHOOKAPI_BEGIN \
{ \
DetourTransactionBegin(); \
DetourUpdateThread(GetCurrentThread()); \
}
#define NWHOOKAPI_COMMIT DetourTransactionCommit()
#define NWHOOKAPI_ATTACH(_proc, _type, _real, _hook) \
{ \
_real = (_type)_proc; \
if (_real) DetourAttach(&(PVOID&)_real, _hook); \
}
#define NWHOOKAPI_DETACH(_real, _hook) \
{ \
if (_real) DetourDetach(&(PVOID&)_real, _hook); \
}
#else
**** _X86_ or _AMD64_ must be defined for Detours hooking
#endif
////////////////////////////////////////////////////////////////////////
//
// Deviare
//
#elif defined(USE_DEVIARE)
#include "deviare\NktHookLib.h"
static CNktHookLib cNktHookMgr;
#define NWHOOKAPI_HOOK(_type, _name) \
struct { \
SIZE_T nHookId; \
_type pProcAddr; \
} _name = { 0, NULL };
#define NWHOOKAPI_CALL(_name) (_name.pProcAddr)
#define NWHOOKAPI_BEGIN
#define NWHOOKAPI_COMMIT
#define NWHOOKAPI_ATTACH(_proc, _type, _real, _hook) \
{ \
_type _addr = (_type)_proc; \
if (_addr) cNktHookMgr.Hook(&_real.nHookId, (LPVOID *)&_real.pProcAddr, _proc, _hook); \
}
#define NWHOOKAPI_DETACH(_real, _hook) \
{ \
cNktHookMgr.Unhook(_real.nHookId); \
}
////////////////////////////////////////////////////////////////////////
//
// Custom API
//
#else
#define NWHOOKAPI_HOOK(_type, _name) _type _name
#define NWHOOKAPI_CALL(_name) (_name)
#define NWHOOKAPI_BEGIN
#define NWHOOKAPI_COMMIT
#define NWHOOKAPI_ATTACH(_proc, _type, _real, _hook) _real = (_type)NWHookCreate(_proc, _hook)
#define NWHOOKAPI_DETACH(_real, _hook) NWHookDelete(_real)
#ifdef __cplusplus
extern "C" {
LPVOID NWHookCreate(LPVOID lpOrigFunction, LPVOID lpHookFunction);
VOID NWHookDelete(LPVOID lpHook);
}
#endif
#endif
#endif