Closed djn3m0 closed 3 years ago
You need to keep wfAddr
around, that's the pointer to the real WriteFile
. Otherwise using GetProcAddress
now returns a pointer to your hooked function.
First I had GerProcAddress inside DLL_PROCESS_ATTACH
, now I moved it out but I still have the same issue! I get OutputDebugStringA("WriteFile called\n");
called infinitely!
BOOL (WINAPI* Real_WriteFile)(HANDLE, LPCVOID, DWORD, LPDWORD, LPOVERLAPPED) = WriteFile;
BOOL WINAPI HookedWriteFile(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped)
{
OutputDebugStringA("WriteFile called\n");
return Real_WriteFile(hFile, lpBuffer, nNumberOfBytesToWrite, lpNumberOfBytesWritten, lpOverlapped);
}
BOOL WINAPI DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID p)
{
LPVOID wfAddr;
wfAddr = (LPVOID)GetProcAddress(GetModuleHandleA("kernel32.dll"), "WriteFile");
switch (dwReason)
{
case DLL_PROCESS_ATTACH:
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&wfAddr, HookedWriteFile);
LONG lError = DetourTransactionCommit();
if (lError != NO_ERROR) {
OutputDebugStringA("FAILED\n");
}
}
break;
Please let me know how i can fix this issue?
Thanks
auto Real_WriteFile = reinterpret_cast<BOOL (WINAPI*)(HANDLE, LPCVOID, DWORD, LPDWORD, LPOVERLAPPED)>(GetProcAddress(GetModuleHandleA("kernel32.dll"), "WriteFile"));
BOOL WINAPI HookedWriteFile(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped)
{
OutputDebugStringA("WriteFile called\n");
return Real_WriteFile(hFile, lpBuffer, nNumberOfBytesToWrite, lpNumberOfBytesWritten, lpOverlapped);
}
BOOL WINAPI DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID p)
{
switch (dwReason)
{
case DLL_PROCESS_ATTACH:
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&Real_WriteFile, HookedWriteFile);
LONG lError = DetourTransactionCommit();
if (lError != NO_ERROR) {
OutputDebugStringA("FAILED\n");
}
}
break;
}
}
Thanks, that solved my issue.
Hi,
I see sample codes that gets the real function address for hooking like,
But for hooking some functions I need to get address by calling GetProcAddress like,
But it seems that will take me in an infinite loop! My hook function just kept getting called with and the application was unresponsive! If I get the function address using the prototype as in the first snippet then it will work just fine.
How can I hook a function when I can only get its address using
GetModuleHandleA
andGetProcAddress
?Thanks