Przeglądaj źródła

polyhook

master
aaaaaa aaaaaaa 7 lat temu
rodzic
commit
90a7e57dd7
5 zmienionych plików z 167 dodań i 1 usunięć
  1. +3
    -1
      tester/main.cpp
  2. +87
    -0
      tester/polyhook.cpp
  3. +63
    -0
      tester/polyhook.h
  4. +5
    -0
      tester/tester.vcxproj
  5. +9
    -0
      tester/tester.vcxproj.filters

+ 3
- 1
tester/main.cpp Wyświetl plik

@@ -8,11 +8,13 @@

#pragma comment(lib, "..\\x64\\debug\\test_cases.lib")

extern AbstractHookEngine* g_mhook;
extern AbstractHookEngine* g_mhook,
*g_PolyHook;

int main(int argc, char** argv) {
AbstractHookEngine* engines[] = {
g_mhook,
g_PolyHook
};

for(auto&& x : engines) {

+ 87
- 0
tester/polyhook.cpp Wyświetl plik

@@ -0,0 +1,87 @@
#include <Windows.h>
#include <cstdint>
#include <memory>
#include "..\third_party\poly\PolyHook\PolyHook.hpp"
#include "typedefs.h"
#include "abstracthook.h"
#include "PolyHook.h"

#pragma comment(lib, "..\\x64\\debug\\test_cases.lib")

static TypeSmall trueSmall = &_small;
static TypeBranch trueBranch = &_branch;
static TypeRip_relative trueRip_Relative = &_rip_relative;
static TypeAVX trueAVX = &_AVX;
static TypeRDRAND trueRDRAND = &_RDRAND;
static TypeLoop trueLoop = &_loop;
static TypeTailRecursion trueTailRecursion = &_tail_recursion;

AbstractHookEngine* g_PolyHook = new PolyHook();

uint64_t PolyHook_Hooks::hookSmall(void) {
g_PolyHook->small_ = true;

return trueSmall();
}

uint64_t PolyHook_Hooks::hookBranch(uint64_t x) {
g_PolyHook->branch = true;

return trueBranch(x);
}

uint64_t PolyHook_Hooks::hookRip_relative(void) {
g_PolyHook->rip_relative = true;

return trueRip_Relative();
}

void PolyHook_Hooks::hookAVX(float num, void* res) {
g_PolyHook->avx = true;

return trueAVX(num, res);
}

uint32_t PolyHook_Hooks::hookRDRAND(void) {
g_PolyHook->rdrand = true;

return trueRDRAND();
}

uint32_t PolyHook_Hooks::hookLoop(uint32_t num, uint32_t cnt) {
g_PolyHook->loop = true;

return trueLoop(num, cnt);
}

uint32_t PolyHook_Hooks::hookTail_recursion(uint32_t x) {
g_PolyHook->tail_recursion = true;

return trueTailRecursion(x);
}

bool PolyHook::hook_all(void) {
bool ret = hook<decltype(&_small)>(detSmall, &_small, (void*&)trueSmall, &PolyHook_Hooks::hookSmall);
ret |= hook<decltype(&_branch)>(detBranch, &_branch, (void*&)trueBranch, &PolyHook_Hooks::hookBranch);
ret |= hook<decltype(&rip_relative)>(detRIPRelative, &rip_relative, (void*&)trueRip_Relative, &PolyHook_Hooks::hookRip_relative);

ret |= hook<decltype(&_AVX)>(detAVX, &_AVX, (void*&)trueAVX, &PolyHook_Hooks::hookAVX);
ret |= hook<decltype(&_RDRAND)>(detRDRAND, &_RDRAND, (void*&)trueRDRAND, &PolyHook_Hooks::hookRDRAND);

ret |= hook<decltype(&_loop)>(detLoop, &_loop, (void*&)trueLoop, &PolyHook_Hooks::hookLoop);
ret |= hook<decltype(&_tail_recursion)>(detTailRecursion, &_tail_recursion, (void*&)trueTailRecursion, &PolyHook_Hooks::hookTail_recursion);

return ret;
}

bool PolyHook::unhook_all() {
detSmall->UnHook();
detBranch->UnHook();
detRIPRelative->UnHook();
detAVX->UnHook();
detRDRAND->UnHook();
detLoop->UnHook();
detTailRecursion->UnHook();

return true;
}

+ 63
- 0
tester/polyhook.h Wyświetl plik

@@ -0,0 +1,63 @@
#pragma once

namespace PolyHook_Hooks {
uint64_t hookSmall(void);
uint64_t hookBranch(uint64_t);
uint64_t hookRip_relative(void);
void hookAVX(float num, void* res);
uint32_t hookRDRAND(void);
uint32_t hookLoop(uint32_t num, uint32_t cnt);
uint32_t hookTail_recursion(uint32_t x);
};

class PolyHook : public AbstractHookEngine {
private:
std::shared_ptr<PLH::Detour> detSmall,
detBranch,
detRIPRelative,
detAVX,
detRDRAND,
detLoop,
detTailRecursion;

template <typename T>
bool hook(std::shared_ptr<PLH::Detour> det, void* func, void*& original, void* hook) {
det->SetupHook((BYTE*)func, (BYTE*)hook);
if (!det->Hook()) {
return false;
}

return (original = det->GetOriginal<T>());
}

public:
bool hook_all();
bool unhook_all();

PolyHook() : AbstractHookEngine("PolyHook"),
detSmall(new PLH::Detour),
detRIPRelative(new PLH::Detour),
detBranch(new PLH::Detour),
detAVX(new PLH::Detour),
detRDRAND(new PLH::Detour),
detLoop(new PLH::Detour),
detTailRecursion(new PLH::Detour)
{
assert(detSmall->GetType() == PLH::HookType::Detour);
assert(detBranch->GetType() == PLH::HookType::Detour);
assert(detRIPRelative->GetType() == PLH::HookType::Detour);
assert(detAVX->GetType() == PLH::HookType::Detour);
assert(detRDRAND->GetType() == PLH::HookType::Detour);
assert(detLoop->GetType() == PLH::HookType::Detour);
assert(detTailRecursion->GetType() == PLH::HookType::Detour);
}

friend uint64_t PolyHook_Hooks::hookSmall(void);
friend uint64_t PolyHook_Hooks::hookBranch(uint64_t);
friend uint64_t PolyHook_Hooks::hookRip_relative(void);

friend void PolyHook_Hooks::hookAVX(float num, void* res);
friend uint32_t PolyHook_Hooks::hookRDRAND(void);
friend uint32_t PolyHook_Hooks::hookLoop(uint32_t num, uint32_t cnt);
friend uint32_t PolyHook_Hooks::hookTail_recursion(uint32_t x);
};

+ 5
- 0
tester/tester.vcxproj Wyświetl plik

@@ -150,10 +150,12 @@
<ItemGroup>
<ClCompile Include="main.cpp" />
<ClCompile Include="mhook.cpp" />
<ClCompile Include="polyhook.cpp" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="abstracthook.h" />
<ClInclude Include="mhook.h" />
<ClInclude Include="polyhook.h" />
<ClInclude Include="typedefs.h" />
</ItemGroup>
<ItemGroup>
@@ -163,6 +165,9 @@
<Object Include="..\x64\Debug\mhook.obj" />
<Object Include="..\x64\Debug\misc.obj" />
</ItemGroup>
<ItemGroup>
<Library Include="..\third_party\poly\Capstone\msvc\x64\Release\capstone.lib" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>

+ 9
- 0
tester/tester.vcxproj.filters Wyświetl plik

@@ -21,6 +21,9 @@
<ClCompile Include="mhook.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="polyhook.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="typedefs.h">
@@ -32,6 +35,9 @@
<ClInclude Include="abstracthook.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="polyhook.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<Object Include="..\x64\Debug\mhook.obj" />
@@ -40,4 +46,7 @@
<Object Include="..\x64\Debug\disasm.obj" />
<Object Include="..\x64\Debug\cpu.obj" />
</ItemGroup>
<ItemGroup>
<Library Include="..\third_party\poly\Capstone\msvc\x64\Release\capstone.lib" />
</ItemGroup>
</Project>

Ładowanie…
Anuluj
Zapisz