gpt4 book ai didi

c++ - 绕过 DrawText

转载 作者:搜寻专家 更新时间:2023-10-31 02:00:53 25 4
gpt4 key购买 nike

我已经下载并编译了 Microsoft 迂回库。在我的项目中,我包含了头文件并添加了 .lib 文件作为依赖项。一切都编译无误。现在我一直在尝试绕过 DrawText,但由于某种原因根本没有调用绕过的函数。类似地,我尝试绕过 Sleep 函数,它按预期工作,并且调用了我绕过的函数。

我不太精通 API 编程业务或任何其他低级别事件。我怀疑这可能与我试图在控制台应用程序中执行此操作而不是在 DLL 中完成绕行这一事实有关。我只是觉得奇怪,在那种情况下它能够绕过 Sleep。

是我的方法有问题还是代码出了问题?

#include <windows.h>
#include <stdio.h>
#include "detours.h"

int ( WINAPI *Real_DrawText )(HDC a0, LPCSTR a1, int a2, LPRECT a3, UINT a4) = DrawTextA;

int Mine_DrawText(HDC hdc, LPCSTR text, int nCount, LPRECT lpRect, UINT uOptions)
{
printf("TEST");
return Real_DrawText(hdc, text, nCount, lpRect, uOptions);
}

int main(int argc, char **argv)
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)Real_DrawText, Mine_DrawText);
DetourTransactionCommit();
printf("Calling Sleep\n");
Sleep(1000);
printf("Second callout");
Sleep(5000);

DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)Real_DrawText, Mine_DrawText);
DetourTransactionCommit();
return 0;
}

最佳答案

根据您的代码示例,您似乎只是在绕过自己的流程。因此绕行 DrawText 不会输出任何内容。也许,您需要将代码注入(inject)所需目标的进程内存,并绕过那里的 API 调用。例如,您可以创建系统范围的 CBT Hook ,它可以作为满足您绕行需求的启动点。像这样,给你指明方向:

LRESULT CALLBACK CBTProcedure(int nCode, WPARAM wParam, LPARAM lParam){        if (nCode < 0)                return CallNextHookEx(g_hHook, nCode, wParam, lParam);        else if (!g_pClient)                return 0;        HWND hWnd = (HWND)wParam;        if (!hWnd)                return 0;        switch (nCode) {                case HCBT_ACTIVATE:                        /** Here, you can check up against the handle to see,                          * if the target window is the one you're looking for...                          *                          */                        if (!g_pClient->IsRegisteredWindow(hWnd))                                if (g_pClient->RegisterWindow(hWnd)) {                                }                break;                case HCBT_DESTROYWND:                        if (g_pClient->IsRegisteredWindow(hWnd))                                g_pClient->UnregisterWindow(hWnd);                break;        }        return 0;}bool __0XYOUROWN_API InstallHook(){        // Call this one from your main process; set's up the system-wide hook.        g_hHook = SetWindowsHookEx(WH_CBT, (HOOKPROC)CBTProcedure, g_hInstance, 0);        /** #pragma data_seg("Shared")          *         HHOOK g_hHook = NULL;          * #pragma data_seg()          */        return g_hHook != NULL;}/** The actual DLL...  *  *  */BOOL APIENTRY DllMain(HANDLE hModule, DWORD ul_reason_for_call, LPVOID lpReserved){        switch (ul_reason_for_call) {                case DLL_PROCESS_ATTACH:                        g_hInstance = (HINSTANCE)hModule;                        if (::GetModuleHandle(_T("THEDESIREDMODULE.EXE")) != NULL) {                                g_pClient = new Client();                                if (g_pClient) {                                        InitializeCriticalSection(&g_CriticalSection); // You can setup a critic. sec. for later synchronization...                                        DetourTransactionBegin();                                        DetourUpdateThread(GetCurrentThread());                                        DetourAttach(&(PVOID&)Real_DrawTextW, Mine_DrawTextW);                                        DetourTransactionCommit();                                }                        }                break;                case DLL_THREAD_ATTACH: break;                case DLL_THREAD_DETACH: break;                case DLL_PROCESS_DETACH:                        if (::GetModuleHandle(_T("THEDESIREDMODULE.EXE")) != NULL) {                                if (g_pClient) {                                        DetourTransactionBegin();                                         DetourUpdateThread(GetCurrentThread());                                        DetourDetach(&(PVOID&)Real_DrawTextW, Mine_DrawTextW);                                        DetourTransactionCommit();                                        delete g_pClient;                                        g_pClient = NULL;                                }                        }                break;        }}

关于c++ - 绕过 DrawText,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/1401081/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com