Jump to content
Nytro

Creating Global Api Hook Using Windows Hook

By Nytro, in Programare

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

[h=1]Creating Global Api Hook Using Windows Hook[/h][h=3]zwclose7[/h]

Windows hooks allows you to inject DLL into all GUI processes that are running in the same session. This allows you to inject a hook DLL into most running processes. Windows hooks can't inject DLL into system processes or service processes.

I just written a hook DLL to show you how to use Windows hook to inject DLL into GUI processes.

The DLL has a exported function, SetHook. Use the rundll32 tool to call execute this function. Once the function is executed, the function set the Windows hook, and inject the DLL into all GUI processes. When the DLL is injected, it hooks the InternetConnectW function to block all websites that contain the word "google" in the URL.

To install the hook using the rundll32 tool, use the following command line:

rundll32 <DllPath>,SetHook

When the rundll32.exe process is terminated, the Windows hook is removed, and the hooked InternetConnectW is also unhooked.

I am using my API hooking header for this project.

post-35696-0-37855900-1380417437_thumb.png

post-35696-0-71392800-1380417445_thumb.png 

#include <stdio.h>

#include <Windows.h>

#include <WinInet.h>

#include "apihook.h"

typedef HINTERNET (WINAPI *pInternetConnectW)(HINTERNET,LPCWSTR,INTERNET_PORT,LPCWSTR,LPCWSTR,DWORD,DWORD,DWORD_PTR);

pInternetConnectW fnInternetConnectW;

HINSTANCE hInst;

API_HOOK Hook;

extern "C" __declspec(dllexport) LRESULT CALLBACK CallWndProc(int nCode,WPARAM wParam,LPARAM lParam)

{

return CallNextHookEx(NULL,nCode,wParam,lParam);

}

extern "C" __declspec(dllexport) void SetHook()

{

SetWindowsHookEx(WH_CALLWNDPROC,CallWndProc,hInst,0);

Sleep(INFINITE);

}

HINTERNET WINAPI HookInternetConnectW(HINTERNET hInternet,LPCWSTR ServerName,INTERNET_PORT InternetPort,LPCWSTR UserName,LPCWSTR Password,DWORD dwService,DWORD dwFlags,DWORD_PTR dwContext)

{

if(wcsstr(ServerName,L"google"))

{

OutputDebugString("Your request to access Google has been denied!");

SetLastError(ERROR_ACCESS_DENIED);

return NULL;

}

return fnInternetConnectW(hInternet,ServerName,InternetPort,UserName,Password,dwService,dwFlags,dwContext);

}

BOOL WINAPI DllMain(HMODULE hModule,DWORD dwReason,LPVOID lpReserved)

{

char szModuleName[260],str[1024];

hInst=hModule;

switch(dwReason)

{

case DLL_PROCESS_ATTACH:

GetModuleFileName(NULL,szModuleName,260);

sprintf(str,"Hook DLL loaded into process %s (%d)",szModuleName,GetCurrentProcessId());

OutputDebugString(str);

InitAPIHook(&Hook,"wininet.dll","InternetConnectW",HookInternetConnectW);

fnInternetConnectW=(pInternetConnectW)Hook.OrigFunction;

StartAPIHook(&Hook);

break;

case DLL_PROCESS_DETACH:

UnhookAPIHook(&Hook);

RemoveAPIHook(&Hook);

break;

}

return TRUE;

}

[h=4]Attached Thumbnails[/h]

  • post-35696-0-37855900-1380417437_thumb.png
  • post-35696-0-71392800-1380417445_thumb.png

[h=4]Attached Files[/h]

Sursa: Creating Global Api Hook Using Windows Hook - Source Codes - rohitab.com - Forums

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...