Hook掉TerminateProcess 和 OpenProcess 是成功的 但是还是能通过任务管理器把进程杀掉 我很纳闷 请帮忙看下问题出在哪里?
[C++] 纯文本查看 复制代码
// HookOpenProcessDlg.h : 头文件
//
#pragma once
typedef HANDLE(WINAPI *TypeOpenProcess)( _In_ DWORD dwDesiredAccess,_In_ BOOL bInheritHandle,_In_ DWORD dwProcessId);
typedef BOOL (WINAPI *TypeTerminateProcess)(_In_ HANDLE hProcess, _In_ UINT uExitCode);
// CHookOpenProcessDlg 对话框
class CHookOpenProcessDlg : public CDialogEx
{
// 构造
public:
CHookOpenProcessDlg(CWnd* pParent = NULL); // 标准构造函数
// 对话框数据
enum { IDD = IDD_HOOKOPENPROCESS_DIALOG };
protected:
virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
// 实现
protected:
HICON m_hIcon;
// 生成的消息映射函数
virtual BOOL OnInitDialog();
afx_msg void OnSysCommand(UINT nID, LPARAM lParam);
afx_msg void OnPaint();
afx_msg HCURSOR OnQueryDragIcon();
DECLARE_MESSAGE_MAP()
public:
afx_msg void OnBnClickedBtnhook();
afx_msg void OnDestroy();
static DWORD m_dwProcess;
static TypeOpenProcess OriginOpenProcess;
static HANDLE OpenProcessHandle;
static TypeOpenProcess OriginOpenProcessTarget;
static TypeTerminateProcess OriginOpenTerminateProcess;
static TypeTerminateProcess OriginOpenTerminateProcessTarget;
afx_msg void OnBnClickedButton2();
};
HookOpenProcess.7z
(368.57 KB, 下载次数: 2)
[C++] 纯文本查看 复制代码
// HookOpenProcessDlg.cpp : 实现文件
//
#include "stdafx.h"
#include "HookOpenProcess.h"
#include "HookOpenProcessDlg.h"
#include "afxdialogex.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#endif
// 用于应用程序“关于”菜单项的 CAboutDlg 对话框
class CAboutDlg : public CDialogEx
{
public:
CAboutDlg();
// 对话框数据
enum { IDD = IDD_ABOUTBOX };
protected:
virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV 支持
// 实现
protected:
DECLARE_MESSAGE_MAP()
};
CAboutDlg::CAboutDlg() : CDialogEx(CAboutDlg::IDD)
{
}
void CAboutDlg::DoDataExchange(CDataExchange* pDX)
{
CDialogEx::DoDataExchange(pDX);
}
BEGIN_MESSAGE_MAP(CAboutDlg, CDialogEx)
END_MESSAGE_MAP()
// CHookOpenProcessDlg 对话框
CHookOpenProcessDlg::CHookOpenProcessDlg(CWnd* pParent /*=NULL*/)
: CDialogEx(CHookOpenProcessDlg::IDD, pParent)
{
m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);
}
void CHookOpenProcessDlg::DoDataExchange(CDataExchange* pDX)
{
CDialogEx::DoDataExchange(pDX);
}
BEGIN_MESSAGE_MAP(CHookOpenProcessDlg, CDialogEx)
ON_WM_SYSCOMMAND()
ON_WM_PAINT()
ON_WM_QUERYDRAGICON()
ON_BN_CLICKED(IDC_BTNHook, &CHookOpenProcessDlg::OnBnClickedBtnhook)
ON_WM_DESTROY()
ON_BN_CLICKED(IDC_BUTTON2, &CHookOpenProcessDlg::OnBnClickedButton2)
END_MESSAGE_MAP()
// CHookOpenProcessDlg 消息处理程序
BOOL CHookOpenProcessDlg::OnInitDialog()
{
CDialogEx::OnInitDialog();
// 将“关于...”菜单项添加到系统菜单中。
// IDM_ABOUTBOX 必须在系统命令范围内。
ASSERT((IDM_ABOUTBOX & 0xFFF0) == IDM_ABOUTBOX);
ASSERT(IDM_ABOUTBOX < 0xF000);
CMenu* pSysMenu = GetSystemMenu(FALSE);
if (pSysMenu != NULL)
{
BOOL bNameValid;
CString strAboutMenu;
bNameValid = strAboutMenu.LoadString(IDS_ABOUTBOX);
ASSERT(bNameValid);
if (!strAboutMenu.IsEmpty())
{
pSysMenu->AppendMenu(MF_SEPARATOR);
pSysMenu->AppendMenu(MF_STRING, IDM_ABOUTBOX, strAboutMenu);
}
}
// 设置此对话框的图标。当应用程序主窗口不是对话框时,框架将自动
// 执行此操作
SetIcon(m_hIcon, TRUE); // 设置大图标
SetIcon(m_hIcon, FALSE); // 设置小图标
// TODO: 在此添加额外的初始化代码
m_dwProcess = GetCurrentProcessId();
MH_STATUS iRet = MH_Initialize();
if (iRet != MH_OK)
{
CString str;
str += MH_StatusToString(iRet);
MessageBox(str);
}
OnBnClickedBtnhook();
return TRUE; // 除非将焦点设置到控件,否则返回 TRUE
}
void CHookOpenProcessDlg::OnSysCommand(UINT nID, LPARAM lParam)
{
if ((nID & 0xFFF0) == IDM_ABOUTBOX)
{
CAboutDlg dlgAbout;
dlgAbout.DoModal();
}
else
{
CDialogEx::OnSysCommand(nID, lParam);
}
}
// 如果向对话框添加最小化按钮,则需要下面的代码
// 来绘制该图标。对于使用文档/视图模型的 MFC 应用程序,
// 这将由框架自动完成。
void CHookOpenProcessDlg::OnPaint()
{
if (IsIconic())
{
CPaintDC dc(this); // 用于绘制的设备上下文
SendMessage(WM_ICONERASEBKGND, reinterpret_cast<WPARAM>(dc.GetSafeHdc()), 0);
// 使图标在工作区矩形中居中
int cxIcon = GetSystemMetrics(SM_CXICON);
int cyIcon = GetSystemMetrics(SM_CYICON);
CRect rect;
GetClientRect(&rect);
int x = (rect.Width() - cxIcon + 1) / 2;
int y = (rect.Height() - cyIcon + 1) / 2;
// 绘制图标
dc.DrawIcon(x, y, m_hIcon);
}
else
{
CDialogEx::OnPaint();
}
}
//当用户拖动最小化窗口时系统调用此函数取得光标
//显示。
HCURSOR CHookOpenProcessDlg::OnQueryDragIcon()
{
return static_cast<HCURSOR>(m_hIcon);
}
HANDLE WINAPI MyOpenProcess(_In_ DWORD dwDesiredAccess,_In_ BOOL bInheritHandle,_In_ DWORD dwProcessId)
{
HANDLE _handle = NULL;
if (CHookOpenProcessDlg::OriginOpenProcess)
{
_handle = CHookOpenProcessDlg::OriginOpenProcess(dwDesiredAccess,bInheritHandle,dwProcessId);
}
if (CHookOpenProcessDlg::m_dwProcess == dwProcessId)
{
CHookOpenProcessDlg::OpenProcessHandle = _handle;
}
return NULL;
}
BOOL WINAPI MyTerminateProcess(_In_ HANDLE hProcess, _In_ UINT uExitCode)
{
if (hProcess == CHookOpenProcessDlg::OpenProcessHandle)
{
return 0xff;
}
if (CHookOpenProcessDlg::OriginOpenTerminateProcess)
{
return CHookOpenProcessDlg::OriginOpenTerminateProcess(hProcess,uExitCode);
}
return TRUE;
}
void CHookOpenProcessDlg::OnBnClickedBtnhook()
{
// TODO: 在此添加控件通知处理程序代码
MH_STATUS iRet = MH_CreateHookApiEx(L"Kernel32.dll","TerminateProcess",&MyTerminateProcess,reinterpret_cast<void**>(&OriginOpenTerminateProcess),reinterpret_cast<void**>(&OriginOpenTerminateProcessTarget));
if (iRet != MH_OK)
{
CString str;
str += MH_StatusToString(iRet);
MessageBox(str);
}
iRet = MH_EnableHook(OriginOpenTerminateProcessTarget);
if (iRet != MH_OK)
{
CString str;
str += MH_StatusToString(iRet);
MessageBox(str);
}
iRet = MH_CreateHookApiEx(L"Kernel32.dll","OpenProcess",&MyOpenProcess,reinterpret_cast<void**>(&OriginOpenProcess),reinterpret_cast<void**>(&OriginOpenProcessTarget));
if (iRet != MH_OK)
{
CString str;
str += MH_StatusToString(iRet);
MessageBox(str);
}
iRet = MH_EnableHook(OriginOpenProcessTarget);
if (iRet != MH_OK)
{
CString str;
str += MH_StatusToString(iRet);
MessageBox(str);
}
}
void CHookOpenProcessDlg::OnDestroy()
{
CDialogEx::OnDestroy();
// TODO: 在此处添加消息处理程序代码
MH_STATUS iRet = MH_Uninitialize();
if (iRet != MH_OK)
{
CString str;
str += MH_StatusToString(iRet);
MessageBox(str);
}
}
DWORD CHookOpenProcessDlg::m_dwProcess = 0;
TypeOpenProcess CHookOpenProcessDlg::OriginOpenProcess = NULL;
HANDLE CHookOpenProcessDlg::OpenProcessHandle = NULL;
TypeOpenProcess CHookOpenProcessDlg::OriginOpenProcessTarget = NULL;
TypeTerminateProcess CHookOpenProcessDlg::OriginOpenTerminateProcess = NULL;
TypeTerminateProcess CHookOpenProcessDlg::OriginOpenTerminateProcessTarget = NULL;
void CHookOpenProcessDlg::OnBnClickedButton2()
{
MH_STATUS iRet = MH_QueueEnableHook(CHookOpenProcessDlg::OriginOpenProcessTarget);
if (iRet == MH_OK)
{
CString str("OriginOpenProcessTarget");
str += MH_StatusToString(iRet);
MessageBox(str);
}
iRet = MH_QueueEnableHook(CHookOpenProcessDlg::OriginOpenTerminateProcessTarget);
if (iRet != MH_OK)
{
CString str("OriginOpenTerminateProcessTarget");
str += MH_StatusToString(iRet);
MessageBox(str);
}
}
| 
发表于 2017-4-10 04:52
|
发表于 2017-4-10 08:25
你想干嘛?????
正在纠结中
