/// <summary>
/// Sample Font Global Hook (Hook any call of the target process)
/// <para> Warning: This is just a sample, don't works with any application, tested with notepad.
/// This only hooks the CreateFontIndirectW, we have it CreateFontA, CreateFontW and CreateFontIndirectA to handle with others programs</para>
/// </summary>
public static void GlobalHookFont()
{
//Attachs the Debugger
Debugger.Launch();
//Create the delegate and assign the hook function to him
dCreateFontIndirect = new CreateFontIndirectWDelegate(CreateFontIndirectWHook);
//Create to the given dll export with the given delegate
hCreateFontIndirect = new UnmanagedHook <CreateFontIndirectWDelegate>("gdi32.dll", "CreateFontIndirectW", dCreateFontIndirect);
//Install the Hook
hCreateFontIndirect.Install();
//Allow the process Execution and test the hook
new Thread(() => {
Thread.Sleep(1000);
//As you can see, will create a font with the facename Times New Roman
LOGFONTW Font = new LOGFONTW();
Font.lfFaceName = "Times New Roman";
CreateFontIndirectW(ref Font);
//Or is what you think...
MessageBox.Show($"Font Selected: {Font.lfFaceName}", "Injected Assembly", MessageBoxButtons.OK, MessageBoxIcon.Information);
}).Start();
}
static void InstallCreateFontIndirectHooks()
{
if (Managed)
{
return;
}
dCreateFontIndirectA = new CreateFontIndirectADelegate(hCreateFontIndirectA);
dCreateFontIndirectW = new CreateFontIndirectWDelegate(hCreateFontIndirectW);
hCreatFontIndirectA = AutoHookCreator("gdi32.dll", "CreateFontIndirectA", dCreateFontIndirectA);
hCreatFontIndirectW = AutoHookCreator("gdi32.dll", "CreateFontIndirectW", dCreateFontIndirectW);
hCreatFontIndirectA.Install();
hCreatFontIndirectW.Install();
}
/// <summary>
/// Sample Font Import Hook (Hook calls from the main module only)
/// <para> Warning: This is just a sample, don't works with any application, tested with notepad.
/// This only hooks the CreateFontIndirectW, we have it CreateFontA, CreateFontW and CreateFontIndirectA to handle with others programs</para>
/// </summary>
public static void ImportHookFont()
{
//Attachs the Debugger
Debugger.Launch();
//Create the delegate and assign the hook function to him
dCreateFontIndirect = new CreateFontIndirectWDelegate(CreateFontIndirectWHook);
//Search the CreateFontIndirectW Import
var ImportTarget = (from x in Process.GetCurrentProcess().GetImports()
where x.Function == "CreateFontIndirectW" && x.Module.ToLower() == "gdi32.dll"
select x).Single();
//Create to the given dll import of the main module with the given delegate
hCreateFontIndirect = new UnmanagedHook <CreateFontIndirectWDelegate>(ImportTarget, dCreateFontIndirect);
//Install the Hook
hCreateFontIndirect.Install();
//The Hook by the Module Import can be called only target module,
//so we can't see the face name change like in the 'global' method
MessageBox.Show($"Hook Enabled, Try change the font :)\nTested with the Win10 Notepad (x64)", "Injected Assembly", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
