octopos
How do I cheat?
![]() Reputation: 0
Joined: 29 Sep 2015
Posts: 1
|
 Posted: Tue Sep 29, 2015 6:06 pm Post subject: [C++] Injected DLL using MinHook not hooking |
 |
|
Well, short version: I made a simple DLL that meant to be injected and hook MessageBoxW, and a "wingui" program to test the DLL. There is a button that use MessageBoxW.
I know that lib is made to use on VS, but compiled all with MinGW gcc, because I kind dislike VS :}
No error is returned when hooking, but "wingui" MessageBoxW isn't hooked  .
The hook works inside DLL code... So when DLL calls MessageBoxW, the MyMessageBoxW is called, but nothing happens to wingui.exe calls for MessageBoxW.
So:
a) the hook doesn't work for code outside hook's modules?
b) hook don't works when compiled with gcc?
c) I did something wrong?
As I can't post links, nor upload attachments, I can't share my compiled lib(libminhook32.a). But one can clone:
a) github com/TsudaKageyu/minhook
b) code.google com/p/libportable/source/browse/src/minhook (not last version, but have a Makefile that works like a charm for MinGW  )
WinGUI:
main.cpp
| Code: |
#include <windows.h>
HWND button, hwnd, editHwnd;
LRESULT CALLBACK WndProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam)
{
switch(msg)
{
case WM_CLOSE:
DestroyWindow(hwnd);
break;
case WM_DESTROY:
PostQuitMessage(0);
break;
case WM_COMMAND:
if (lParam == (LPARAM)button && wParam == BN_CLICKED)
MessageBoxW(hwnd,L"Button is pressed!", L"test", MB_ICONINFORMATION);
break;
default:
return DefWindowProc(hwnd, msg, wParam, lParam);
}
return 0;
}
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
{
WNDCLASSEX wc;
wc.cbSize = sizeof(WNDCLASSEX);
wc.style = 0;
wc.lpfnWndProc = WndProc;
wc.cbClsExtra = 0;
wc.cbWndExtra = 0;
wc.hInstance = hInstance;
wc.hIcon = NULL;
wc.hCursor = LoadCursor(hInstance, IDC_ARROW);
wc.hbrBackground = (HBRUSH)(COLOR_WINDOW+1);
wc.lpszMenuName = NULL;
wc.lpszClassName = "ASo";
wc.hIconSm = NULL;
if(!RegisterClassEx(&wc))
return 0;
hwnd = CreateWindowExA(WS_EX_CLIENTEDGE, "Aso", "Test",
(WS_OVERLAPPED | WS_CAPTION | WS_SYSMENU | WS_MINIMIZEBOX),
CW_USEDEFAULT, CW_USEDEFAULT, 220, 150, NULL, NULL, hInstance, NULL);
editHwnd = CreateWindowA("EDIT", NULL, ES_MULTILINE | ES_AUTOHSCROLL |ES_READONLY |WS_CHILD | WS_VISIBLE | WS_BORDER, 3, 3, 205, 55, hwnd, NULL, hInstance, NULL);
SendMessage(editHwnd, WM_SETTEXT, NULL, (LPARAM)"Ola\r \r\n E ae");
ShowWindow(hwnd, nCmdShow);
UpdateWindow(hwnd);
MSG Msg;
button = CreateWindowA("BUTTON", "Button", (WS_VISIBLE | WS_CHILD | BS_DEFPUSHBUTTON), 80, 70, 50, 30, hwnd, NULL, hInstance, NULL);
while(GetMessage(&Msg, NULL, 0, 0) > 0)
{
TranslateMessage(&Msg);
DispatchMessage(&Msg);
}
return 0;
}
|
TestDLL:
main.cpp
| Code: |
#include "main.h"
#include <Windows.h>
#include "MinHook.h"
typedef int (WINAPI *MESSAGEBOXW)(HWND, LPCWSTR, LPCWSTR, UINT);
// Pointer for calling original MessageBoxW.
MESSAGEBOXW fpMessageBoxW = NULL;
// Detour function which overrides MessageBoxW.
int WINAPI DetourMessageBoxW(HWND hWnd, LPCWSTR lpText, LPCWSTR lpCaption, UINT uType)
{
return fpMessageBoxW(hWnd, L"Hooked!", lpCaption, uType);
}
// a sample exported function
void Mem()
{
// MessageBoxW(NULL, L"Not hooked...", L"MinHook Sample", MB_OK);
// Initialize MinHook.
if (MH_Initialize() != MH_OK)
{
MessageBoxA(0, "Init", "DLL Message", MB_OK | MB_ICONINFORMATION);
}
// Create a hook for MessageBoxW, in disabled state.
if (MH_CreateHook((void *)&MessageBoxW,(void *) &DetourMessageBoxW,reinterpret_cast<void**>(&fpMessageBoxW)) != MH_OK)
{
MessageBoxA(0, "Createe", "DLL Message", MB_OK | MB_ICONINFORMATION);
}
// Enable the hook for MessageBoxW.
if (MH_EnableHook((void *)&MessageBoxW) != MH_OK)
{
MessageBoxA(0, "Enablee", "DLL Message", MB_OK | MB_ICONINFORMATION);
}
// Expected to tell "Hooked!".
// MessageBoxW(NULL, L"Not hooked...", L"MinHook Sample", MB_OK);
// Disable the hook for MessageBoxW.
// if (MH_DisableHook((void *)&MessageBoxW) != MH_OK)
// {
// return 1;
// }
// Expected to tell "Not hooked...".
// MessageBoxW(NULL, L"Not hooked...", L"MinHook Sample", MB_OK);
// Uninitialize MinHook.
// if (MH_Uninitialize() != MH_OK)
// {
// return 1;
// }
MessageBoxW(0, L"End", L"DLL Message", MB_OK | MB_ICONINFORMATION);
}
extern "C" DLL_EXPORT BOOL APIENTRY DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
if(fdwReason==DLL_PROCESS_ATTACH )
{
DisableThreadLibraryCalls( hinstDLL );
CreateThread(NULL,NULL,(LPTHREAD_START_ROUTINE)Mem,NULL,NULL,NULL);
}
return TRUE; // succesful
}
|
TestDLL:
main.h:
| Code: |
#ifndef __MAIN_H__
#define __MAIN_H__
#include <windows.h>
#ifdef BUILD_DLL
#define DLL_EXPORT __declspec(dllexport)
#else
#define DLL_EXPORT __declspec(dllimport)
#endif
#ifdef __cplusplus
extern "C"
{
#endif
void Mem();
#ifdef __cplusplus
}
#endif
#endif // __MAIN_H__
|
Btw the injection works, as I called MessageBoxW inside DLL and confirmed that the hook works for the DLL....
Thanks for any help 
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
