private bool InstallHookInternal(int processId)
{
try
{
var parameter = new HookParameter
{
Msg = "已经成功注入目标进程",
HostProcessId = RemoteHooking.GetCurrentProcessId()
};
RemoteHooking.Inject(
processId,
InjectionOptions.Default,
typeof(HookParameter).Assembly.Location,
typeof(HookParameter).Assembly.Location,
string.Empty,
parameter
);
}
catch (Exception ex)
{
Debug.Print(ex.ToString());
return(false);
}
injectButton.Enabled = false;
deattachBtn.Enabled = true;
return(true);
}
bool InjectPayload(Process proc, string injectionLibrary)
{
string channelName = null;
RemoteHooking.IpcCreateServer <InjectorInterface>(ref channelName, WellKnownObjectMode.Singleton);
var parameter = new EntryPointParameters
{
Message = "Test Message",
HostProcessId = RemoteHooking.GetCurrentProcessId(),
ScreenWidth = 640,
ScreenHeight = 480
};
try
{
RemoteHooking.Inject(
proc.Id,
InjectionOptions.Default | InjectionOptions.DoNotRequireStrongName,
injectionLibrary,
injectionLibrary,
channelName,
parameter
);
return(true);
}
catch (Exception ex)
{
return(false);
}
}
public void Run(RemoteHooking.IContext context,
string channelName,
SoftwallRule[] softwallRules)
{
try
{
swapBuffersHook = LocalHook.Create(
LocalHook.GetProcAddress(gdiDll, "SwapBuffers"),
new SwapBuffersHandler(OnSwapBuffers),
this);
mallocHook = LocalHook.Create(
LocalHook.GetProcAddress(vcrDll, "malloc"),
new MallocHandler(OnMalloc),
this);
callocHook = LocalHook.Create(
LocalHook.GetProcAddress(vcrDll, "calloc"),
new CallocHandler(OnCalloc),
this);
reallocHook = LocalHook.Create(
LocalHook.GetProcAddress(vcrDll, "realloc"),
new ReallocHandler(OnRealloc),
this);
freeHook = LocalHook.Create(
LocalHook.GetProcAddress(vcrDll, "free"),
new FreeHandler(OnFree),
this);
Int32[] excludedThreads = new Int32[] { RemoteHooking.GetCurrentThreadId() };
foreach (LocalHook hook in new LocalHook[] { swapBuffersHook, mallocHook, callocHook, reallocHook, freeHook })
{
hook.ThreadACL.SetExclusiveACL(excludedThreads);
}
}
catch (Exception ex)
{
MessageBox.Show("Exception: " + ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
RemoteHooking.WakeUpProcess();
int myPid = RemoteHooking.GetCurrentProcessId();
try
{
manager.Ping(myPid);
while (true)
{
Thread.Sleep(500);
ProcessAllocations();
manager.Ping(myPid);
}
}
catch (Exception ex)
{
MessageBox.Show("Exception: " + ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
MessageBox.Show("Terminating", "oHeapAgent", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
private void WaitForHostProcessTermination()
{
try
{
while (true)
{
Thread.Sleep(500);
// transmit newly monitored file accesses
if (m_queue.Count > 0)
{
string[] package;
lock (m_lockObject)
{
package = m_queue.ToArray();
m_queue.Clear();
}
m_hookInterface.OnWriteConsole(RemoteHooking.GetCurrentProcessId(), package);
}
else
{
m_hookInterface.Ping();
}
}
}
catch
{
// Ping() will raise an exception if host is unreachable
}
}
/// <summary>
///
/// </summary>
public void Hook()
{
id3dDeviceFunctionAddresses = new List <IntPtr>();
using (Direct3D d3d = new Direct3D())
{
using (var renderForm = new System.Windows.Forms.Form())
{
using (deviceGlobal = new Device(d3d, 0, DeviceType.NullReference, IntPtr.Zero, CreateFlags.HardwareVertexProcessing, new PresentParameters()
{
BackBufferWidth = 1, BackBufferHeight = 1, DeviceWindowHandle = renderForm.Handle
}))
{
id3dDeviceFunctionAddresses.AddRange(GetVTblAddresses(deviceGlobal.NativePointer, D3D9_DEVICE_METHOD_COUNT));
}
}
}
Direct3DDevice_EndSceneHook = LocalHook.Create(id3dDeviceFunctionAddresses[(int)Direct3DDevice9FunctionOrdinals.EndScene], new Direct3D9Device_EndSceneDelegate(EndSceneHook), this);
Direct3DDevice_EndSceneHook.ThreadACL.SetExclusiveACL(new Int32[1]);
Direct3DDevice_IndexPrimitiveHook = LocalHook.Create(id3dDeviceFunctionAddresses[(int)Direct3DDevice9FunctionOrdinals.DrawIndexedPrimitive], new Direct3D9Device_IndexPrimitiveDelegate(DrawIndexedPrimitiveHook), this);
Direct3DDevice_IndexPrimitiveHook.ThreadACL.SetExclusiveACL(new Int32[1]);
Interface.Text("DEBUG: Hooking game.." + RemoteHooking.GetCurrentProcessId().ToString());
}
public void Run(RemoteHooking.IContext context, string channelName)
{
Stealther stealther = null;
try
{
Server.IsInstalled(RemoteHooking.GetCurrentProcessId());
RemoteHooking.WakeUpProcess();
if (DetectDirectXVersion())
{
device.InstallHook();
}
stealther = new Stealther();
}
catch (Exception e)
{
Server.ReportException(e);
}
while (Server.RunLibrary)
{
Thread.Sleep(500);
}
stealther?.Dispose();
device?.UninstallHook();
LocalHook.Release();
Server.DebugMessage("Hooks uninstalled, you can close app!");
}
private static bool InstallHookInternal(int processId)
{
try
{
var parameter = new HookParameter
{
Msg = "Целевой процесс успешно внедрен",
HostProcessId = RemoteHooking.GetCurrentProcessId()
};
RemoteHooking.Inject(
processId,
InjectionOptions.Default,
typeof(HookParameter).Assembly.Location,
typeof(HookParameter).Assembly.Location,
string.Empty,
parameter
);
}
catch (Exception ex)
{
Debug.Print(ex.ToString());
return(false);
}
return(true);
}
private bool InstallHookInternal(int processId)
{
try
{
var parameter = new HookParameter
{
Msg = "已经成功注入目标进程",
HostProcessId = RemoteHooking.GetCurrentProcessId()
};
serverInterface = new HookServer();
string channelName = null;
RemoteHooking.IpcCreateServer <HookServer>(ref channelName, System.Runtime.Remoting.WellKnownObjectMode.Singleton, serverInterface);
RemoteHooking.Inject(
processId,
InjectionOptions.Default,
typeof(HookParameter).Assembly.Location,
typeof(HookParameter).Assembly.Location,
channelName,
parameter
);
}
catch (Exception ex)
{
Debug.Print(ex.ToString());
return(false);
}
injectButton.Enabled = false;
deattachBtn.Enabled = true;
return(true);
}
public void Run(
RemoteHooking.IContext aInContext,
String aInArg1)
{
_interface.Ping(RemoteHooking.GetCurrentProcessId(), "Payload installed. Running payload loop.");
foreach (var xinputVersion in Enum.GetValues(typeof(XInputVersion)))
{
try
{
_interface.Ping(RemoteHooking.GetCurrentProcessId(), $"Trying to hook {xinputVersion}.dll");
_xinputSetStateHookObj = LocalHook.Create(
LocalHook.GetProcAddress($"{xinputVersion}.dll", "XInputSetState"),
new XInputSetStateDelegate(XInputSetStateHookFunc),
null);
_hookedVersion = (XInputVersion)xinputVersion;
_interface.Ping(RemoteHooking.GetCurrentProcessId(), $"Hooked {xinputVersion}.dll");
break;
}
catch
{
// noop
_interface.Ping(RemoteHooking.GetCurrentProcessId(), $"Hooking {xinputVersion}.dll failed");
}
}
if (_xinputSetStateHookObj == null)
{
_interface.ReportError(RemoteHooking.GetCurrentProcessId(), new Exception("No viable DLL to hook, payload exiting"));
return;
}
// Set hook for all threads.
_xinputSetStateHookObj.ThreadACL.SetExclusiveACL(new Int32[1]);
try
{
while (_interface.Ping(RemoteHooking.GetCurrentProcessId(), ""))
{
Thread.Sleep(1);
if (_messageQueue.Count > 0)
{
lock (_messageQueue)
{
_interface.Report(RemoteHooking.GetCurrentProcessId(), _messageQueue);
_messageQueue.Clear();
}
}
if (_ex != null)
{
_interface.ReportError(RemoteHooking.GetCurrentProcessId(), _ex);
break;
}
}
}
catch (Exception e)
{
_interface.ReportError(RemoteHooking.GetCurrentProcessId(), e);
}
_interface.Ping(RemoteHooking.GetCurrentProcessId(), "Exiting payload loop");
_interface.Exit();
}
public void Run(RemoteHooking.IContext context, string channelName, EntryPointParameters parameter)
{
try
{
using (var extractArchiveHook = LocalHook.Create(LocalHook.GetProcAddress("mia.lib", "ExtractArchive"),
new ExtractArchiveFnPtr(ExtractArchive_Hooked),
this))
{
// Don't forget that all hooks will start deactivated.
// The following ensures that all threads are intercepted:
extractArchiveHook.ThreadACL.SetExclusiveACL(new int[1]);
_remoteObject.TriggerInjectionEvent(RemoteHooking.GetCurrentProcessId());
_remoteObject.TriggerMessageEvent(parameter.Message);
while (true)
{
Thread.Sleep(TimeSpan.FromMilliseconds(100));
_remoteObject.TriggerPingEvent();
}
}
}
catch (Exception e)
{
// We should notice our host process about this error
_remoteObject.TriggerExceptionEvent(e);
}
finally
{
_remoteObject.TriggerExitEvent();
}
}
private static bool InstallHookInternal(int processId, string path)
{
try
{
var parameter = new HookParameter
{
Msg = "已经成功注入目标进程",
HostProcessId = RemoteHooking.GetCurrentProcessId()
};
RemoteHooking.Inject(
processId,
InjectionOptions.Default,
path,
path,
string.Empty,
parameter
);
}
catch (Exception ex)
{
Debug.Print(ex.ToString());
return(false);
}
return(true);
}
public void Run(
RemoteHooking.IContext InContext,
String InArg1)
{
try
{
LocalHook.BeginUpdate(false);
{
CreateFileHook = LocalHook.Create(
LocalHook.GetProcAddress("kernel32.dll", "CreateFileW"),
new DCreateFile(CreateFile_Hooked),
this);
}
LocalHook.EndUpdate();
/*
* Don't forget that all hooks will start deaktivated...
* The following ensures that all threads are intercepted:
*/
CreateFileHook.ThreadACL.SetExclusiveACL(new Int32[1]);
}
catch (Exception e)
{
/*
* Now we should notice our host process about this error...
*/
Interface.ReportError(RemoteHooking.GetCurrentProcessId(), e);
return;
}
// wait for host process termination...
try
{
while (Interface.Ping(RemoteHooking.GetCurrentProcessId()))
{
Thread.Sleep(500);
// transmit newly monitored file accesses...
if (Queue.Count > 0)
{
String[] Package = null;
lock (Queue)
{
Package = Queue.ToArray();
Queue.Clear();
}
Interface.OnCreateFile(RemoteHooking.GetCurrentProcessId(), Package);
}
}
}
catch
{
// NET Remoting will raise an exception if host is unreachable
}
}
public void Run(RemoteHooking.IContext context, string channelName)
{
server.IsClientInstalled(RemoteHooking.GetCurrentProcessId());
var shellExecuteHook = LocalHook.Create(
LocalHook.GetProcAddress("shell32.dll", "ShellExecuteExW"),
new ShellExecuteExDelegate(ShellExecuteExHook),
this);
shellExecuteHook.ThreadACL.SetExclusiveACL(new int[] { 0 });
RemoteHooking.WakeUpProcess();
server.ReportMessage("Injected to osu! process");
try
{
// Loop until closes (i.e. IPC fails)
while (true)
{
System.Threading.Thread.Sleep(500);
server.Ping();
}
}
catch
{
// Ping() or ReportMessages() will raise an exception if host is unreachable
}
shellExecuteHook.Dispose();
LocalHook.Release();
}
public Main(RemoteHooking.IContext context, string channelName, VisualRenderType visualRenderType)
{
_visualRenderType = visualRenderType;
// Connect to server object using provided channel name
var @interface = RemoteHooking.IpcConnectClient <InjectorInterface>(channelName);
Process = Process.GetProcessById(RemoteHooking.GetCurrentProcessId());
foreach (ProcessModule processModule in Process.Modules)
{
try
{
ModuleInfos.Add(processModule.ModuleName,
new ModuleInfo
{
Name = processModule.ModuleName,
MemorySize = processModule.ModuleMemorySize,
Address = processModule.BaseAddress
});
}
catch
{
// ignored
}
}
// If Ping fails then the Run method will be not be called
@interface.Ping();
}
// =====================
public void Run(
RemoteHooking.IContext InContext,
String InChannelName)
{
// install hook...
try
{
InterceptDNSHook = LocalHook.Create(
LocalHook.GetProcAddress("WS2_32.dll", "GetAddrInfoW"),
new DInterceptDNS(InterceptDNS_Hooked),
this);
InterceptDNSHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 });
}
catch (Exception ExtInfo)
{
Interface.ReportException(ExtInfo);
return;
}
Interface.IsInstalled(RemoteHooking.GetCurrentProcessId());
RemoteHooking.WakeUpProcess();
// wait for host process termination...
try
{
while (true)
{
Thread.Sleep(500);
// transmit newly monitored messages ...
if (Queue1.Count > 0)
{
String[] Package = null;
lock (Queue1)
{
Package = Queue1.ToArray();
Queue1.Clear();
}
Interface.OnInterceptDNS(RemoteHooking.GetCurrentProcessId(), Package);
}
else
{
Interface.Ping();
}
}
}
catch
{
// Ping() will raise an exception if host is unreachable
}
finally
{
}
}
// this is where we are intercepting all file accesses!
static IntPtr CreateFile_Hooked(
String InFileName,
UInt32 InDesiredAccess,
UInt32 InShareMode,
IntPtr InSecurityAttributes,
UInt32 InCreationDisposition,
UInt32 InFlagsAndAttributes,
IntPtr InTemplateFile)
{
try
{
Main This = (Main)HookRuntimeInfo.Callback;
lock (This.Queue)
{
This.Queue.Push("[" + RemoteHooking.GetCurrentProcessId() + ":" +
RemoteHooking.GetCurrentThreadId() + "]: \"" + InFileName + "\"");
}
}
catch
{
}
// call original API...
return(CreateFile(
InFileName,
InDesiredAccess,
InShareMode,
InSecurityAttributes,
InCreationDisposition,
InFlagsAndAttributes,
InTemplateFile));
}
public Main(RemoteHooking.IContext InContext, string serverName)
{
mySendClientQueue = new Queue <Packet>();
mySendClientLock = new object();
mySendServerQueue = new Queue <Packet>();
mySendServerLock = new object();
myRecvFilter = new PacketFilter();
mySendFilter = new PacketFilter();
myRecvDelegate = new dSendRecv(ReceiveHook);
mySendDelegate = new dSendRecv(SendHook);
myPID = RemoteHooking.GetCurrentProcessId();
myThreadID = RemoteHooking.GetCurrentThreadId();
myDateStamp = GetDateStamp();
myServerSendBuffer = Marshal.AllocHGlobal(65536);
myClientSendBuffer = Marshal.AllocHGlobal(65536);
myServerBufferAddress = BitConverter.GetBytes(myServerSendBuffer.ToInt32());
myClientBufferAddress = BitConverter.GetBytes(myClientSendBuffer.ToInt32());
myClientInstance = new ClientInstance(serverName, true);
myClientInstance.SendCommand(Command.ClientID, myPID);
myClientInstance.SendPacketEvent += new dSendPacket(myClientInstance_sendPacketEvent);
myClientInstance.PingEvent += new dPing(myClientInstance_pingEvent);
myClientInstance.AddRecvFilterEvent += new dAddRecvFilter(myClientInstance_addRecvFilterEvent);
myClientInstance.AddSendFilterEvent += new dAddSendFilter(myClientInstance_addSendFilterEvent);
myClientInstance.RemoveRecvFilterEvent += new dRemoveRecvFilter(myClientInstance_removeRecvFilterEvent);
myClientInstance.RemoveSendFilterEvent += new dRemoveSendFilter(myClientInstance_removeSendFilterEvent);
myClientInstance.ClearRecvFilterEvent += new dClearRecvFilter(myClientInstance_clearRecvFilterEvent);
myClientInstance.ClearSendFilterEvent += new dClearSendFilter(myClientInstance_clearSendFilterEvent);
myClientInstance.SendCommand(Command.Message, "ClientHook Main()");
}
public HookInjection(
RemoteHooking.IContext InContext,
String InChannelName,
String entryPoint,
String dll,
String returnType,
String scriptBlock,
String modulePath,
String additionalCode,
bool eventLog)
{
Log("Opening hook interface channel...", eventLog);
Interface = RemoteHooking.IpcConnectClient <HookInterface>(InChannelName);
try
{
Runspace = RunspaceFactory.CreateRunspace();
Runspace.Open();
//Runspace.SessionStateProxy.SetVariable("HookInterface", Interface);
}
catch (Exception ex)
{
Log("Failed to open PowerShell runspace." + ex.Message, eventLog);
Interface.ReportError(RemoteHooking.GetCurrentProcessId(), ex);
}
}
public static void Run()
{
Config.Register(
"A simple ProcessMonitor based on EasyHook!",
"ProcMonInject.dll",
"ProcessMonitor.exe");
/*
* Config.Register("EasyHook managed test application",
* "..\\x64\\ManagedTest.exe");
*
* /*
* RemoteHooking.CreateAndInject(
* @"..\x86\ManagedTarget.exe",
* "",
* /*DETACHED_PROCESS(8)*0x10,
* "..\\x86\\ManagedTest.exe",
* "..\\x64\\ManagedTest.exe",
* out ProcessId,
* 0x12345678);*/
// ProcessInfo[] Result = (ProcessInfo[])RemoteHooking.ExecuteAsService<RHTest>("Enum");
RemoteHooking.Inject(
RemoteHooking.GetCurrentProcessId(),
"..\\x86\\ManagedTest.exe",
"..\\x64\\ManagedTest.exe",
null,
0x12345678);
}
public void Run(
RemoteHooking.IContext InContext,
String InChannelName)
{
// install hook...
Hook = LocalHook.Create(
LocalHook.GetProcAddress("user32.dll", "SetWindowTextW"),
new DSetWindowText(SetWindowText_Hooked),
this);
Hook.ThreadACL.SetExclusiveACL(new Int32[] { 0 });
Interface.IsInstalled(RemoteHooking.GetCurrentProcessId());
try
{
while (true)
{
Thread.Sleep(500);
}
}
catch (Exception e)
{
Interface.ReportException(e);
}
Hook.Dispose();
LocalHook.Release();
}
private bool OnCreateProcessHook(string lpApplicationName, string lpCommandLine, ref SECURITY_ATTRIBUTES lpProcessAttributes, ref SECURITY_ATTRIBUTES lpThreadAttributes, bool bInheritHandles, uint dwCreationFlags, IntPtr lpEnvironment, string lpCurrentDirectory, [In] ref STARTUPINFO lpStartupInfo, out PROCESS_INFORMATION lpProcessInformation)
{
bool isRedirected = false;
// Only when dwCreationFlags is not CREATE_NO_WINDOW
if ((dwCreationFlags & 0x08000000) == 0)
{
var currentProcess = Process.GetProcessById(RemoteHooking.GetCurrentProcessId());
if (currentProcess.ProcessName.ToLower() == "explorer")
{
// If Windows Explorer, redirect only in some cases
switch (Path.GetFileNameWithoutExtension(lpApplicationName)?.ToLower())
{
case "powershell":
case "cmd":
case null:
isRedirected = Redirect(ref lpApplicationName, ref lpCommandLine);
break;
}
}
else if (!string.IsNullOrEmpty(lpApplicationName))
{
// In other cases, redirect only when lpApplicationName exists
isRedirected = Redirect(ref lpApplicationName, ref lpCommandLine);
}
}
var result = NativeMethods.CreateProcess(lpApplicationName, lpCommandLine, ref lpProcessAttributes, ref lpThreadAttributes,
bInheritHandles, dwCreationFlags, lpEnvironment, lpCurrentDirectory, ref lpStartupInfo, out lpProcessInformation);
Server.RaiseProcessCreated(lpApplicationName, lpCommandLine, lpProcessInformation.dwProcessId, isRedirected);
return(result);
}
public void Run(RemoteHooking.IContext context, string channelName)
{
server.IsInstalled(RemoteHooking.GetCurrentProcessId());
List <LocalHook> hooks = new List <LocalHook>()
{
LocalHook.Create(
new IntPtr(ENGINE_UPDATE_HOOK_TARGET_ADDRESS),
new VoidDelegate(PollInputOverride),
this),
};
foreach (var hook in hooks)
{
hook.ThreadACL.SetExclusiveACL(new int[] { 0 });
}
InputEmulator.KeyConfig.TryLoadConfig();
server.ReportString($"DivaHook successfully established\n");
server.ReportString($"Do not close this application...");
RemoteHooking.WakeUpProcess();
try
{
while (true)
{
System.Threading.Thread.Sleep(500);
string[] queued = null;
lock (messageQueue)
{
queued = messageQueue.ToArray();
messageQueue.Clear();
}
if (queued != null && queued.Length > 0)
{
server.ReportMessages(queued);
}
else
{
server.Ping();
}
}
}
catch (Exception ex)
{
server.ReportException(ex);
}
foreach (var hook in hooks)
{
hook.Dispose();
}
LocalHook.Release();
}
public void Run(RemoteHooking.IContext contect, string channelName)
{
Interface.IsInstalled(RemoteHooking.GetCurrentProcessId());
// Install hooks
// CreateFile https://msdn.microsoft.com/en-us/library/windows/desktop/aa363858(v=vs.85).aspx
CreateFileHook = LocalHook.Create(
LocalHook.GetProcAddress("kernel32.dll", "CreateFileW"),
new CreateFile_Delegate(CreateFile_Hook),
this
);
// Activate hooks on all threads except the current thread.
CreateFileHook.ThreadACL.SetExclusiveACL(new int[] { 0 });
Interface.ReportMessage("Hook 'CreateFile' has been installed");
RemoteHooking.WakeUpProcess();
try
{
// Loop until the loader closes (i.e. IPC fails)
while (true)
{
Thread.Sleep(500);
string[] queued = null;
lock (_messageQueue)
{
queued = _messageQueue.ToArray();
_messageQueue.Clear();
}
if (queued != null && queued.Length > 0)
{
Interface.ReportMessages(queued);
}
else
{
Interface.Ping();
}
}
}
catch
{
// Ping() or ReportMessages() will raise an exception if host is unreachable.
}
// Remove hooks
CreateFileHook.Dispose();
// Finalize cleanup of hooks
LocalHook.Release();
}
public void Run(
RemoteHooking.IContext InContext,
String InChannelName)
{
// install hook...
try
{
CreateKeywordHook = LocalHook.Create(
LocalHook.GetProcAddress("python27.dll", "PyEval_CallObjectWithKeywords"),
new DCallKeywords(CallKeywords_Hooked),
this);
CreateKeywordHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 });
CreateGetModuleHandleAHook = LocalHook.Create(LocalHook.GetProcAddress("kernel32", "GetModuleHandleA"), new DGetModuleHandleA(GetModuleHandleHooked), this);
CreateGetModuleHandleAHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 });
}
catch (Exception ExtInfo)
{
Interface.ReportException(ExtInfo);
return;
}
Interface.IsInstalled(RemoteHooking.GetCurrentProcessId());
RemoteHooking.WakeUpProcess();
// wait for host process termination...
try
{
while (true)
{
Thread.Sleep(500);
// transmit newly monitored file accesses...
if (Queue.Count > 0)
{
String[] Package = null;
lock (Queue)
{
Package = Queue.ToArray();
Queue.Clear();
}
}
else
{
Interface.Ping();
}
}
}
catch
{
// Ping() will raise an exception if host is unreachable
}
}
public Main(RemoteHooking.IContext InContext, String InChannelName)
{
Console.WriteLine("test");
luaInterface = RemoteHooking.IpcConnectClient <LuaInterface>(InChannelName);
ChannelName = InChannelName;
luaInterface.WriteLine("get current process id: " + RemoteHooking.GetCurrentProcessId());
luaInterface.WriteLine("end main()");
}
public XboxOneControllerInjection(
RemoteHooking.IContext InContext,
String InChannelName)
{
Interface = RemoteHooking.IpcConnectClient <RemoInterface>(InChannelName);
Hooks = new List <LocalHook>();
Interface.Ping(RemoteHooking.GetCurrentProcessId());
}
public DemoInjection(
RemoteHooking.IContext InContext,
String InChannelName)
{
Interface = RemoteHooking.IpcConnectClient <DemoInterface>(InChannelName);
Interface.Ping(RemoteHooking.GetCurrentProcessId());
}
public void Run(RemoteHooking.IContext inContext, String inChannelName)
{
// install hook...
try
{
_runningDirectory = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location);
IntPtr createFileProcAddress = LocalHook.GetProcAddress("kernel32.dll", "CreateFileA");
_createFileLocalHook = LocalHook.Create(
createFileProcAddress,
new CreateFileDelegate(CreateFileHookMethod),
this);
_createFileLocalHook.ThreadACL.SetExclusiveACL(new int[] { 0 });
IntPtr mmioOpenProcAddress = LocalHook.GetProcAddress("WINMM.dll", "mmioOpenW");
_mmioOpenLocalHook = LocalHook.Create(
mmioOpenProcAddress,
new MmioOpenDelegate(MmioOpenHookMethod),
this);
_mmioOpenLocalHook.ThreadACL.SetExclusiveACL(new int[] { 0 });
IntPtr getDriveTypeProcAddress = LocalHook.GetProcAddress("kernel32.dll", "GetDriveTypeA");
_getDriveTypeLocalHook = LocalHook.Create(
getDriveTypeProcAddress,
new GetDriveTypeDelegate(GetDriveTypeHookMethod),
this);
_getDriveTypeLocalHook.ThreadACL.SetExclusiveACL(new int[] { 0 });
}
catch (Exception exception)
{
_ipcInterface.ReportException(exception);
return;
}
_ipcInterface.NotifySucessfulInstallation(RemoteHooking.GetCurrentProcessId());
RemoteHooking.WakeUpProcess();
// wait until we are not needed anymore...
try
{
while (true)
{
_ipcInterface.OnHooking();
}
}
catch
{
// Ping() will raise an exception if host is unreachable
}
}
public void SafelyReportInjectionDone()
{
try
{
interface_.ReportInjectionDone(RemoteHooking.GetCurrentProcessId());
}
catch { }
DebugLogger.WriteLine("Injection successfully done");
}
public static String FormatMessage(DateTime time, String api, String msg)
{
//[TIME][PID:TID]:"API":"MSG"
String str = "[" + time.ToString() + "][" + RemoteHooking.GetCurrentProcessId() + ":" +
RemoteHooking.GetCurrentThreadId() + "]: \"" + api + "\":\"" +
msg + "\"";
return(str);
}