/// <summary> /// 注入程序集到指定进程 /// </summary> /// <param name="processId">进程id</param> /// <param name="assembly">程序集路径</param> /// <exception cref="ArgumentNullException"></exception> /// <exception cref="FileNotFoundException"></exception> /// <returns></returns> public static bool InjectToProcess(int processId, string assembly) { if (assembly == null) { throw new ArgumentNullException("assembly"); } if (File.Exists(assembly) == false) { throw new FileNotFoundException("找不到文件" + assembly); } var mainDll = Path.GetFullPath("Main.dll"); if (File.Exists(mainDll) == false) { throw new FileNotFoundException("找不到文件Main.dll"); } lock (Inject.SyncRoot) { Extern.SetAssembly(Path.GetFullPath(assembly)); if (Extern.CreateRemoteThreadWithDll(processId, Path.GetFullPath(mainDll))) { Extern.WaitForLoadAssembly(MaxWaitTime); return(true); } } return(false); }
/// <summary> /// Hook一个Api /// </summary> /// <typeparam name="TDelegate">委托</typeparam> /// <param name="libName">Api所在模块名</param> /// <param name="apiName">Api名</param> /// <param name="proxyApi">代理api</param> /// <exception cref="ArgumentNullException"></exception> /// <exception cref="ArgumentException"></exception> /// <returns></returns> public static HookResult <TDelegate> HookApi <TDelegate>(string libName, string apiName, TDelegate proxyApi) where TDelegate : class { if (libName == null) { throw new ArgumentNullException("libName"); } if (apiName == null) { throw new ArgumentNullException("apiName"); } if (proxyApi == null) { throw new ArgumentNullException("proxyApi"); } var delegateType = typeof(TDelegate); if (typeof(Delegate).IsAssignableFrom(delegateType) == false || delegateType.IsGenericType == true) { throw new ArgumentException("TDelegate必须为非泛型委托"); } var result = new HookResult <TDelegate> { LibName = libName, ApiName = apiName }; var targetApiPointer = Extern.FindFunction(libName, apiName); if (targetApiPointer == IntPtr.Zero) { return(result); } var proxyApiPointer = Marshal.GetFunctionPointerForDelegate(proxyApi as Delegate); if (Extern.HookFunction(ref targetApiPointer, proxyApiPointer) == false) { return(result); } result._proxyApi = proxyApi; result._proxyApiPoinpter = proxyApiPointer; result._targetApiPointer = targetApiPointer; result.TargetApi = Marshal.GetDelegateForFunctionPointer(targetApiPointer, typeof(TDelegate)) as TDelegate; // 添加引用 ReferenceTable.AddRef(result); return(result); }
/// <summary> /// 取消Hook /// </summary> /// <returns></returns> public bool UnHook() { if (this._targetApiPointer == IntPtr.Zero) { return(true); } var state = Extern.UnHookFunction(ref this._targetApiPointer, this._proxyApiPoinpter); if (state == true) { this._proxyApiPoinpter = IntPtr.Zero; this._targetApiPointer = IntPtr.Zero; this._proxyApi = default(TDelegate); this.TargetApi = default(TDelegate); ReferenceTable.RemoveRef(this); } return(state); }
/// <summary> /// 安装Window钩子到主线程 /// </summary> /// <param name="hookType">钩子类型</param> /// <param name="callBack">回调函数</param> /// <exception cref="ArgumentNullException"></exception> /// <exception cref="ArgumentException"></exception> /// <returns></returns> public static bool HookWindow(WinHookType hookType, WinHookCallback callBack) { if (callBack == null) { throw new ArgumentNullException("callBack"); } if (Enum.IsDefined(typeof(WinHookType), hookType) == false) { throw new ArgumentException("hookType的值无效"); } var callBackPointer = Marshal.GetFunctionPointerForDelegate(callBack); var state = Extern.HookWindow((int)hookType, callBackPointer); if (state == true) { ReferenceTable.AddRef(callBack); } return(state); }
/// <summary> /// 创建应用进程并注入程序集 /// </summary> /// <param name="fileName">进程文件名</param> /// <param name="argument">启动参数</param> /// <param name="workDir">工作路径</param> /// <param name="assembly">程序集路径</param> /// <exception cref="ArgumentNullException"></exception> /// <exception cref="FileNotFoundException"></exception> /// <returns></returns> public static bool InjectToProcess(string fileName, string argument, string workDir, string assembly) { if (fileName == null) { throw new ArgumentNullException("fileName"); } if (assembly == null) { throw new ArgumentNullException("assembly"); } if (File.Exists(fileName) == false) { throw new FileNotFoundException("找不到文件" + fileName); } if (File.Exists(assembly) == false) { throw new FileNotFoundException("找不到文件" + assembly); } var mainDll = "Main.dll"; if (File.Exists(mainDll) == false) { throw new FileNotFoundException("找不到文件Main.dll"); } lock (Inject.SyncRoot) { Extern.SetAssembly(Path.GetFullPath(assembly)); if (Extern.CreateProcessWithDll(fileName, argument, workDir, Path.GetFullPath(mainDll))) { Extern.WaitForLoadAssembly(MaxWaitTime); return(true); } } return(false); }
/// <summary> /// 反安装Window钩子 /// </summary> /// <param name="hookType">钩子类型</param> public static void UnHookWindow(WinHookType hookType) { Extern.UnHookWindow((int)hookType); }