From f1ec585409855d462ba82661afba763a2ad7a0a1 Mon Sep 17 00:00:00 2001 From: aaaaaa aaaaaaa Date: Mon, 8 Jan 2018 18:42:35 +0100 Subject: [PATCH] use exact address for hooking Before I tried to hook the entry in my iat, which obviously leads to various dumb failures... --- tester/abstracthook.h | 8 +++++++ tester/main.cpp | 41 +++++++++++++++++++++++++++++++++-- tester/mhook.cpp | 14 ++++++------ tester/minhook.cpp | 18 +++++++-------- tester/polyhook.cpp | 14 ++++++------ tester/tester.vcxproj.filters | 4 ++-- 6 files changed, 72 insertions(+), 27 deletions(-) diff --git a/tester/abstracthook.h b/tester/abstracthook.h index bb279a6..92e7d53 100644 --- a/tester/abstracthook.h +++ b/tester/abstracthook.h @@ -3,6 +3,14 @@ class AbstractHookEngine { private: const char* name_; +public: + static void* getSmall() { return (void*)(GetProcAddress(LoadLibrary(L"test_cases.dll"), "_small")); } + static void* getBranch() { return (void*)(GetProcAddress(LoadLibrary(L"test_cases.dll"), "_branch")); } + static void* getRipRelative() { return (void*)(GetProcAddress(LoadLibrary(L"test_cases.dll"), "_rip_relative")); } + static void* getAVX() { return (void*)(GetProcAddress(LoadLibrary(L"test_cases.dll"), "_AVX")); } + static void* getRDRAND() { return (void*)(GetProcAddress(LoadLibrary(L"test_cases.dll"), "_RDRAND")); } + static void* getLoop() { return (void*)(GetProcAddress(LoadLibrary(L"test_cases.dll"), "_loop")); } + static void* getTailRecursion() { return (void*)(GetProcAddress(LoadLibrary(L"test_cases.dll"), "_tail_recursion")); } public: /* boolean for each hook test case, which are set by the hooks */ struct { diff --git a/tester/main.cpp b/tester/main.cpp index c711268..459c16b 100644 --- a/tester/main.cpp +++ b/tester/main.cpp @@ -1,17 +1,54 @@ #include #include #include +#include +#include #include "../test_cases/test_cases.h" #include "abstracthook.h" -#include "mhook.h" -#pragma comment(lib, "..\\x64\\debug\\test_cases.lib") + +//#pragma comment(lib, "..\\x64\\debug\\test_cases.lib") extern AbstractHookEngine* g_mhook, *g_PolyHook, *g_MinHook; +#if 0 +typedef BOOL(__stdcall* tBitBlt)(HDC hdcDest, int nXDest, int nYDest, int nWidth, int nHeight, + HDC hdcSrc, int nXSrc, int nYSrc, DWORD dwRop); +tBitBlt oBitBlt; + +//Just an int that gets incremented to verify handler got called for unit tests + +int BitBltHookVerifier = 0; +BOOL __stdcall hkBitBlt(HDC hdcDest, int nXDest, int nYDest, int nWidth, int nHeight, + HDC hdcSrc, int nXSrc, int nYSrc, DWORD dwRop) +{ + BitBltHookVerifier += 1337; + return oBitBlt(hdcDest, nXDest, nYDest, nWidth, nHeight, hdcSrc, nXSrc, nYSrc, dwRop); +} + +void test() +{ + std::shared_ptr Detour_Ex(new PLH::Detour); + //REQUIRE(Detour_Ex->GetType() == PLH::HookType::Detour); + + assert(BitBltHookVerifier == 0); + Detour_Ex->SetupHook((uint8_t*)GetProcAddress(LoadLibrary(L"Gdi32.dll"), "BitBlt"), (BYTE*)&hkBitBlt); + assert(Detour_Ex->Hook()); + oBitBlt = Detour_Ex->GetOriginal(); + BitBlt(NULL, 0, 0, 0, 0, NULL, 0, 0, 0); + assert(BitBltHookVerifier == 1337); + Detour_Ex->UnHook(); + BitBlt(NULL, 0, 0, 0, 0, NULL, 0, 0, 0); + assert(BitBltHookVerifier == 1337); + + std::cout << (Detour_Ex->GetLastError().GetSeverity() != PLH::RuntimeError::Severity::UnRecoverable) << '\n'; + std::cout << (Detour_Ex->GetLastError().GetSeverity() != PLH::RuntimeError::Severity::Critical) << '\n'; +} +#endif + int main(int argc, char** argv) { AbstractHookEngine* engines[] = { g_mhook, diff --git a/tester/mhook.cpp b/tester/mhook.cpp index 0dca34e..805f6f4 100644 --- a/tester/mhook.cpp +++ b/tester/mhook.cpp @@ -9,13 +9,13 @@ #pragma comment(lib, "..\\x64\\debug\\test_cases.lib") -static TypeSmall trueSmall = &_small; -static TypeBranch trueBranch = &_branch; -static TypeRip_relative trueRip_Relative = &_rip_relative; -static TypeAVX trueAVX = &_AVX; -static TypeRDRAND trueRDRAND = &_RDRAND; -static TypeLoop trueLoop = &_loop; -static TypeTailRecursion trueTailRecursion = &_tail_recursion; +static TypeSmall trueSmall = (TypeSmall)AbstractHookEngine::getSmall(); +static TypeBranch trueBranch = (TypeBranch)AbstractHookEngine::getBranch(); +static TypeRip_relative trueRip_Relative = (TypeRip_relative)AbstractHookEngine::getRipRelative(); +static TypeAVX trueAVX = (TypeAVX)AbstractHookEngine::getAVX(); +static TypeRDRAND trueRDRAND = (TypeRDRAND)AbstractHookEngine::getRDRAND(); +static TypeLoop trueLoop = (TypeLoop)AbstractHookEngine::getLoop(); +static TypeTailRecursion trueTailRecursion = (TypeTailRecursion)AbstractHookEngine::getTailRecursion(); AbstractHookEngine* g_mhook = new MHook(); diff --git a/tester/minhook.cpp b/tester/minhook.cpp index 4c8416c..d206ad4 100644 --- a/tester/minhook.cpp +++ b/tester/minhook.cpp @@ -63,19 +63,19 @@ uint32_t MinHook_Hooks::hookTail_recursion(uint32_t x) { } bool MinHook::hook_all(void) { - bool ret = MH_CreateHook(&_small, &MinHook_Hooks::hookSmall, (LPVOID*)&trueSmall) == MH_OK; - ret |= MH_CreateHook(&_branch, &MinHook_Hooks::hookBranch, (LPVOID*)&trueBranch) == MH_OK; - ret |= MH_CreateHook(&rip_relative, &MinHook_Hooks::hookRip_relative, (LPVOID*)&trueRip_Relative) == MH_OK; + bool ret0 = MH_CreateHook(getSmall(), &MinHook_Hooks::hookSmall, (LPVOID*)&trueSmall) == MH_OK; + bool ret1 = MH_CreateHook(getBranch(), &MinHook_Hooks::hookBranch, (LPVOID*)&trueBranch) == MH_OK; + bool ret2 = MH_CreateHook(getRipRelative(), &MinHook_Hooks::hookRip_relative, (LPVOID*)&trueRip_Relative) == MH_OK; - ret |= MH_CreateHook(&_AVX, &MinHook_Hooks::hookAVX, (LPVOID*)&trueAVX) == MH_OK; - ret |= MH_CreateHook(&_RDRAND, &MinHook_Hooks::hookRDRAND, (LPVOID*)&trueRDRAND) == MH_OK; + bool ret3 = MH_CreateHook(getAVX(), &MinHook_Hooks::hookAVX, (LPVOID*)&trueAVX) == MH_OK; + bool ret4 = MH_CreateHook(getRDRAND(), &MinHook_Hooks::hookRDRAND, (LPVOID*)&trueRDRAND) == MH_OK; - ret |= MH_CreateHook(&_loop, &MinHook_Hooks::hookLoop, (LPVOID*)&trueLoop) == MH_OK; - ret |= MH_CreateHook(&_tail_recursion, &MinHook_Hooks::hookTail_recursion, (LPVOID*)&trueTailRecursion) == MH_OK; + bool ret5 = MH_CreateHook(getLoop(), &MinHook_Hooks::hookLoop, (LPVOID*)&trueLoop) == MH_OK; + bool ret6 = MH_CreateHook(getTailRecursion(), &MinHook_Hooks::hookTail_recursion, (LPVOID*)&trueTailRecursion) == MH_OK; - ret |= MH_EnableHook(MH_ALL_HOOKS) == MH_OK; + bool ret7 = MH_EnableHook(MH_ALL_HOOKS) == MH_OK; - return ret; + return ret0; } bool MinHook::unhook_all() { diff --git a/tester/polyhook.cpp b/tester/polyhook.cpp index ce4df06..b796c7b 100644 --- a/tester/polyhook.cpp +++ b/tester/polyhook.cpp @@ -62,15 +62,15 @@ uint32_t PolyHook_Hooks::hookTail_recursion(uint32_t x) { } bool PolyHook::hook_all(void) { - bool ret = hook(detSmall, &_small, trueSmall, &PolyHook_Hooks::hookSmall); - ret |= hook(detBranch, &_branch, trueBranch, &PolyHook_Hooks::hookBranch); - ret |= hook(detRIPRelative, &_rip_relative, trueRip_Relative, &PolyHook_Hooks::hookRip_relative); + bool ret = hook(detSmall, getSmall(), trueSmall, &PolyHook_Hooks::hookSmall); + ret |= hook(detBranch, getBranch(), trueBranch, &PolyHook_Hooks::hookBranch); + ret |= hook(detRIPRelative, getRipRelative(), trueRip_Relative, &PolyHook_Hooks::hookRip_relative); - ret |= hook(detAVX, &_AVX, trueAVX, &PolyHook_Hooks::hookAVX); - ret |= hook(detRDRAND, &_RDRAND, trueRDRAND, &PolyHook_Hooks::hookRDRAND); + ret |= hook(detAVX, getAVX(), trueAVX, &PolyHook_Hooks::hookAVX); + ret |= hook(detRDRAND, getRDRAND(), trueRDRAND, &PolyHook_Hooks::hookRDRAND); - ret |= hook(detLoop, &_loop, trueLoop, &PolyHook_Hooks::hookLoop); - ret |= hook(detTailRecursion, &_tail_recursion, trueTailRecursion, &PolyHook_Hooks::hookTail_recursion); + ret |= hook(detLoop, getLoop(), trueLoop, &PolyHook_Hooks::hookLoop); + ret |= hook(detTailRecursion, getTailRecursion(), trueTailRecursion, &PolyHook_Hooks::hookTail_recursion); return ret; } diff --git a/tester/tester.vcxproj.filters b/tester/tester.vcxproj.filters index 154cbb0..010e6e9 100644 --- a/tester/tester.vcxproj.filters +++ b/tester/tester.vcxproj.filters @@ -21,10 +21,10 @@ Source Files - + Source Files - + Source Files