public void Run(RemoteHooking.IContext context, RuntimeParams parms) { System.Threading.Thread.CurrentThread.CurrentCulture = new System.Globalization.CultureInfo("en-US", false); try { RuntimeProfile profile; using (var fs = new System.IO.FileStream(parms.ProfileFile, FileMode.Open)) profile = Iros._7th.Util.DeserializeBinary <RuntimeProfile>(fs); System.IO.File.Delete(parms.ProfileFile); if (!String.IsNullOrWhiteSpace(profile.LogFile)) { try { try { System.IO.File.Delete(profile.LogFile); } catch { } System.Diagnostics.Debug.Listeners.Add(new System.Diagnostics.TextWriterTraceListener(profile.LogFile)); System.Diagnostics.Debug.WriteLine("Logging debug output to " + profile.LogFile); } catch (Exception ex) { System.Diagnostics.Debug.WriteLine("Failed to log debug output: " + ex.ToString()); } } System.Diagnostics.Debug.WriteLine("Wrap run... Host: {0} PID: {1} TID: {2} Path: {3} Capture: {4}", context.HostPID, RemoteHooking.GetCurrentProcessId(), RemoteHooking.GetCurrentThreadId(), profile.ModPath, String.Join(", ", profile.MonitorPaths)); RuntimeLog.Enabled = profile.Options.HasFlag(RuntimeOptions.DetailedLog); //_overrides = new Overrides(basepath); _profile = profile; for (int i = _profile.MonitorPaths.Count - 1; i >= 0; i--) { if (!_profile.MonitorPaths[i].EndsWith(System.IO.Path.DirectorySeparatorChar.ToString())) { _profile.MonitorPaths[i] += System.IO.Path.DirectorySeparatorChar; } if (String.IsNullOrWhiteSpace(_profile.MonitorPaths[i])) { _profile.MonitorPaths.RemoveAt(i); } } foreach (var item in profile.Mods) { System.Diagnostics.Debug.WriteLine(" Mod: {0} has {1} conditionals", item.BaseFolder, item.Conditionals.Count); System.Diagnostics.Debug.WriteLine(" Additional paths: " + String.Join(", ", item.ExtraFolders)); item.Startup(); } _hCreateFileW = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "CreateFileW"), new DCreateFile(HCreateFileW), this); _hCreateFileW.ThreadACL.SetExclusiveACL(new[] { 0 }); //_hCreateFileA = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "CreateFileA"), new DCreateFileA(HCreateFileA), this); //_hCreateFileA.ThreadACL.SetExclusiveACL(new[] { 0 }); //int init = Init7W(); //_hReadFile = LocalHook.CreateUnmanaged(LocalHook.GetProcAddress("kernel32.dll", "ReadFile"), LocalHook.GetProcAddress("7thWrapperNLib.dll", "ReadFile7W"), IntPtr.Zero); _hReadFile = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "ReadFile"), new DReadFile(HReadFile), this); _hReadFile.ThreadACL.SetExclusiveACL(new[] { 0 }); _hWriteFile = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "WriteFile"), new DWriteFile(HWriteFile), this); _hWriteFile.ThreadACL.SetExclusiveACL(new[] { 0 }); _hFindFirstFile = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "FindFirstFileW"), new DFindFirstFileW(HFindFirstFile), this); _hFindFirstFile.ThreadACL.SetExclusiveACL(new[] { 0 }); //_hFindFirstFileA = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "FindFirstFileA"), new DFindFirstFileA(HFindFirstFileA), this); //_hFindFirstFile.ThreadACL.SetExclusiveACL(new[] { 0 }); _hSetFilePointer = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "SetFilePointer"), new DSetFilePointer(HSetFilePointer), this); _hSetFilePointer.ThreadACL.SetExclusiveACL(new[] { 0 }); _hSetFilePointerEx = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "SetFilePointerEx"), new DSetFilePointerEx(HSetFilePointerEx), this); _hSetFilePointerEx.ThreadACL.SetExclusiveACL(new[] { 0 }); _hCloseHandle = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "CloseHandle"), new DCloseHandle(HCloseHandle), this); _hCloseHandle.ThreadACL.SetExclusiveACL(new[] { 0 }); _hGetFileType = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "GetFileType"), new DGetFileType(HGetFileType), this); _hGetFileType.ThreadACL.SetExclusiveACL(new[] { 0 }); _hGetFileInformationByHandle = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "GetFileInformationByHandle"), new DGetFileInformationByHandle(HGetFileInformationByHandle), this); _hGetFileInformationByHandle.ThreadACL.SetExclusiveACL(new[] { 0 }); //_hReadFileEx = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "ReadFileEx"), new DReadFileEx(HReadFileEx), this); //_hReadFileEx.ThreadACL.SetExclusiveACL(new[] { 0 }); _hDuplicateHandle = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "DuplicateHandle"), new DDuplicateHandle(HDuplicateHandle), this); _hDuplicateHandle.ThreadACL.SetExclusiveACL(new[] { 0 }); _hCreateProcessW = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "CreateProcessW"), new DCreateProcessW(HCreateProcessW), this); _hCreateProcessW.ThreadACL.SetExclusiveACL(new[] { 0 }); _hGetFileSize = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "GetFileSize"), new DGetFileSize(HGetFileSize), this); _hGetFileSize.ThreadACL.SetExclusiveACL(new[] { 0 }); _hGetFileSizeEx = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "GetFileSizeEx"), new DGetFileSizeEx(HGetFileSizeEx), this); _hGetFileSizeEx.ThreadACL.SetExclusiveACL(new[] { 0 }); if (profile.MonitorVars != null) { new System.Threading.Thread(MonitorThread) { IsBackground = true } } .Start(profile); //System.Threading.Thread.Sleep(10000); RemoteHooking.WakeUpProcess(); System.Threading.Thread.Sleep(1000); foreach (string LL in profile.Mods.SelectMany(m => m.GetLoadLibraries())) { System.Diagnostics.Debug.WriteLine("Loading library DLL {0}", LL, 0); LoadLibrary(LL); } foreach (var mod in profile.Mods) { foreach (string LA in mod.GetLoadAssemblies()) { System.Diagnostics.Debug.WriteLine("Loading assembly DLL {0}", LA, 0); var asm = System.Reflection.Assembly.LoadFrom(LA); try { string path = mod.BaseFolder; asm.GetType("_7thHeaven.Main") .GetMethod("Init", new[] { typeof(RuntimeMod) }) .Invoke(null, new object[] { mod }); } catch { } } } foreach (var mod in profile.Mods) { foreach (string file in mod.GetPathOverrideNames("hext")) { foreach (var of in mod.GetOverrides("hext\\" + file)) { System.IO.Stream s; if (of.Archive == null) { s = new System.IO.FileStream(of.File, FileMode.Open, FileAccess.Read); } else { s = of.Archive.GetData(of.File); } System.Diagnostics.Debug.WriteLine("Applying hext patch {0} from mod {1}", file, mod.BaseFolder); try { HexPatch.Apply(s); } catch (Exception ex) { System.Diagnostics.Debug.WriteLine("Error applying patch: " + ex.Message); } } } } } catch (Exception e) {
public void Find_Invalid_Export_Module_Throws_MissingMethodException() { Assert.Throws <MissingMethodException>(() => LocalHook.GetProcAddress("UnknownModule.dll", "CreateFileW")); }
public void Find_Invalid_Export_ModuleFunction_Throws_MissingMethodException() { Assert.Throws <MissingMethodException>(() => LocalHook.GetProcAddress("UnknownModule.dll", "ThisFunctionDoesNotExist")); }
public void InitHooks() { Utility.Util.LoadLibrary("blue.dll"); Utility.Util.LoadLibrary("python27.dll"); Utility.Util.LoadLibrary("WS2_32.dll"); Utility.Util.LoadLibrary("kernel32.dll"); Utility.Util.LoadLibrary("advapi32.dll"); Utility.Util.LoadLibrary("Iphlpapi.dll"); Utility.Util.LoadLibrary("dbghelp.dll"); Utility.Util.LoadLibrary("_ctypes.pyd"); if (this.EveAccount.DX11) { Utility.Util.LoadLibrary("d3d11.dll"); } else { Utility.Util.LoadLibrary("d3d9.dll"); } Utility.Util.CheckCreateDirectorys(EveAccount.HWSettings.WindowsUserLogin); _controllerList.Add(new SHGetFolderPathAController(this.EveAccount.GetPersonalFolder(), this.EveAccount.GetAppDataFolder())); _controllerList.Add(new SHGetFolderPathWController(this.EveAccount.GetPersonalFolder(), this.EveAccount.GetAppDataFolder())); if (EveAccount.UseAdaptEve) // adapteve { EnvVars.SetEnvironment(EveAccount.HWSettings); //ip:port if (!string.IsNullOrEmpty(EveAccount.HWSettings.ProxyIP) && !EveAccount.HWSettings.ProxyIP.Equals("ip:port")) { string[] proxyIpPort = EveAccount.HWSettings.ProxyIP.Split(':'); AddController(new WinSockConnectController(LocalHook.GetProcAddress("WS2_32.dll", "connect"), proxyIpPort[0], proxyIpPort[1], EveAccount.HWSettings.ProxyUsername, EveAccount.HWSettings.ProxyPassword)); } AddController(new RegQueryValueExAController(LocalHook.GetProcAddress("advapi32.dll", "RegQueryValueExA"), EveAccount.HWSettings.WindowsKey)); AddController(new GlobalMemoryStatusController(LocalHook.GetProcAddress("kernel32.dll", "GlobalMemoryStatusEx"), EveAccount.HWSettings.TotalPhysRam)); AddController(new GetAdaptersInfoController(LocalHook.GetProcAddress("Iphlpapi.dll", "GetAdaptersInfo"), EveAccount.HWSettings.NetworkAdapterGuid, EveAccount.HWSettings.MacAddress, EveAccount.HWSettings.NetworkAddress)); if (this.EveAccount.DX11) { } else { AddController(new DX9Controller(EveAccount.HWSettings)); } AddController(new Win32Hooks.InternetConnectAController()); AddController(new Win32Hooks.InternetConnectWController()); } AddController(new Win32Hooks.IsDebuggerPresentController()); AddController(new Win32Hooks.LoadLibraryAController()); AddController(new Win32Hooks.LoadLibraryWController()); AddController(new Win32Hooks.GetModuleHandleWController()); AddController(new Win32Hooks.GetModuleHandleAController()); AddController(new Win32Hooks.EnumProcessesController()); AddController(new Win32Hooks.MiniWriteDumpController()); AddController(new Win32Hooks.CreateFileWController()); AddController(new Win32Hooks.CreateFileAController()); if (!EverythingHooked()) { MessageBox.Show("Hook error"); Environment.Exit(0); Environment.FailFast("exit"); } string hooksInit = "Charname: " + this.CharName + " -----------Hooks initialized-----------"; Win32Hooks.HookManager.Log(hooksInit); WCFClient.Instance.GetPipeProxy.SendToInjectorLog(hooksInit); }
public void Run(RemoteHooking.IContext hookingContext, bool isDebugging, string hackPath, string installPath) { try { if (isDebugging) { DebuggerApplication.Start(hackPath); while (!DebuggerApplication.IsReady) { Thread.Sleep(1); // Sleep(0) is a nono. } } Trace.IndentSize = 2; // We autoflush our trace, so we get everything immediately. This // makes tracing a bit more expensive, but means we still get a log // even if there's a fatal crash. Trace.AutoFlush = true; // Everything traced will be written to "debug.log". Trace.Listeners.Add(new TextWriterTraceListener(Path.Combine(hackPath, "debug.log"))); Trace.WriteLine("-------------------"); Trace.WriteLine(DateTime.Now); Trace.WriteLine("-------------------"); AppDomain.CurrentDomain.AssemblyResolve += (object sender, ResolveEventArgs args) => { var path = string.Empty; // extract the file name var file = string.Empty; if (args.Name.IndexOf(',') >= 0) { file = args.Name.Substring(0, args.Name.IndexOf(',')) + ".dll"; } else if (args.Name.IndexOf(".dll") >= 0) { file = Path.GetFileName(args.Name); } else { return(null); } // locate the actual file path = Directory.GetFiles(hackPath, file, SearchOption.AllDirectories).FirstOrDefault(); if (!string.IsNullOrEmpty(path)) { return(Assembly.LoadFrom(path)); } path = Directory.GetFiles(pluginsFolder, file, SearchOption.AllDirectories).FirstOrDefault(); if (!string.IsNullOrEmpty(path)) { return(Assembly.LoadFrom(path)); } return(null); }; AppDomain.CurrentDomain.ReflectionOnlyAssemblyResolve += (object sender, ResolveEventArgs args) => { var path = string.Empty; // extract the file name var file = string.Empty; if (args.Name.IndexOf(',') >= 0) { file = args.Name.Substring(0, args.Name.IndexOf(',')) + ".dll"; } else if (args.Name.IndexOf(".dll") >= 0) { file = Path.GetFileName(args.Name); } else { return(null); } // locate the actual file path = Directory.GetFiles(hackPath, file, SearchOption.AllDirectories).FirstOrDefault(); if (!string.IsNullOrEmpty(path)) { return(Assembly.ReflectionOnlyLoadFrom(path)); } path = Directory.GetFiles(pluginsFolder, file, SearchOption.AllDirectories).FirstOrDefault(); if (!string.IsNullOrEmpty(path)) { return(Assembly.ReflectionOnlyLoadFrom(path)); } return(null); }; var sw = new Stopwatch(); Trace.WriteLine("Preparing folders . . . "); Trace.Indent(); sw.Restart(); pluginsFolder = Path.Combine(hackPath, "plugins"); if (!Directory.Exists(pluginsFolder)) { Directory.CreateDirectory(pluginsFolder); } sw.Stop(); Trace.WriteLine("Install Path: " + installPath); Trace.WriteLine("Hack Path: " + hackPath); if (installPath.Equals(hackPath, StringComparison.OrdinalIgnoreCase)) { Trace.WriteLine("WARNING: Install Path and Hack Path are the same. This is not supported."); } if (File.Exists(Path.Combine(installPath, "Launcher.exe"))) { Trace.WriteLine("WARNING: Launcher.exe detected in the Warcraft III folder. This is not supported."); } if (File.Exists(Path.Combine(installPath, "Cirnix.JassNative.Runtime.dll"))) { Trace.WriteLine("WARNING: Cirnix.JassNative.Runtime.dll detected in the Warcraft III folder. This is not supported."); } Trace.WriteLine("Done! (" + sw.Elapsed.TotalMilliseconds.ToString("0.00") + " ms)"); Trace.Unindent(); Trace.WriteLine("Loading plugins from '" + pluginsFolder + "' . . ."); Trace.Indent(); sw.Restart(); PluginSystem.LoadPlugins(pluginsFolder); sw.Stop(); Trace.WriteLine("Done! (" + sw.Elapsed.TotalMilliseconds.ToString("0.00") + " ms)"); Trace.Unindent(); // Prepare the OnGameLoad hook. LoadLibraryA = Memory.InstallHook(LocalHook.GetProcAddress("kernel32.dll", "LoadLibraryA"), new Kernel32.LoadLibraryAPrototype(LoadLibraryAHook), false, true); // Everyone has had their chance to inject stuff, // time to wake up the process. RemoteHooking.WakeUpProcess(); Trace.WriteLine("WakeUpProcess Proceed!"); // Let the thread stay alive, so all hooks stay alive as well. // This might need to be shutdown properly on exit. Trace.WriteLine("Sleep Proceed!"); Thread.Sleep(Timeout.Infinite); } catch (Exception exception) { MessageBox.Show( "Fatal exception!" + Environment.NewLine + exception + Environment.NewLine + "Aborting execution!", GetType() + ".Run(...)", MessageBoxButton.OK, MessageBoxImage.Error); Process.GetCurrentProcess().Kill(); } }
public void Run( RemoteHooking.IContext InContext, String InArg1) { try { Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("user32.dll", "GetRawInputData"), new DGetRawInputData(GetRawInputData_hook), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("user32.dll", "GetRawInputDeviceInfoW"), new DGetRawInputDeviceInfo(GetRawInputDeviceInfo_hook), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("user32.dll", "GetRawInputDeviceList"), new DGetRawInputDeviceList(GetRawInputDeviceList_hook), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("user32.dll", "RegisterRawInputDevices"), new DRegisterRawInputDevices(RegisterRawInputDevices_hook), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("hid.dll", "HidP_GetCaps"), new DHidP_GetCaps(HidP_GetCaps_hook), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("hid.dll", "HidP_GetUsages"), new DHidP_GetUsages(HidP_GetUsages_hook), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("hid.dll", "HidP_GetValueCaps"), new DHidP_GetValueCaps(HidP_GetValueCaps_hook), this)); /* * Don't forget that all hooks will start deaktivated... * The following ensures that all threads are intercepted: */ foreach (LocalHook hook in Hooks) { hook.ThreadACL.SetExclusiveACL(new Int32[1]); } } catch (Exception e) { /* * Now we should notice our host process about this error... */ Interface.ReportError(RemoteHooking.GetCurrentProcessId(), Assembly.GetExecutingAssembly().GetName().Name, e); return; } // wait for host process termination... try { while (Interface.Ping(RemoteHooking.GetCurrentProcessId())) { Thread.Sleep(500); // transmit newly monitored file accesses... lock (Queue) { if (Queue.Count > 0) { String[] Package = null; Package = Queue.ToArray(); Queue.Clear(); Interface.OnFunctionsCalled(RemoteHooking.GetCurrentProcessId(), Package); } } } } catch { // NET Remoting will raise an exception if host is unreachable } }
/// <summary> /// Installs hooks into AO, and shuffles data across the Alpha Bridge. /// </summary> /// <param name="context"></param> /// <param name="channelName"></param> public void Run(RemoteHooking.IContext context, string channelName, BridgeEventType enabledHooks, int processId) { this.enabledHooks = enabledHooks; try { #region Install hooks // FrameProcess this.aoHookFrameProcess = LocalHook.Create( LocalHook.GetProcAddress("Interfaces.dll", "?FrameProcess@Client_t@@QAEXXZ"), new API.Interfaces.Client_t.AoFrameProcessDelegate(Hooks.Interfaces.Client_t.AoFrameProcess), this ); this.aoHookFrameProcess.ThreadACL.SetExclusiveACL(new int[] { 0 }); // Retrieve quest/mission locator information when uploaded to map this.aoHookGetQuestWorldPos = LocalHook.Create(LocalHook.GetProcAddress("Interfaces.dll", "?N3Msg_GetQuestWorldPos@N3InterfaceModule_t@@QBE_NABVIdentity_t@@AAV2@AAVVector3_t@@2@Z"), new API.Interfaces.N3InterfaceModule.GetQuestWorldPosDelegate(Hooks.Interfaces.N3InterfaceModule.GetQuestWorldPos), this ); this.aoHookGetQuestWorldPos.ThreadACL.SetExclusiveACL(new int[] { 0 }); #endregion } catch (Exception ex) { this.hookInterface.ReportException(ex); return; } // Notify that we've successfully installed a hook. Pass along character ID if available. this.SendBridgeEvent(new HookStateChangeEventArgs(true)); #region Push messages across Alpha Bridge try { this.hookTimer = Stopwatch.StartNew(); while (!this.aborted) { bool sendPing = true; try { sendPing = this.ProcessEventQueue(); } catch (Exception ex) { this.hookInterface.ReportException(ex); } if (sendPing) { this.hookInterface.Ping(); } // Limit to 30 updates per second. Thread.Sleep(33); } } catch (Exception ex) { try { this.hookInterface.ReportException(ex); } catch { /* Bridge is dead; Can't report exception. */ } } #endregion #region Uninstall hooks try { // Uninstall hooks if (this.aoHookFrameProcess != null) { this.aoHookFrameProcess.Dispose(); } if (this.aoHookGetQuestWorldPos != null) { this.aoHookGetQuestWorldPos.Dispose(); } } catch { } try { this.SendBridgeEvent(new HookStateChangeEventArgs(false)); this.ProcessEventQueue(); } catch { } #endregion }
public void Run( RemoteHooking.IContext InContext, String InChannelName) { // install hook... try { CreateFileHook = LocalHook.Create( LocalHook.GetProcAddress("kernel32.dll", "CreateFileW"), new DCreateFile(CreateFile_Hooked), this); CreateFileHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 }); TestHook = LocalHook.Create( LocalHook.GetProcAddress("ole32.dll", "CoCreateInstanceEx"), new DCoCreateInstanceEx(CoCreateInstanceEx_Hook), this); TestHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 }); This = this;//(Main)HookRuntimeInfo.Callback; } catch (Exception ExtInfo) { Interface.ReportException(ExtInfo); return; } Interface.IsInstalled(RemoteHooking.GetCurrentProcessId()); RemoteHooking.WakeUpProcess(); // wait for host process termination... try { while (true) { Thread.Sleep(500); if (AccessInstances.Count > 0) { uint[] Instances; lock (AccessInstances) { Instances = AccessInstances.ToArray(); uint tmp; while (AccessInstances.Count > 0) { AccessInstances.TryDequeue(out tmp); } } Interface.OnSpawnAccess(RemoteHooking.GetCurrentProcessId(), Instances); } // transmit newly monitored file accesses... if (FileQueue.Count > 0) { String[] Package = null; lock (FileQueue) { Package = FileQueue.ToArray(); string tmp; while (FileQueue.Count > 0) { FileQueue.TryDequeue(out tmp); } } Interface.OnCreateFile(RemoteHooking.GetCurrentProcessId(), Package); } else { Interface.Ping(); } } } catch { // Ping() will raise an exception if host is unreachable } }
public static void Hook() { _hook = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "GetSystemTime"), new GetSystemTimeDelegate(GetSystemTimeHooked), null); _hook.ThreadACL.SetInclusiveACL(new int[1]); }
public unsafe int SendToServer(byte[] buffer, bool junk = true) { Ws2_32.send_Delegate send = LocalHook.GetProcAddress("ws2_32.dll", "send").ToDelegate <Ws2_32.send_Delegate>(); fixed(byte *uBuffer = buffer) return(send(_socket, (IntPtr)uBuffer, buffer.Length, 0)); }
public void Find_Invalid_Export_Function_Throws_MissingMethodException() { Assert.Throws <MissingMethodException>(() => LocalHook.GetProcAddress(Interop.Libraries.Kernel32, "ThisFunctionDoesNotExist")); }
public void InstallTooManyHooks_ThrowException() { int maxHookCount = 128; List <LocalHook> hooks = new List <LocalHook>(); // Install MAX_HOOK_COUNT hooks (i.e. 128) for (var i = 0; i < maxHookCount; i++) { LocalHook lh = LocalHook.Create( LocalHook.GetProcAddress("kernel32.dll", "Beep"), new BeepDelegate(BeepHook), this); hooks.Add(lh); } // NOTE: Disposing hooks does not free the memory // need to also call NativeAPI.LhWaitForPendingRemovals() // or LocalHook.Release(); foreach (var h in hooks) { h.Dispose(); } hooks.Clear(); bool exceptionThrown = false; try { // Adding one more hook should result in System.InsufficientMemoryException hooks.Add(LocalHook.Create( LocalHook.GetProcAddress("kernel32.dll", "Beep"), new BeepDelegate(BeepHook), this)); foreach (var h in hooks) { h.Dispose(); } hooks.Clear(); } catch (System.InsufficientMemoryException) { // Correctly threw error because too many hooks exceptionThrown = true; } Assert.IsTrue(exceptionThrown, "System.InsufficientMemoryException was not thrown"); // Ensure the hooks are freed NativeAPI.LhWaitForPendingRemovals(); // Now try to install again after removals processed try { hooks.Add(LocalHook.Create( LocalHook.GetProcAddress("kernel32.dll", "Beep"), new BeepDelegate(BeepHook), this)); } catch (System.InsufficientMemoryException) { Assert.Fail("Disposing of hooks did not free room within GlobalSlotList"); } foreach (var h in hooks) { h.Dispose(); } hooks.Clear(); // Ensure the hooks are freed NativeAPI.LhWaitForPendingRemovals(); }
public void Run( EasyHook.RemoteHooking.IContext context, string channelName) { // Injection is now complete and the server interface is connected // Install hooks _server.ReportMessage("Installing hooks"); try { this.createGetInstanceHook = LocalHook.Create( LocalHook.GetProcAddress("Interfaces.dll", "?FrameProcess@Client_t@@QAEXXZ"), new Hooks.AoFrameProcessDelegate(Process.Interfaces.Client_t.AoFrameProcess), this ); _server.ReportMessage("createGetInstanceHook installed"); //this.aoHookFrameProcess = LocalHook.Create(LocalHook.GetProcAddress("Interfaces.dll", "?FrameProcess@Client_t@@QAEXXZ"),new API.Interfaces.Client_t.AoFrameProcessDelegate(Hooks.Interfaces.Client_t.AoFrameProcess), // this //); // var createGetSkillsHook = EasyHook.LocalHook.Create(EasyHook.LocalHook.GetProcAddress("Gamecode.dll", "?GetClientChar@n3EngineClientAnarchy_t@@QBEPAVSimpleChar_t@@XZ"), new GetSkills_Delegate(GetSkills_Hook), this); createGetInstanceHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 }); //createGetSkillsHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 }); EasyHook.RemoteHooking.WakeUpProcess(); IntPtr ptr = Hooks.GetInstanceIfAny(); //IntPtr name = Hooks.GetName(ptr, ) uint id = Hooks.GetPlayerID(); _server.ReportMessage("---->" + id.ToString()); try { while (true) { } /* * for(int i = 0;i < 650; i++) * { * int local = Hooks.GetSkills(ptr, i,0); * * * _server.ReportMessage(i+" "+local.ToString()); * } */ } catch (Exception e) { _server.ReportException(e); } _server.IsInstalled(EasyHook.RemoteHooking.GetCurrentProcessId()); //EasyHook.RemoteHooking.WakeUpProcess(); this.createGetInstanceHook.Dispose(); } catch (Exception e) { _server.ReportException(e); } /* * try * { * _server.ReportMessage("got here"); * while (true) * { * _server.ReportMessage("got here"); * _server.Ping(); * * Thread.Sleep(5000); * } * * } * catch(Exception e) * { * _server.ReportException(e); * } */ _server.ReportMessage("removing hook"); try { //createGetInstanceHook.Dispose(); } catch (Exception e) { _server.ReportException(e); } }
public void Run( RemoteHooking.IContext InContext, String InChannelName) { // install hook... try { LocalHook.BeginUpdate(true); CreateFileHook = LocalHook.Create( LocalHook.GetProcAddress("kernel32.dll", "CreateFileW"), new DCreateFile(CreateFile_Hooked), this); LocalHook.EndUpdate(); CreateFileHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 }); } catch (Exception ExtInfo) { Interface.ReportException(ExtInfo); return; } Interface.IsInstalled(RemoteHooking.GetCurrentProcessId()); RemoteHooking.WakeUpProcess(); // wait for host process termination... try { while (true) { Thread.Sleep(500); // transmit newly monitored file accesses... if (Queue.Count > 0) { String[] Package = null; lock (Queue) { Package = Queue.ToArray(); Queue.Clear(); } Interface.OnCreateFile(RemoteHooking.GetCurrentProcessId(), Package); } else { Interface.Ping(); } } } catch { // Ping() will raise an exception if host is unreachable } }
public void Run(RemoteHooking.IContext InContext, String InChannelName) { // install hook... try { D3DCompileHook = LocalHook.Create( LocalHook.GetProcAddress("D3Dcompiler_47.dll", "D3DCompile"), new DD3DCompile(D3DCompile_Hooked), this); D3DCompileHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 }); D3DCompile2Hook = LocalHook.Create( LocalHook.GetProcAddress("D3Dcompiler_47.dll", "D3DCompile2"), new DD3DCompile2(D3DCompile2_Hooked), this); D3DCompile2Hook.ThreadACL.SetExclusiveACL(new Int32[] { 0 }); D3DCompileFromFileHook = LocalHook.Create( LocalHook.GetProcAddress("D3Dcompiler_47.dll", "D3DCompileFromFile"), new DD3DCompileFromFile(D3DCompileFromFile_Hooked), this); D3DCompileFromFileHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 }); } catch (Exception ExtInfo) { Interface.ReportException(ExtInfo); return; } Interface.IsInstalled(RemoteHooking.GetCurrentProcessId()); System.Diagnostics.Debug.Break(); RemoteHooking.WakeUpProcess(); // wait for host process termination... try { while (true) { Thread.Sleep(500); Interface.Ping(); } } catch { // Ping() will raise an exception if host is unreachable } //Device dev; //dev = new Device(new Direct3D(), 0, DeviceType.Hardware, IntPtr.Zero, CreateFlags.HardwareVertexProcessing, new PresentParameters() { BackBufferWidth = 1, BackBufferHeight = 1 }); //IntPtr addy = dev.ComPointer; //addy = (IntPtr)Marshal.ReadInt32(addy); //addy = (IntPtr)((int)addy + 0xA8); //addy = (IntPtr)Marshal.ReadInt32(addy); //EndSceneHooker = LocalHook.Create((IntPtr)addy, new DEndScene(EndSceneHook), this); //EndSceneHooker.ThreadACL.SetExclusiveACL(new Int32[] { 0 }); //while (true) //{ //} }
void BeginHook() { CreateBufferHook = LocalHook.Create(LocalHook.GetProcAddress("opengl32.dll", "wglSwapBuffers"), new DwglSwapBuffers(SwapBuffers_Hooked), this); CreateBufferHook.ThreadACL.SetExclusiveACL(new[] { 0 }); }
public void InitHooks() { Utility.LoadLibrary("WS2_32.dll"); Log(LocalHook.GetProcAddress("WS2_32.dll", "connect").ToString()); AddController(new WinSockConnectController(LocalHook.GetProcAddress("WS2_32.dll", "connect"), "127.0.0.1", "1337", "username", "password")); }
/// <summary> /// Initializes a new instance of the <see cref="SpeedHackInterface" /> class. /// </summary> public SpeedHackInterface() { SpeedHackInterface.QueryPerformanceCounter(out queryPerformanceBase); this.Hook = LocalHook.Create(LocalHook.GetProcAddress("kernel32.dll", "QueryPerformanceCounter"), new QueryPerformanceCounter2(QueryPerformanceCounter3), this); }
public InterfaceManager(Dalamud dalamud, SigScanner scanner) { this.dalamud = dalamud; try { var sigResolver = new SwapChainSigResolver(); sigResolver.Setup(scanner); Log.Verbose("Found SwapChain via signatures."); Address = sigResolver; } catch (Exception ex) { // The SigScanner method fails on wine/proton since DXGI is not a real DLL. We fall back to vtable to detect our Present function address. Log.Debug(ex, "Could not get SwapChain address via sig method, falling back to vtable..."); var vtableResolver = new SwapChainVtableResolver(); vtableResolver.Setup(scanner); Log.Verbose("Found SwapChain via vtable."); Address = vtableResolver; } try { var rtss = NativeFunctions.GetModuleHandle("RTSSHooks64.dll"); if (rtss != IntPtr.Zero) { var fileName = new StringBuilder(255); NativeFunctions.GetModuleFileName(rtss, fileName, fileName.Capacity); this.rtssPath = fileName.ToString(); Log.Verbose("RTSS at {0}", this.rtssPath); if (!NativeFunctions.FreeLibrary(rtss)) { throw new Win32Exception(); } } } catch (Exception e) { Log.Error(e, "RTSS Free failed"); } var setCursorAddr = LocalHook.GetProcAddress("user32.dll", "SetCursor"); Log.Verbose("===== S W A P C H A I N ====="); Log.Verbose("SetCursor address {SetCursor}", setCursorAddr); Log.Verbose("Present address {Present}", Address.Present); Log.Verbose("ResizeBuffers address {ResizeBuffers}", Address.ResizeBuffers); this.setCursorHook = new Hook <SetCursorDelegate>(setCursorAddr, new SetCursorDelegate(SetCursorDetour), this); this.presentHook = new Hook <PresentDelegate>(Address.Present, new PresentDelegate(PresentDetour), this); this.resizeBuffersHook = new Hook <ResizeBuffersDelegate>(Address.ResizeBuffers, new ResizeBuffersDelegate(ResizeBuffersDetour), this); }
public void Run( RemoteHooking.IContext InContext, String InArg1) { bool succeed = false; try { //xinput1_3.dll Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_3.dll", "XInputEnable"), new DXInputEnable(XInputEnable_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_3.dll", "XInputGetBatteryInformation"), new DXInputGetBatteryInformation(XInputGetBatteryInformation_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_3.dll", "XInputGetCapabilities"), new DXInputGetCapabilities(XInputGetCapabilities_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_3.dll", "XInputGetDSoundAudioDeviceGuids"), new DXInputGetDSoundAudioDeviceGuids(XInputGetDSoundAudioDeviceGuids_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_3.dll", "XInputGetKeystroke"), new DXInputGetKeystroke(XInputGetKeystroke_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_3.dll", "XInputGetState"), new DXInputGetState(XInputGetState_Hooked), this)); /* Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_3.dll", "XInputGetStateEx"), * new DXInputGetStateEx(XInputGetStateEx_Hooked), * this));*/ Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_3.dll", "XInputSetState"), new DXInputSetState(XInputSetState_Hooked), this)); /* Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_3.dll", "XInputSetStateEx"), * new DXInputSetStateEx(XInputSetStateEx_Hooked), * this));*/ /* * Don't forget that all hooks will start deaktivated... * The following ensures that all threads are intercepted: */ foreach (LocalHook hook in Hooks) { hook.ThreadACL.SetExclusiveACL(new Int32[1]); } succeed = true; } catch (Exception e) { Interface.ReportError(RemoteHooking.GetCurrentProcessId(), "xinput1_3.dll", e); Hooks.Clear(); } try { if (!succeed) { //xinput1_1.dll Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_1.dll", "XInputEnable"), new DXInputEnable(XInputEnable_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_1.dll", "XInputGetCapabilities"), new DXInputGetCapabilities(XInputGetCapabilities_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_1.dll", "XInputGetDSoundAudioDeviceGuids"), new DXInputGetDSoundAudioDeviceGuids(XInputGetDSoundAudioDeviceGuids_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_1.dll", "XInputGetState"), new DXInputGetState(XInputGetState_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_1.dll", "XInputSetState"), new DXInputSetState(XInputSetState_Hooked), this)); foreach (LocalHook hook in Hooks) { hook.ThreadACL.SetExclusiveACL(new Int32[1]); } succeed = true; } } catch (Exception e) { Interface.ReportError(RemoteHooking.GetCurrentProcessId(), "xinput1_1.dll", e); Hooks.Clear(); } try { if (!succeed) { //xinput1_2.dll Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_2.dll", "XInputEnable"), new DXInputEnable(XInputEnable_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_2.dll", "XInputGetCapabilities"), new DXInputGetCapabilities(XInputGetCapabilities_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_2.dll", "XInputGetDSoundAudioDeviceGuids"), new DXInputGetDSoundAudioDeviceGuids(XInputGetDSoundAudioDeviceGuids_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_2.dll", "XInputGetState"), new DXInputGetState(XInputGetState_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_2.dll", "XInputSetState"), new DXInputSetState(XInputSetState_Hooked), this)); foreach (LocalHook hook in Hooks) { hook.ThreadACL.SetExclusiveACL(new Int32[1]); } succeed = true; } } catch (Exception e) { Interface.ReportError(RemoteHooking.GetCurrentProcessId(), "xinput1_2.dll", e); Hooks.Clear(); } try { if (!succeed) { //xinput1_4.dll Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_4.dll", "XInputEnable"), new DXInputEnable(XInputEnable_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_4.dll", "XInputGetBatteryInformation"), new DXInputGetBatteryInformation(XInputGetBatteryInformation_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_4.dll", "XInputGetCapabilities"), new DXInputGetCapabilities(XInputGetCapabilities_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_4.dll", "XInputGetDSoundAudioDeviceGuids"), new DXInputGetDSoundAudioDeviceGuids(XInputGetDSoundAudioDeviceGuids_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_4.dll", "XInputGetKeystroke"), new DXInputGetKeystroke(XInputGetKeystroke_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_4.dll", "XInputGetState"), new DXInputGetState(XInputGetState_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput1_4.dll", "XInputSetState"), new DXInputSetState(XInputSetState_Hooked), this)); foreach (LocalHook hook in Hooks) { hook.ThreadACL.SetExclusiveACL(new Int32[1]); } succeed = true; } } catch (Exception e) { Interface.ReportError(RemoteHooking.GetCurrentProcessId(), "xinput1_4.dll", e); Hooks.Clear(); } try { if (!succeed) { //xinput9_1_0.dll Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput9_1_0.dll", "XInputGetCapabilities"), new DXInputGetCapabilities(XInputGetCapabilities_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput9_1_0.dll", "XInputGetDSoundAudioDeviceGuids"), new DXInputGetDSoundAudioDeviceGuids(XInputGetDSoundAudioDeviceGuids_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput9_1_0.dll", "XInputGetState"), new DXInputGetState(XInputGetState_Hooked), this)); Hooks.Add(LocalHook.Create(LocalHook.GetProcAddress("xinput9_1_0.dll", "XInputSetState"), new DXInputSetState(XInputSetState_Hooked), this)); foreach (LocalHook hook in Hooks) { hook.ThreadACL.SetExclusiveACL(new Int32[1]); } succeed = true; } } catch (Exception e) { Interface.ReportError(RemoteHooking.GetCurrentProcessId(), Assembly.GetExecutingAssembly().GetName().Name, e); } if (!succeed) { return; } // wait for host process termination... try { while (Interface.Ping(RemoteHooking.GetCurrentProcessId())) { Thread.Sleep(500); // transmit newly monitored file accesses... lock (Queue) { if (Queue.Count > 0) { String[] Package = null; Package = Queue.ToArray(); Queue.Clear(); Interface.OnFunctionsCalled(RemoteHooking.GetCurrentProcessId(), Package); } } } } catch { // NET Remoting will raise an exception if host is unreachable } }