/// <summary>
/// Starts the hooking process
/// </summary>
/// <param name="inContext">Should contain information about the environment</param>
/// <param name="adapterId"><see cref="String" /> identification of the desired network adapter</param>
/// <param name="injectionAddress">Address of the injection assembly to be used for child processes</param>
/// <param name="injectionDelay">Number of milliseconds after child process creation to try to inject the code</param>
/// <param name="isDebug">Indicates if injected code should create a log file and print activity information</param>
// ReSharper disable once TooManyArguments
// ReSharper disable once MethodTooLong
// ReSharper disable once MethodNameNotMeaningful
public void Run(
RemoteHooking.IContext inContext,
string injectionAddress,
string adapterId,
int injectionDelay,
bool isDebug)
{
DebugMessage(
nameof(Run),
"Starting ..."
);
LoadLibrary(@"ws2_32.dll", () =>
{
AddHook(@"ws2_32.dll", "connect", new Delegates.ConnectDelegate(OnConnect));
AddHook(@"ws2_32.dll", "WSAConnect", new Delegates.WSAConnectDelegate(OnWSAConnect));
AddHook(@"ws2_32.dll", "bind", new Delegates.BindDelegate(OnBind));
});
AddHook(@"kernel32.dll", "CreateProcessA",
new Delegates.CreateProcessDelegate(
(
IntPtr applicationName,
IntPtr commandLine,
IntPtr processAttributes,
IntPtr threadAttributes,
bool inheritHandles,
uint creationFlags,
IntPtr environment,
IntPtr currentDirectory,
IntPtr startupInfo,
out ProcessInformation processInformation
) => OnCreateProcess(
applicationName,
commandLine,
processAttributes,
threadAttributes,
inheritHandles,
creationFlags,
environment,
currentDirectory,
startupInfo,
out processInformation,
false
)
)
);
AddHook(@"kernel32.dll", "CreateProcessW",
new Delegates.CreateProcessDelegate(
(
IntPtr applicationName,
IntPtr commandLine,
IntPtr processAttributes,
IntPtr threadAttributes,
bool inheritHandles,
uint creationFlags,
IntPtr environment,
IntPtr currentDirectory,
IntPtr startupInfo,
out ProcessInformation processInformation
) => OnCreateProcess(
applicationName,
commandLine,
processAttributes,
threadAttributes,
inheritHandles,
creationFlags,
environment,
currentDirectory,
startupInfo,
out processInformation,
true
)
)
);
// Ansi version of the SetWindowText method
AddHook(@"user32.dll", "SetWindowTextA",
new Delegates.SetWindowTextDelegate(
(handle, text) => OnSetWindowText(handle, text, false)
)
);
// Unicode (Wide) version of the SetWindowText method
AddHook(@"user32.dll", "SetWindowTextW",
new Delegates.SetWindowTextDelegate(
(handle, text) => OnSetWindowText(handle, text, true)
)
);
// Return if we failed to hook any method
lock (Hooks)
{
if (!Hooks.Any())
{
DebugMessage(
nameof(Run),
"FATAL: Failed to hook any function."
);
return;
}
}
// In case we started the application using CreateAndInject method
RemoteHooking.WakeUpProcess();
// Going into a loop to update the application's main window's title bar
WindowTitleCheckLoop();
}