7 年之前 · 51118baca8
--- a/hook_tests.sln
+++ b/hook_tests.sln
@@ -3,7 +3,7 @@ Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio 14
 VisualStudioVersion = 14.0.25420.1
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "hook_tests", "hook_tests\hook_tests.vcxproj", "{81248D42-942D-422C-B2B9-E4A94FAAEBAE}"
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "test_cases", "test_cases\test_cases.vcxproj", "{8C444ABC-D25C-4B44-8F27-081B464D9AE4}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -13,14 +13,14 @@ Global
 		Release|x86 = Release|x86
 	EndGlobalSection
 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
 		{81248D42-942D-422C-B2B9-E4A94FAAEBAE}.Debug|x64.ActiveCfg = Debug|x64
 		{81248D42-942D-422C-B2B9-E4A94FAAEBAE}.Debug|x64.Build.0 = Debug|x64
 		{81248D42-942D-422C-B2B9-E4A94FAAEBAE}.Debug|x86.ActiveCfg = Debug|Win32
 		{81248D42-942D-422C-B2B9-E4A94FAAEBAE}.Debug|x86.Build.0 = Debug|Win32
 		{81248D42-942D-422C-B2B9-E4A94FAAEBAE}.Release|x64.ActiveCfg = Release|x64
 		{81248D42-942D-422C-B2B9-E4A94FAAEBAE}.Release|x64.Build.0 = Release|x64
 		{81248D42-942D-422C-B2B9-E4A94FAAEBAE}.Release|x86.ActiveCfg = Release|Win32
 		{81248D42-942D-422C-B2B9-E4A94FAAEBAE}.Release|x86.Build.0 = Release|Win32
 		{8C444ABC-D25C-4B44-8F27-081B464D9AE4}.Debug|x64.ActiveCfg = Debug|x64
 		{8C444ABC-D25C-4B44-8F27-081B464D9AE4}.Debug|x64.Build.0 = Debug|x64
 		{8C444ABC-D25C-4B44-8F27-081B464D9AE4}.Debug|x86.ActiveCfg = Debug|Win32
 		{8C444ABC-D25C-4B44-8F27-081B464D9AE4}.Debug|x86.Build.0 = Debug|Win32
 		{8C444ABC-D25C-4B44-8F27-081B464D9AE4}.Release|x64.ActiveCfg = Release|x64
 		{8C444ABC-D25C-4B44-8F27-081B464D9AE4}.Release|x64.Build.0 = Release|x64
 		{8C444ABC-D25C-4B44-8F27-081B464D9AE4}.Release|x86.ActiveCfg = Release|Win32
 		{8C444ABC-D25C-4B44-8F27-081B464D9AE4}.Release|x86.Build.0 = Release|Win32
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
--- a/test_cases/README.md
+++ b/test_cases/README.md
@@ -6,8 +6,10 @@ engines (on windows) are. I'll try to write various functions, that are hard to
 patch and then see how each hooking engine does.

 I'll test:
 * [EasyHook]()
 * [PolyHook]()
 * [EasyHook](https://easyhook.github.io/)
 * [PolyHook](https://github.com/stevemk14ebr/PolyHook)
 * [MinHook](https://www.codeproject.com/Articles/44326/MinHook-The-Minimalistic-x-x-API-Hooking-Libra)
 * [Mhook](http://codefromthe70s.org/mhook24.aspx)

 (I'd like to test detours, but I'm not willing to pay for it. So that isn't
 tested :( )
@@ -19,13 +21,17 @@ some self protection features (or other software on the system provides that,
 e.g. Trustee Rapport)

 Evaluating how the hooking engines stack up against that is not the goal here.
 This is just about the challenges the function to be hooked itself poses.
 Neither are non-functional criteria, like how fast it is or how much memory it
 needs for each hook. This is just about the challenges the function to be
 hooked itself poses.

 Namely:
 * Are jumps relocated?
 * What about RIP adressing?
 * If it's a tail recurisve function, does the hooking engine handle it?
 * If there's a loop at the beginning / if it's a tail recurisve function, does
  the hooking engine handle it?
 * How good is the dissassembler, how many instructions does it know?
 * Can it hook already hooked functions?

 Test cases
 ==========
--- a/test_cases/advanced_instructions.asm
+++ b/test_cases/advanced_instructions.asm
--- a/test_cases/advanced_instructions.h
+++ b/test_cases/advanced_instructions.h
@@ -6,10 +6,10 @@ extern "C" {
 	* @param num: the number of which the square root shall be taken
 	* @param res: where the 4 results shall be written
 	*/
 	void _AVX(float num, void* res);
 	void _declspec(dllexport) _AVX(float num, void* res);

 	/**
 	 * Just a wrapper around RDRAND
 	 */
 	uint32_t _RDRAND(void);
 	uint32_t _declspec(dllexport) _RDRAND(void);
 }
--- a/test_cases/assemble.ps1
+++ b/test_cases/assemble.ps1
@@ -0,0 +1,7 @@
 $fasm = "U:\fasm\fasm.exe"
 $files = gci -r -File | where {$_.extension -eq ".asm"}
 Foreach ($i in $files)
 {
 	Write-Host $i.Name
 	& $fasm $i.Name
 }
--- a/test_cases/backwards.asm
+++ b/test_cases/backwards.asm
--- a/test_cases/backwards.h
+++ b/test_cases/backwards.h
@@ -6,12 +6,12 @@ extern "C" {
 	* @param num
 	* @param cnt
 	*/
 	uint32_t _loop(uint32_t num, uint32_t cnt);
 	uint32_t _declspec(dllexport) _loop(uint32_t num, uint32_t cnt);

 	/**
 	* Computes factorial
 	*
 	* @param x
 	*/
 	uint32_t _tail_recursion(uint32_t x);
 	uint32_t _declspec(dllexport) _tail_recursion(uint32_t x);
 }
--- a/test_cases/catch.hpp
+++ b/test_cases/catch.hpp
--- a/test_cases/main.cpp
+++ b/test_cases/main.cpp
@@ -1,11 +1,19 @@
 #include <stdint.h>
 #include <iostream>

 #define CATCH_CONFIG_MAIN
 #define CATCH_CONFIG_RUNNER
 #include "catch.hpp"
 #include "simple_tests.h"
 #include "advanced_instructions.h"
 #include "backwards.h"
 #include "test_cases.h"

 /*#pragma comment(lib, "advanced_instructions.obj")
 #pragma comment(lib, "simple_tests.obj")
 #pragma comment(lib, "backwards.obj")*/

 static Catch::Session session;

 _declspec(dllexport) void SelfTest() {
 	session.run();
 }

 TEST_CASE("Simple functions work as expected, unhooked") {
 	REQUIRE(_small() == 0);
--- a/test_cases/simple_tests.asm
+++ b/test_cases/simple_tests.asm
--- a/test_cases/simple_tests.h
+++ b/test_cases/simple_tests.h
@@ -3,7 +3,7 @@ extern "C" {
 	/**
 	 * A small function, that always returns 0
 	 */
 	uint64_t _small(void);
 	uint64_t _declspec(dllexport) _small(void);

 	/**
 	 * This function checks if the parameter is even or odd, and then
@@ -14,7 +14,7 @@ extern "C" {
 	 *
 	 * @param Number to be checked
 	 */
 	uint64_t _branch(uint64_t);
 	uint64_t _declspec(dllexport) _branch(uint64_t);

 	/**
 	 * Replicates the MSVCRT rand().
@@ -27,5 +27,5 @@ extern "C" {
 	 * return( ((seed = seed * 214013L
     *       + 2531011L) >> 16) & 0x7fff );
 	 */
 	uint64_t _rip_relative(void);
 	uint64_t _declspec(dllexport) _rip_relative(void);
 };
--- a/test_cases/test_cases.h
+++ b/test_cases/test_cases.h
@@ -0,0 +1,6 @@
 #pragma once
 #include "simple_tests.h"
 #include "backwards.h"
 #include "advanced_instructions.h"

 _declspec(dllexport) void SelfTest();
--- a/test_cases/test_cases.vcxproj
+++ b/test_cases/test_cases.vcxproj
@@ -19,33 +19,33 @@
    </ProjectConfiguration>
  </ItemGroup>
  <PropertyGroup Label="Globals">
    <ProjectGuid>{81248D42-942D-422C-B2B9-E4A94FAAEBAE}</ProjectGuid>
    <ProjectGuid>{8C444ABC-D25C-4B44-8F27-081B464D9AE4}</ProjectGuid>
    <Keyword>Win32Proj</Keyword>
    <RootNamespace>hook_tests</RootNamespace>
    <RootNamespace>test_cases</RootNamespace>
    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <ConfigurationType>DynamicLibrary</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <PlatformToolset>v140</PlatformToolset>
    <CharacterSet>Unicode</CharacterSet>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <ConfigurationType>DynamicLibrary</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <PlatformToolset>v140</PlatformToolset>
    <WholeProgramOptimization>true</WholeProgramOptimization>
    <CharacterSet>Unicode</CharacterSet>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <ConfigurationType>DynamicLibrary</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <PlatformToolset>v140</PlatformToolset>
    <CharacterSet>Unicode</CharacterSet>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <ConfigurationType>DynamicLibrary</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <PlatformToolset>v140</PlatformToolset>
    <WholeProgramOptimization>true</WholeProgramOptimization>
@@ -87,11 +87,11 @@
      </PrecompiledHeader>
      <WarningLevel>Level3</WarningLevel>
      <Optimization>Disabled</Optimization>
      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
      <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;TEST_CASES_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
      <SDLCheck>true</SDLCheck>
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
      <SubSystem>Windows</SubSystem>
      <GenerateDebugInformation>true</GenerateDebugInformation>
    </Link>
  </ItemDefinitionGroup>
@@ -101,11 +101,11 @@
      </PrecompiledHeader>
      <WarningLevel>Level3</WarningLevel>
      <Optimization>Disabled</Optimization>
      <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
      <PreprocessorDefinitions>_DEBUG;_WINDOWS;_USRDLL;TEST_CASES_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
      <SDLCheck>true</SDLCheck>
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
      <SubSystem>Windows</SubSystem>
      <GenerateDebugInformation>true</GenerateDebugInformation>
    </Link>
  </ItemDefinitionGroup>
@@ -117,11 +117,11 @@
      <Optimization>MaxSpeed</Optimization>
      <FunctionLevelLinking>true</FunctionLevelLinking>
      <IntrinsicFunctions>true</IntrinsicFunctions>
      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;TEST_CASES_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
      <SDLCheck>true</SDLCheck>
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
      <SubSystem>Windows</SubSystem>
      <EnableCOMDATFolding>true</EnableCOMDATFolding>
      <OptimizeReferences>true</OptimizeReferences>
      <GenerateDebugInformation>true</GenerateDebugInformation>
@@ -135,31 +135,40 @@
      <Optimization>MaxSpeed</Optimization>
      <FunctionLevelLinking>true</FunctionLevelLinking>
      <IntrinsicFunctions>true</IntrinsicFunctions>
      <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
      <PreprocessorDefinitions>NDEBUG;_WINDOWS;_USRDLL;TEST_CASES_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
      <SDLCheck>true</SDLCheck>
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
      <SubSystem>Windows</SubSystem>
      <EnableCOMDATFolding>true</EnableCOMDATFolding>
      <OptimizeReferences>true</OptimizeReferences>
      <GenerateDebugInformation>true</GenerateDebugInformation>
      <AdditionalDependencies>backwards.obj;simple_tests.obj;advanced_instructions.obj;%(AdditionalDependencies)</AdditionalDependencies>
    </Link>
    <PreBuildEvent>
      <Command>$(MSBuildProjectDirectory)\assemble.ps</Command>
    </PreBuildEvent>
    <PreBuildEvent>
      <Message>Assemble all .asm files using FASM</Message>
    </PreBuildEvent>
  </ItemDefinitionGroup>
  <ItemGroup>
    <None Include="advanced_instructions.asm" />
    <None Include="assemble.ps1" />
    <None Include="backwards.asm" />
    <None Include="README.md" />
    <None Include="simple_tests.asm" />
  </ItemGroup>
  <ItemGroup>
    <ClInclude Include="advanced_instructions.h" />
    <ClInclude Include="backwards.h" />
    <ClInclude Include="catch.hpp" />
    <ClInclude Include="simple_tests.h" />
    <ClInclude Include="test_cases.h" />
  </ItemGroup>
  <ItemGroup>
    <ClCompile Include="main.cpp" />
  </ItemGroup>
  <ItemGroup>
    <None Include="advanced_instructions.asm" />
    <None Include="backwards.asm" />
    <None Include="README.md" />
    <None Include="simple_tests.asm" />
  </ItemGroup>
  <ItemGroup>
    <Object Include="advanced_instructions.obj" />
    <Object Include="backwards.obj" />
--- a/test_cases/test_cases.vcxproj.filters
+++ b/test_cases/test_cases.vcxproj.filters
@@ -15,16 +15,34 @@
    </Filter>
  </ItemGroup>
  <ItemGroup>
    <ClInclude Include="catch.hpp">
    <None Include="assemble.ps1">
      <Filter>Source Files</Filter>
    </None>
    <None Include="advanced_instructions.asm">
      <Filter>Source Files</Filter>
    </None>
    <None Include="backwards.asm">
      <Filter>Source Files</Filter>
    </None>
    <None Include="simple_tests.asm">
      <Filter>Source Files</Filter>
    </None>
    <None Include="README.md" />
  </ItemGroup>
  <ItemGroup>
    <ClInclude Include="advanced_instructions.h">
      <Filter>Header Files</Filter>
    </ClInclude>
    <ClInclude Include="simple_tests.h">
    <ClInclude Include="backwards.h">
      <Filter>Header Files</Filter>
    </ClInclude>
    <ClInclude Include="advanced_instructions.h">
    <ClInclude Include="catch.hpp">
      <Filter>Header Files</Filter>
    </ClInclude>
    <ClInclude Include="backwards.h">
    <ClInclude Include="simple_tests.h">
      <Filter>Header Files</Filter>
    </ClInclude>
    <ClInclude Include="test_cases.h">
      <Filter>Header Files</Filter>
    </ClInclude>
  </ItemGroup>
@@ -34,20 +52,8 @@
    </ClCompile>
  </ItemGroup>
  <ItemGroup>
    <None Include="simple_tests.asm">
      <Filter>Source Files</Filter>
    </None>
    <None Include="README.md" />
    <None Include="advanced_instructions.asm">
      <Filter>Source Files</Filter>
    </None>
    <None Include="backwards.asm">
      <Filter>Source Files</Filter>
    </None>
  </ItemGroup>
  <ItemGroup>
    <Object Include="simple_tests.obj" />
    <Object Include="advanced_instructions.obj" />
    <Object Include="backwards.obj" />
    <Object Include="simple_tests.obj" />
  </ItemGroup>
 </Project>