C# (CSharp) NktSpyMgr 예제들

예제 #1

        static void Main(string[] args)
        {
            spyMgr = new NktSpyMgr();
            if (spyMgr.Initialize() < 0)
            {
                Console.WriteLine("ERROR: Cannot initialize Deviare engine");
                return;
            }
            spyMgr.OnCreateProcessCall += new DNktSpyMgrEvents_OnCreateProcessCallEventHandler(spyMgr_OnCreateProcessCall);
            spyMgr.OnLoadLibraryCall   += new DNktSpyMgrEvents_OnLoadLibraryCallEventHandler(spyMgr_OnLoadLibraryCall);

            KillRunningInternetExplorerInstances();

            if (LaunchAndHookInternetExplorer() == false)
            {
                Console.WriteLine("ERROR: Unable to launch Microsoft Internet Explorer");
                return;
            }

            Console.Write("Close IE or press any key to quit...");
            while (procIE.get_IsActive(100) != false)
            {
                if (Console.KeyAvailable != false)
                {
                    Console.ReadKey(true);
                    break;
                }
            }
            Console.WriteLine("");
        }

예제 #2

파일: HookEngine.cs 프로젝트: llenroc/SQLSvrIntercept

        public HookEngine(bool blockQuery)
        {
            _blockQuery = blockQuery;

            _spyMgr = new Nektra.Deviare2.NktSpyMgr();
            string asmPath = AppDomain.CurrentDomain.BaseDirectory;
            string licFullPath = asmPath + "\\license.txt";

            Console.WriteLine("--- Checking {0}...", licFullPath);

            string licKey = "";
            if (!LoadLicenseKey(licFullPath, ref licKey))
            {
                Console.WriteLine("(!) Cannot load license from file.");
            }
            else
            {
                Console.WriteLine("--- Using Deviare license file.");
                _spyMgr.LicenseKey = licKey;
            }

            Console.WriteLine("--- Setting database path to {0}", asmPath);
            _spyMgr.DatabasePath = asmPath;

            if ( System.IO.File.Exists(asmPath + "\\deviare32.db") == false
                || System.IO.File.Exists(asmPath + "\\deviare64.db") == false)
            {
                throw new DeviareDBNotFoundException();
            }
        }

예제 #3

 public void WorkThreadFunction()
 {
     _spyMgr            = new NktSpyMgr();
     _spyMgr.LicenseKey = Properties.Resources.License;
     _spyMgr.Initialize();
     _spyMgr.OnFunctionCalled += new DNktSpyMgrEvents_OnFunctionCalledEventHandler(OnFunctionCalled);
 }

예제 #4

파일: Program.cs 프로젝트: zelorun/Deviare2

        static void Main(string[] args)
        {
            Int32 notepadPID;

            spyMgr = new NktSpyMgr();
            if (spyMgr.Initialize() < 0)
            {
                Console.WriteLine("Cannot initialize Deviare");
                return;
            }

            notepadPID = LaunchNotepadAndGetPid();
            if (notepadPID == 0)
            {
                Console.WriteLine("Cannot launch notepad.");
                return;
            }

            //in first place, hook DllGetClassObject of the target dll/ocx
            hookDllGetClassObj = spyMgr.CreateHook("shell32.dll!DllGetClassObject", (int)eNktHookFlags.flgOnlyPostCall);
            hookDllGetClassObj.Attach(notepadPID, true);
            hookDllGetClassObj.Hook(true);
            hookDllGetClassObj.OnFunctionCalled += OnDllGetClassObjectCalled;

            Console.WriteLine("Press ESCAPE key to quit...");
            while (Console.ReadKey(true).KeyChar != 27)
            {
                ;
            }
        }

예제 #5

        public HookEngine(bool blockQuery)
        {
            _blockQuery = blockQuery;

            _spyMgr = new Nektra.Deviare2.NktSpyMgr();
            string asmPath     = AppDomain.CurrentDomain.BaseDirectory;
            string licFullPath = asmPath + "\\license.txt";

            Console.WriteLine("--- Checking {0}...", licFullPath);

            string licKey = "";

            if (!LoadLicenseKey(licFullPath, ref licKey))
            {
                Console.WriteLine("(!) Cannot load license from file.");
            }
            else
            {
                Console.WriteLine("--- Using Deviare license file.");
                _spyMgr.LicenseKey = licKey;
            }

            Console.WriteLine("--- Setting database path to {0}", asmPath);
            _spyMgr.DatabasePath = asmPath;

            if (System.IO.File.Exists(asmPath + "\\deviare32.db") == false ||
                System.IO.File.Exists(asmPath + "\\deviare64.db") == false)
            {
                throw new DeviareDBNotFoundException();
            }
        }

예제 #6

파일: Form1.cs 프로젝트: jevey/vtbl-ida-pro-plugin

 public void WorkThreadFunction()
 {
     _spyMgr = new NktSpyMgr();
     _spyMgr.LicenseKey = Properties.Resources.License;
     _spyMgr.Initialize();
     _spyMgr.OnFunctionCalled += new DNktSpyMgrEvents_OnFunctionCalledEventHandler(OnFunctionCalled);
 }

예제 #7

파일: Program.cs 프로젝트: subTee/Deviare2

        static void Main(string[] args)
        {
            Int32 notepadPID;

            spyMgr = new NktSpyMgr();
            if (spyMgr.Initialize() < 0)
            {
                Console.WriteLine("Cannot initialize Deviare");
                return;
            }

            notepadPID = LaunchNotepadAndGetPid();
            if (notepadPID == 0)
            {
                Console.WriteLine("Cannot launch notepad.");
                return;
            }

            //in first place, hook DllGetClassObject of the target dll/ocx
            hookDllGetClassObj = spyMgr.CreateHook("shell32.dll!DllGetClassObject", (int)eNktHookFlags.flgOnlyPostCall);
            hookDllGetClassObj.Attach(notepadPID, true);
            hookDllGetClassObj.Hook(true);
            hookDllGetClassObj.OnFunctionCalled += OnDllGetClassObjectCalled;

            Console.WriteLine("Press ESCAPE key to quit...");
            while (Console.ReadKey(true).KeyChar != 27);
        }

예제 #8

파일: Form1.cs 프로젝트: srw/video-speed-control-flash-html5-desktop-deviare-hooking-sample

        public Form1()
        {
            InitializeComponent();

            _spyMgr = new NktSpyMgr();
            _spyMgr.Initialize();
            _spyMgr.OnFunctionCalled += new DNktSpyMgrEvents_OnFunctionCalledEventHandler(OnFunctionCalled);
        }

예제 #9

        public Form1()
        {
            InitializeComponent();

            _spyMgr = new NktSpyMgr();
            _spyMgr.Initialize();
            _spyMgr.OnFunctionCalled += new DNktSpyMgrEvents_OnFunctionCalledEventHandler(OnFunctionCalled);
        }

예제 #10

파일: HookingManager.cs 프로젝트: nektra/improving-deviare-hooking-performance-with-custom-hooks

        public HookingManager()
        {
            string current_directory = Directory.GetCurrentDirectory();
            this._custom_handler_path = Path.Combine(current_directory, this._custom_handler_relative_path);

            this._spyMgr = new NktSpyMgr();
            this._spyMgr.Initialize();
            this._spyMgr.OnFunctionCalled += new DNktSpyMgrEvents_OnFunctionCalledEventHandler(_spyMgr_OnFunctionCalled);
        }

예제 #11

파일: SpyManager.cs 프로젝트: zelorun/Deviare2

        public SpyManager(NktSpyMgr aSpyMgr)
        {
            _manager = aSpyMgr;
            InitializeHooksByProcesses();
            _cachedDbModulesByPlatformBits = new EntityDictionary <int, int, Module[]>(platformBits => platformBits, RetrieveModulesFromDB);

            InitializeSpyManager();
            StartDeviareWorker();
        }

예제 #12

파일: SpyManager.cs 프로젝트: subTee/Deviare2

        public SpyManager(NktSpyMgr aSpyMgr)
        {
            _manager = aSpyMgr;
            InitializeHooksByProcesses();
            _cachedDbModulesByPlatformBits = new EntityDictionary<int, int, Module[]>(platformBits => platformBits, RetrieveModulesFromDB);

            InitializeSpyManager();
            StartDeviareWorker();
        }

예제 #13

 public SpyManager()
 {
     spyMgr            = new NktSpyMgr();
     lstIDs            = new List <int>();
     processTerminated = new AutoResetEvent(false);
     InitializedEvent  = new ManualResetEvent(false);
     shutdownEvent     = new ManualResetEvent(false);
     Init();
     InitializedEvent.WaitOne();
 }

예제 #14

파일: Form1.cs 프로젝트: nektra/Direct3D-Invisible-Walls

        public Form1()
        {
            InitializeComponent();

            _spyMgr = new NktSpyMgr();
            _spyMgr.Initialize();
            _spyMgr.OnFunctionCalled += new DNktSpyMgrEvents_OnFunctionCalledEventHandler(OnFunctionCalled);

            _process = _spyMgr.CreateProcess(@"C:\Program Files\Microsoft Games\Chess\Chess.exe", true, out continueevent);
        }

예제 #15

파일: Form1.cs 프로젝트: nektra/Direct3D-Invisible-Walls

        public Form1()
        {
            InitializeComponent();

            _spyMgr = new NktSpyMgr();
            _spyMgr.Initialize();
            _spyMgr.OnFunctionCalled += new DNktSpyMgrEvents_OnFunctionCalledEventHandler(OnFunctionCalled);

            _process = _spyMgr.CreateProcess(@"C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D\Bin\x86\SkinnedMesh.exe", true, out continueevent);
        }

예제 #16

파일: HookingManager.cs 프로젝트: xornand/improving-deviare-hooking-performance-with-custom-hooks

        public HookingManager()
        {
            string current_directory = Directory.GetCurrentDirectory();

            this._custom_handler_path = Path.Combine(current_directory, this._custom_handler_relative_path);

            this._spyMgr = new NktSpyMgr();
            this._spyMgr.Initialize();
            this._spyMgr.OnFunctionCalled += new DNktSpyMgrEvents_OnFunctionCalledEventHandler(_spyMgr_OnFunctionCalled);
        }

예제 #17

파일: ProcessWatcher.cs 프로젝트: aroes/cryptaware

 public ProcessWatcher()
 {
     pWatcher = this;
     this.UI  = FormInterface.GetInstance();
     //Initialize spy manager
     spyMgr = new NktSpyMgr();
     spyMgr.Initialize();
     //Keeps all the hookmanagers with their process IDs
     hManagers = new Dictionary <int, HookManager>();
 }

예제 #18

 public PrintLogger()
 {
     InitializeComponent();
     _spyMgr = new NktSpyMgr();
     _spyMgr.Initialize();
     _spyMgr.OnFunctionCalled += new DNktSpyMgrEvents_OnFunctionCalledEventHandler(OnFunctionCalled);
     GetProcess("spoolsv.exe");
     if (_process == null)
     {
         MessageBox.Show("Please start \"spoolsv.exe\" before!", "Error");
         Environment.Exit(0);
     }
 }

예제 #19

파일: PrintLogger.cs 프로젝트: subTee/Deviare2

        public PrintLogger()
        {
            InitializeComponent();

            _spyMgr = new NktSpyMgr();
            _spyMgr.Initialize();
            _spyMgr.OnFunctionCalled += new DNktSpyMgrEvents_OnFunctionCalledEventHandler(OnFunctionCalled);

            GetProcess("spoolsv.exe");
            if (_process == null)
            {
                MessageBox.Show("Please start \"spoolsv.exe\" before!", "Error");
                Environment.Exit(0);
            }
        }

예제 #20

        public WriteFileHooker(string proccessName)
        {
            _spyMgr = new NktSpyMgr();
            _spyMgr.Initialize();
            _spyMgr.OnFunctionCalled += new DNktSpyMgrEvents_OnFunctionCalledEventHandler(OnWriteFileCalled);

            GetProcess(proccessName);
            if (_process == null)
            {
                //TODO: 没有监听进程时怎么办
                //Environment.Exit(0);
                throw new Exception("没找到进程" + proccessName);
            }

            NktHook hook = _spyMgr.CreateHook("Kernel32.dll!WriteFile", (int)(eNktHookFlags.flgOnlyPostCall & eNktHookFlags.flgRestrictAutoHookToSameExecutable));

            hook.Hook(true);
            hook.Attach(_process, true);

            processHandle = WinApi.OpenProcess(WinEnum.PROCESS_WM_READ | WinEnum.PROCESS_DUP_HANDLE, false, _process.Id);
        }

예제 #21

 public DvPrinter()
 {
     _spyMgr = new NktSpyMgr();
     _spyMgr.Initialize();
 }

예제 #22

 public static int GetLastErrorCode(this NktSpyMgr nktSpyMgr)
 {
     return(GetLastErrorCode());
 }