public void Run(RemoteHooking.IContext InContext, String InChannelName)
{
try
{
// Call Host
Interface.IsInstalled(RemoteHooking.GetCurrentProcessId());
LocalHook.EnableRIPRelocation(); // no idea what this does
DebugAddresses();
LoadAddresses();
LoadOriginalFunctions();
hooks = new List <LocalHook>();
hooks.Add(LocalHook.Create(OutPacketInitAddress, new DOutPacketInit(form.OutPacketInitHooked), this));
hooks.Add(LocalHook.Create(EncodeByteAddress, new DEncodeByte(form.EncodeByteHooked), this));
hooks.Add(LocalHook.Create(EncodeShortAddress, new DEncodeShort(form.EncodeShortHooked), this));
hooks.Add(LocalHook.Create(EncodeIntAddress, new DEncodeInt(form.EncodeIntHooked), this));
hooks.Add(LocalHook.Create(EncodeBufferAddress, new DEncodeBuffer(form.EncodeBufferHooked), this));
hooks.Add(LocalHook.Create(EncodeStringAddress, new DEncodeString(form.EncodeStringHooked), this));
if (SendPacketAddress.ToInt32() > 0)
{
//hooks.Add(LocalHook.Create(SendPacketAddress, new DSendPacket(form.SendPacketHooked), this));
}
hooks.Add(LocalHook.Create(DecodeByteAddress, new DDecodeByte(form.DecodeByteHooked), this));
hooks.Add(LocalHook.Create(DecodeShortAddress, new DDecodeShort(form.DecodeShortHooked), this));
hooks.Add(LocalHook.Create(DecodeIntAddress, new DDecodeInt(form.DecodeIntHooked), this));
hooks.Add(LocalHook.Create(DecodeBufferAddress, new DDecodeBuffer(form.DecodeBufferHooked), this));
hooks.Add(LocalHook.Create(DecodeStringAddress, new DDecodeString(form.DecodeStringHooked), this));
//hooks.Add(LocalHook.Create(DecryptDataAddress, new DDecryptData(form.DecryptDataHooked), this));
hooks.ForEach(hook => hook.ThreadACL.SetExclusiveACL(new Int32[] { 0 }));
Interface.WriteConsole("Initialized Hooks: " + hooks.Count);
form.ShowDialog();
}
catch (Exception e)
{
Interface.WriteConsole("ERROR: " + e);
}
}
public static void Run()
{
DMethodA MethodADelegate = new DMethodA(MethodA);
DMethodB MethodBDelegate = new DMethodB(MethodB);
GC.KeepAlive(MethodADelegate);
GC.KeepAlive(MethodBDelegate);
LHTestMethodA = Marshal.GetFunctionPointerForDelegate(MethodADelegate);
LHTestMethodB = Marshal.GetFunctionPointerForDelegate(MethodBDelegate);
LocalHook.EnableRIPRelocation();
// install hooks
LocalHook[] MyHooks = new LocalHook[]
{
LocalHook.Create(
LHTestMethodA,
LHTestHookA,
1),
LocalHook.Create(
LHTestMethodB,
LHTestHookB,
2),
};
LHTestMethodADelegate = (DMethodA)Marshal.GetDelegateForFunctionPointer(LHTestMethodA, typeof(DMethodA));
LHTestMethodBDelegate = (DMethodB)Marshal.GetDelegateForFunctionPointer(LHTestMethodB, typeof(DMethodB));
// we want to intercept all threads...
MyHooks[0].ThreadACL.SetInclusiveACL(new Int32[1]);
MyHooks[1].ThreadACL.SetInclusiveACL(new Int32[1]);
// LHTestMethodBDelegate.Invoke(0, 0, "");
MyHooks[0].ThreadACL.SetExclusiveACL(new Int32[1]);
MyHooks[1].ThreadACL.SetExclusiveACL(new Int32[1]);
// LHTestMethodBDelegate.Invoke(0, 0, "");
/*
* This is just to make sure that all related objects are referenced.
* At the beginning there were several objects like delegates that have
* been collected during execution! The NET-Framework will produce bugchecks
* in such cases...
*/
GC.Collect();
GC.WaitForPendingFinalizers();
GC.Collect();
IntPtr t = Marshal.GetFunctionPointerForDelegate(LHTestHookA);
Int64 t1 = System.Diagnostics.Stopwatch.GetTimestamp();
for (int i = 0; i < LHTestThreadCount; i++)
{
new Thread(new ThreadStart(LHTestThread)).Start();
}
LHTestCompleted.WaitOne();
t1 = ((System.Diagnostics.Stopwatch.GetTimestamp() - t1) * 1000) / System.Diagnostics.Stopwatch.Frequency;
// verify results
if ((LHTestCounterMA != LHTestCounterMAH) || (LHTestCounterMAH != LHTestCounterMB) ||
(LHTestCounterMB != LHTestCounterMBH) || (LHTestCounterMB != LHTestThreadCount * 10000))
{
throw new Exception("LocalHook test failed.");
}
Console.WriteLine("Localhook test passed in {0} ms.", t1);
}
