public string generate_function_code_GlobalFunction(ParsedFunc func)
{
string result = "";
result += "\r\n";
result += "//////////////////////////////////////////////////////////////////\r\n";
result += "// " + func.func_name + " Hooking\r\n";
result += "//////////////////////////////////////////////////////////////////\r\n";
result += "\r\n";
//split return type from function description
Tokenizer t = new Tokenizer(func.return_type);
string return_type = "";
string call_type = "";
string tok = null;
while (true)
{
tok = t.NextToken();
if (null == tok)
{
break;
}
if (tok.Contains("__declspec") || tok.Contains("__stdcall"))
{
if (!tok.Contains("__declspec(dllimport)"))
{
call_type += tok + " ";
}
}
else
{
return_type += tok + " ";
}
}
////////////
// typedef
////////////
result += "typedef " + return_type;
result += " (" + call_type + "*" + func.func_name + "_FPTR)(\r\n";
bool bFirst = true;
foreach (ParsedArgument arg in func.args_list)
{
result += "\t";
if (!bFirst)
{
result += ",";
}
result += arg.arg_type + " ";
result += arg.arg_name + "\r\n";
bFirst = false;
}
result += "\t);\r\n";
//////////////////////////
// orig func pointer
//////////////////////////
result += func.func_name + "_FPTR g_" + func.func_name + "_ORIG = NULL;\r\n";
/////////////////////////////
// detour function
/////////////////////////////
result += return_type + " " + call_type + " " + func.func_name + "_DETOUR (\r\n";
bFirst = true;
foreach (ParsedArgument arg in func.args_list)
{
result += "\t";
if (!bFirst)
{
result += ",";
}
result += arg.arg_type + " ";
result += arg.arg_name + "\r\n";
bFirst = false;
}
result += "\t)\r\n";
result += "{\r\n";
//assert to test the orig func pointer is valid
result += "\tassert(g_" + func.func_name + "_ORIG);\r\n";
//call the orig function
result += "\t";
if ("void " != return_type)
{
result += "return ";
}
result += "\tg_" + func.func_name + "_ORIG(\r\n";
bFirst = true;
foreach (ParsedArgument arg in func.args_list)
{
result += "\t\t";
if (!bFirst)
{
result += ",";
}
result += arg.arg_name + "\r\n";
bFirst = false;
}
result += "\t\t);\r\n";
result += "}\r\n";
// show to hook code itself
result += "\r\n...\r\n";
result += "void Init_" + func.func_name + "_Hook()\r\n";
result += "{\r\n";
//HMODULE hUser32 = LoadLibrary("user32.dll");
//TODO: identify module for system functions
result += "\tHMODULE hmod = LoadLibraryA(\"??????.dll\")\r\n";
result += "\tassert(hmod);\r\n";
result += "\tif (hmod)\r\n";
result += "\t{\r\n";
result += "\t\tg_" + func.func_name + "_ORIG = (" + func.func_name + "_FPTR) GetProcAddress(hmod,\"" + func.func_name + "\");\r\n";
result += "\t\tassert(g_" + func.func_name + "_ORIG);\r\n";
result += "\t\tif (g_" + func.func_name + "_ORIG)\r\n";
result += "\t\t{\r\n";
//BOOL hook_res = Mhook_SetHook((PVOID*) &g_MessageBoxA_Orig, MessageBoxA_Detour);
result += "\t\t\t BOOL hook_res = Mhook_SetHook((PVOID*) &g_" + func.func_name + "_ORIG, " + func.func_name + "_DETOUR);\r\n";
result += "\t\t\t assert(hook_res);\r\n";
result += "\t\t}\r\n";
result += "\t}\r\n";
result += "}\r\n";
result += "\r\n...\r\n";
return(result);
}
private ParsedFunc parse_func()
{
ParsedFunc func = new ParsedFunc();
string tok;
string prev = "";
bool arg_list_started = false;
bool arg_list_ended = false;
func.return_type = ""; //might not have return value - constructor/destructor
int scope_depth = 0;
int template_scope_depth = 0;
func.args_list = new List <ParsedArgument>();
ParsedArgument arg = new ParsedArgument();
//bool first_arg = true;
tok = m_MainTokenizer.NextToken();
prev = tok;
//using one lookahead.
while (tok != null)
{
tok = m_MainTokenizer.NextToken();
//note: i do not support const functions.
if (";" == tok)
{
if (prev == "}")
{
return(null);
}
if (func.func_name == func.return_type)
{
//constructor/destructor
func.return_type = "";
}
return(func);
}
if ("<" == prev)
{
template_scope_depth++;
}
else if (">" == prev)
{
template_scope_depth--;
}
if ("{" == prev)
{
scope_depth++;
}
else if ("}" == prev)
{
scope_depth--;
if (scope_depth < 0)
{
return(null);
}
}
else
{
//if we're in deeper scope, then it's function definition which we don't care about.
if (0 == scope_depth)
{
if ("(" == tok)
{
arg_list_started = true;
func.func_name = prev;
}
else if (")" == prev)
{
arg_list_ended = true;
}
else /*if (";" == prev)
* {
* if (func.func_name == func.return_type)
* {
* //constructor/destructor
* func.return_type = "";
* }
*
*
* return func;
* }
* else*/
{
if (!arg_list_started && !arg_list_ended)
{
if (prev.Contains("__declspec") ||
prev.Contains("__stdcall") ||
prev.Contains("virtual"))
{
if (!prev.Contains("__declspec(dllimport)") && !prev.Contains("__declspec(nothrow)") && !prev.Contains("virtual"))
{
if (func.call_type != "")
{
func.call_type += " ";
}
func.call_type += prev;
}
}
else
{
if (func.return_type != "")
{
func.return_type += " ";
}
func.return_type += prev;
}
}
else if (arg_list_started == true && !arg_list_ended)
{
if (("(" != prev && "," != prev) || 0 != template_scope_depth)
{
if (("," == tok || ")" == tok) && 0 == template_scope_depth) // if next is "," or ")" and we're not inside a template definition
{
arg.arg_name = prev;
func.args_list.Add(arg);
arg = new ParsedArgument();
}
else
{
arg.arg_type += prev + " ";
}
}
}
}
}
}
prev = tok;
}
Debug.Print("Error! text ended before func declaration ended.\n");
return(null);
}
public string generate_function_code_GlobalFunction(ParsedFunc func)
{
string result = "";
result += "\r\n";
result += "//////////////////////////////////////////////////////////////////\r\n";
result += "// " + func.func_name + " Hooking\r\n";
result += "//////////////////////////////////////////////////////////////////\r\n";
result += "\r\n";
//split return type from function description
Tokenizer t = new Tokenizer(func.return_type);
string return_type = "";
string call_type = "";
string tok = null;
while (true)
{
tok = t.NextToken();
if (null == tok)
break;
if (tok.Contains("__declspec") || tok.Contains("__stdcall"))
{
if (!tok.Contains("__declspec(dllimport)"))
{
call_type += tok + " ";
}
}
else
{
return_type += tok + " ";
}
}
////////////
// typedef
////////////
result += "typedef " + return_type;
result += " (" + call_type + "*" + func.func_name + "_FPTR)(\r\n";
bool bFirst = true;
foreach (ParsedArgument arg in func.args_list)
{
result += "\t";
if (!bFirst)
{
result += ",";
}
result += arg.arg_type + " ";
result += arg.arg_name + "\r\n";
bFirst = false;
}
result += "\t);\r\n";
//////////////////////////
// orig func pointer
//////////////////////////
result += func.func_name + "_FPTR g_" + func.func_name + "_ORIG = NULL;\r\n";
/////////////////////////////
// detour function
/////////////////////////////
result += return_type + " " + call_type + " " + func.func_name + "_DETOUR (\r\n";
bFirst = true;
foreach (ParsedArgument arg in func.args_list)
{
result += "\t";
if (!bFirst)
{
result += ",";
}
result += arg.arg_type + " ";
result += arg.arg_name + "\r\n";
bFirst = false;
}
result += "\t)\r\n";
result += "{\r\n";
//assert to test the orig func pointer is valid
result += "\tassert(g_" + func.func_name + "_ORIG);\r\n";
//call the orig function
result += "\t";
if ("void " != return_type)
{
result += "return ";
}
result += "\tg_" + func.func_name + "_ORIG(\r\n";
bFirst = true;
foreach (ParsedArgument arg in func.args_list)
{
result += "\t\t";
if (!bFirst)
{
result += ",";
}
result += arg.arg_name + "\r\n";
bFirst = false;
}
result += "\t\t);\r\n";
result += "}\r\n";
// show to hook code itself
result += "\r\n...\r\n";
result += "void Init_" + func.func_name + "_Hook()\r\n";
result += "{\r\n";
//HMODULE hUser32 = LoadLibrary("user32.dll");
//TODO: identify module for system functions
result += "\tHMODULE hmod = LoadLibraryA(\"??????.dll\")\r\n";
result += "\tassert(hmod);\r\n";
result += "\tif (hmod)\r\n";
result += "\t{\r\n";
result += "\t\tg_" + func.func_name + "_ORIG = (" + func.func_name + "_FPTR) GetProcAddress(hmod,\"" + func.func_name + "\");\r\n";
result += "\t\tassert(g_" + func.func_name + "_ORIG);\r\n";
result += "\t\tif (g_" + func.func_name + "_ORIG)\r\n";
result += "\t\t{\r\n";
//BOOL hook_res = Mhook_SetHook((PVOID*) &g_MessageBoxA_Orig, MessageBoxA_Detour);
result += "\t\t\t BOOL hook_res = Mhook_SetHook((PVOID*) &g_" + func.func_name + "_ORIG, " + func.func_name + "_DETOUR);\r\n";
result += "\t\t\t assert(hook_res);\r\n";
result += "\t\t}\r\n";
result += "\t}\r\n";
result += "}\r\n";
result += "\r\n...\r\n";
return result;
}
