From 90a7e57dd794c3046eadd5aa07b95cc20b8d1215 Mon Sep 17 00:00:00 2001
From: aaaaaa aaaaaaa <a@bc.de>
Date: Wed, 27 Dec 2017 20:37:03 +0100
Subject: [PATCH] polyhook

---
 tester/main.cpp               |  4 +-
 tester/polyhook.cpp           | 87 +++++++++++++++++++++++++++++++++++
 tester/polyhook.h             | 63 +++++++++++++++++++++++++
 tester/tester.vcxproj         |  5 ++
 tester/tester.vcxproj.filters |  9 ++++
 5 files changed, 167 insertions(+), 1 deletion(-)
 create mode 100644 tester/polyhook.cpp
 create mode 100644 tester/polyhook.h

diff --git a/tester/main.cpp b/tester/main.cpp
index a5f59b1..446bc05 100644
--- a/tester/main.cpp
+++ b/tester/main.cpp
@@ -8,11 +8,13 @@
 
 #pragma comment(lib, "..\\x64\\debug\\test_cases.lib")
 
-extern AbstractHookEngine* g_mhook;
+extern AbstractHookEngine* g_mhook,
+	*g_PolyHook;
 
 int main(int argc, char** argv) {
 	AbstractHookEngine* engines[] = {
 		g_mhook,
+		g_PolyHook
 	};
 
 	for(auto&& x : engines) {
diff --git a/tester/polyhook.cpp b/tester/polyhook.cpp
new file mode 100644
index 0000000..e4082a5
--- /dev/null
+++ b/tester/polyhook.cpp
@@ -0,0 +1,87 @@
+#include <Windows.h>
+#include <cstdint>
+#include <memory>
+#include "..\third_party\poly\PolyHook\PolyHook.hpp"
+#include "typedefs.h"
+#include "abstracthook.h"
+#include "PolyHook.h"
+
+#pragma comment(lib, "..\\x64\\debug\\test_cases.lib")
+
+static TypeSmall trueSmall = &_small;
+static TypeBranch trueBranch = &_branch;
+static TypeRip_relative trueRip_Relative = &_rip_relative;
+static TypeAVX trueAVX = &_AVX;
+static TypeRDRAND trueRDRAND = &_RDRAND;
+static TypeLoop trueLoop = &_loop;
+static TypeTailRecursion trueTailRecursion = &_tail_recursion;
+
+AbstractHookEngine* g_PolyHook = new PolyHook();
+
+uint64_t PolyHook_Hooks::hookSmall(void) {
+	g_PolyHook->small_ = true;
+
+	return trueSmall();
+}
+
+uint64_t PolyHook_Hooks::hookBranch(uint64_t x) {
+	g_PolyHook->branch = true;
+
+	return trueBranch(x);
+}
+
+uint64_t PolyHook_Hooks::hookRip_relative(void) {
+	g_PolyHook->rip_relative = true;
+
+	return trueRip_Relative();
+}
+
+void PolyHook_Hooks::hookAVX(float num, void* res) {
+	g_PolyHook->avx = true;
+
+	return trueAVX(num, res);
+}
+
+uint32_t PolyHook_Hooks::hookRDRAND(void) {
+	g_PolyHook->rdrand = true;
+
+	return trueRDRAND();
+}
+
+uint32_t PolyHook_Hooks::hookLoop(uint32_t num, uint32_t cnt) {
+	g_PolyHook->loop = true;
+
+	return trueLoop(num, cnt);
+}
+
+uint32_t PolyHook_Hooks::hookTail_recursion(uint32_t x) {
+	g_PolyHook->tail_recursion = true;
+
+	return trueTailRecursion(x);
+}
+
+bool PolyHook::hook_all(void) {
+	bool ret = hook<decltype(&_small)>(detSmall, &_small, (void*&)trueSmall, &PolyHook_Hooks::hookSmall);
+	ret |= hook<decltype(&_branch)>(detBranch, &_branch, (void*&)trueBranch, &PolyHook_Hooks::hookBranch);
+	ret |= hook<decltype(&rip_relative)>(detRIPRelative, &rip_relative, (void*&)trueRip_Relative, &PolyHook_Hooks::hookRip_relative);
+
+	ret |= hook<decltype(&_AVX)>(detAVX, &_AVX, (void*&)trueAVX, &PolyHook_Hooks::hookAVX);
+	ret |= hook<decltype(&_RDRAND)>(detRDRAND, &_RDRAND, (void*&)trueRDRAND, &PolyHook_Hooks::hookRDRAND);
+
+	ret |= hook<decltype(&_loop)>(detLoop, &_loop, (void*&)trueLoop, &PolyHook_Hooks::hookLoop);
+	ret |= hook<decltype(&_tail_recursion)>(detTailRecursion, &_tail_recursion, (void*&)trueTailRecursion, &PolyHook_Hooks::hookTail_recursion);
+
+	return ret;
+}
+
+bool PolyHook::unhook_all() {
+	detSmall->UnHook();
+	detBranch->UnHook();
+	detRIPRelative->UnHook();
+	detAVX->UnHook();
+	detRDRAND->UnHook();
+	detLoop->UnHook();
+	detTailRecursion->UnHook();
+
+	return true;
+}
\ No newline at end of file
diff --git a/tester/polyhook.h b/tester/polyhook.h
new file mode 100644
index 0000000..777a150
--- /dev/null
+++ b/tester/polyhook.h
@@ -0,0 +1,63 @@
+#pragma once
+
+namespace PolyHook_Hooks {
+	uint64_t hookSmall(void);
+	uint64_t hookBranch(uint64_t);
+	uint64_t hookRip_relative(void);
+	void hookAVX(float num, void* res);
+	uint32_t hookRDRAND(void);
+	uint32_t hookLoop(uint32_t num, uint32_t cnt);
+	uint32_t hookTail_recursion(uint32_t x);
+};
+
+class PolyHook : public AbstractHookEngine {
+private:
+	std::shared_ptr<PLH::Detour> detSmall,
+		detBranch,
+		detRIPRelative,
+		detAVX,
+		detRDRAND,
+		detLoop,
+		detTailRecursion;
+
+	template <typename T>
+	bool hook(std::shared_ptr<PLH::Detour> det, void* func, void*& original, void* hook) {
+		det->SetupHook((BYTE*)func, (BYTE*)hook);
+		if (!det->Hook()) {
+			return false;
+		}
+
+		return (original = det->GetOriginal<T>());
+	}
+
+public:
+	bool hook_all();
+	bool unhook_all();
+
+	PolyHook() : AbstractHookEngine("PolyHook"),
+		detSmall(new PLH::Detour),
+		detRIPRelative(new PLH::Detour),
+		detBranch(new PLH::Detour),
+		detAVX(new PLH::Detour),
+		detRDRAND(new PLH::Detour),
+		detLoop(new PLH::Detour),
+		detTailRecursion(new PLH::Detour)
+	{
+		assert(detSmall->GetType() == PLH::HookType::Detour);
+		assert(detBranch->GetType() == PLH::HookType::Detour);
+		assert(detRIPRelative->GetType() == PLH::HookType::Detour);
+		assert(detAVX->GetType() == PLH::HookType::Detour);
+		assert(detRDRAND->GetType() == PLH::HookType::Detour);
+		assert(detLoop->GetType() == PLH::HookType::Detour);
+		assert(detTailRecursion->GetType() == PLH::HookType::Detour);
+	}
+
+	friend uint64_t PolyHook_Hooks::hookSmall(void);
+	friend uint64_t PolyHook_Hooks::hookBranch(uint64_t);
+	friend uint64_t PolyHook_Hooks::hookRip_relative(void);
+
+	friend void PolyHook_Hooks::hookAVX(float num, void* res);
+	friend uint32_t PolyHook_Hooks::hookRDRAND(void);
+	friend uint32_t PolyHook_Hooks::hookLoop(uint32_t num, uint32_t cnt);
+	friend uint32_t PolyHook_Hooks::hookTail_recursion(uint32_t x);
+};
\ No newline at end of file
diff --git a/tester/tester.vcxproj b/tester/tester.vcxproj
index 247cbd0..a04bce7 100644
--- a/tester/tester.vcxproj
+++ b/tester/tester.vcxproj
@@ -150,10 +150,12 @@
   <ItemGroup>
     <ClCompile Include="main.cpp" />
     <ClCompile Include="mhook.cpp" />
+    <ClCompile Include="polyhook.cpp" />
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="abstracthook.h" />
     <ClInclude Include="mhook.h" />
+    <ClInclude Include="polyhook.h" />
     <ClInclude Include="typedefs.h" />
   </ItemGroup>
   <ItemGroup>
@@ -163,6 +165,9 @@
     <Object Include="..\x64\Debug\mhook.obj" />
     <Object Include="..\x64\Debug\misc.obj" />
   </ItemGroup>
+  <ItemGroup>
+    <Library Include="..\third_party\poly\Capstone\msvc\x64\Release\capstone.lib" />
+  </ItemGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
   <ImportGroup Label="ExtensionTargets">
   </ImportGroup>
diff --git a/tester/tester.vcxproj.filters b/tester/tester.vcxproj.filters
index 8b3d159..a38d443 100644
--- a/tester/tester.vcxproj.filters
+++ b/tester/tester.vcxproj.filters
@@ -21,6 +21,9 @@
     <ClCompile Include="mhook.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
+    <ClCompile Include="polyhook.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="typedefs.h">
@@ -32,6 +35,9 @@
     <ClInclude Include="abstracthook.h">
       <Filter>Header Files</Filter>
     </ClInclude>
+    <ClInclude Include="polyhook.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
   </ItemGroup>
   <ItemGroup>
     <Object Include="..\x64\Debug\mhook.obj" />
@@ -40,4 +46,7 @@
     <Object Include="..\x64\Debug\disasm.obj" />
     <Object Include="..\x64\Debug\cpu.obj" />
   </ItemGroup>
+  <ItemGroup>
+    <Library Include="..\third_party\poly\Capstone\msvc\x64\Release\capstone.lib" />
+  </ItemGroup>
 </Project>
\ No newline at end of file