Example #1
0
        /// <summary>
        /// Sample Font Global Hook (Hook any call of the target process)
        /// <para> Warning: This is just a sample, don't works with any application, tested with notepad.
        /// This only hooks the CreateFontIndirectW, we have it CreateFontA, CreateFontW and CreateFontIndirectA to handle with others programs</para>
        /// </summary>
        public static void GlobalHookFont()
        {
            //Attachs the Debugger
            Debugger.Launch();

            //Create the delegate and assign the hook function to him
            dCreateFontIndirect = new CreateFontIndirectWDelegate(CreateFontIndirectWHook);

            //Create to the given dll export with the given delegate
            hCreateFontIndirect = new UnmanagedHook <CreateFontIndirectWDelegate>("gdi32.dll", "CreateFontIndirectW", dCreateFontIndirect);

            //Install the Hook
            hCreateFontIndirect.Install();

            //Allow the process Execution and test the hook
            new Thread(() => {
                Thread.Sleep(1000);

                //As you can see, will create a font with the facename Times New Roman
                LOGFONTW Font   = new LOGFONTW();
                Font.lfFaceName = "Times New Roman";
                CreateFontIndirectW(ref Font);

                //Or is what you think...
                MessageBox.Show($"Font Selected: {Font.lfFaceName}", "Injected Assembly", MessageBoxButtons.OK, MessageBoxIcon.Information);
            }).Start();
        }
Example #2
0
        /// <summary>
        /// Sample Font Import Hook (Hook calls from the main module only)
        /// <para> Warning: This is just a sample, don't works with any application, tested with notepad.
        /// This only hooks the CreateFontIndirectW, we have it CreateFontA, CreateFontW and CreateFontIndirectA to handle with others programs</para>
        /// </summary>
        public static void ImportHookFont()
        {
            //Attachs the Debugger
            Debugger.Launch();

            //Create the delegate and assign the hook function to him
            dCreateFontIndirect = new CreateFontIndirectWDelegate(CreateFontIndirectWHook);


            //Search the CreateFontIndirectW Import
            var ImportTarget = (from x in Process.GetCurrentProcess().GetImports()
                                where x.Function == "CreateFontIndirectW" && x.Module.ToLower() == "gdi32.dll"
                                select x).Single();

            //Create to the given dll import of the main module with the given delegate
            hCreateFontIndirect = new UnmanagedHook <CreateFontIndirectWDelegate>(ImportTarget, dCreateFontIndirect);

            //Install the Hook
            hCreateFontIndirect.Install();

            //The Hook by the Module Import can be called only target module,
            //so we can't see the face name change like in the 'global' method
            MessageBox.Show($"Hook Enabled, Try change the font :)\nTested with the Win10 Notepad (x64)", "Injected Assembly", MessageBoxButtons.OK, MessageBoxIcon.Information);
        }