Exemplo n.º 1
0
        static Process()
        {
            try
            {
                ProcessID = (uint)System.Diagnostics.Process.GetCurrentProcess().Id;
                System.Diagnostics.Process.EnterDebugMode();
                Handle = ProcessImports.OpenProcess((uint)ProcessImports.ProcessAccess.PROCESS_ALL_ACCESS, false, ProcessID);
                if (Handle == IntPtr.Zero)
                {
                    Error.GetLastError();
                }

                Guid CLSID_CLRRuntimeHost = new Guid(0x90F1A06E, 0x7712, 0x4762, 0x86, 0xB5, 0x7A, 0x5E, 0xBA, 0x6B, 0xDB, 0x02);
                Guid IID_ICLRRuntimeHost  = new Guid(0x90F1A06C, 0x7712, 0x4762, 0x86, 0xB5, 0x7A, 0x5E, 0xBA, 0x6B, 0xDB, 0x02);

                runtimeInterface = RuntimeEnvironment.GetRuntimeInterfaceAsIntPtr(CLSID_CLRRuntimeHost, IID_ICLRRuntimeHost).ToInt32();
                if (runtimeInterface == 0)
                {
                    throw new Exception("Runtime interface not found!");
                }

                IntPtr user32Handle = ProcessImports.GetModuleHandle("user32.dll");
                if (user32Handle == IntPtr.Zero)
                {
                    Error.GetLastError("GetModuleHandle user32.dll");
                }

                IntPtr wptr = ProcessImports.GetProcAddress(user32Handle, "wsprintfW");
                if (wptr == IntPtr.Zero)
                {
                    Error.GetLastError("GetProcAddress wsprintfW");
                }

                wsprintfWPtr       = wptr.ToInt32();
                wsprintfWTypeArg   = AllocString("%p");
                hookArg_DLLPath    = AllocString(typeof(Process).Assembly.Location);
                hookArg_Namespace  = AllocString(typeof(Process).FullName);
                hookArg_MethodName = AllocString(typeof(Process).GetMethod("ApiHook").Name);
                hookArg_Result     = Alloc(4).ToInt32();
            }
            catch (Exception e)
            {
                MessageBox(IntPtr.Zero, e.ToString(), "WinApi Exception!", 0);
            }
        }