C ++钩住dll吗? [英] C++ hooking a dll?

问题描述

有没有一种快速的方法来在C ++中挂接dll?我知道有Microsoft的绕道而行，但不是很快钩几个dll函数的简单方法?

Is there a quick way to hook a dll in c++? I know there is Microsoft's Detours thing, but isn't there a quick a simple way just to hook a few dll functions?

例如，我想将DLL mytestdll.dll 中的函数 void mytestfunction()钩接到 hook_mytestfunction().

For example I want to hook a the function void mytestfunction() in the dll mytestdll.dll to hook_mytestfunction().

提前谢谢！

推荐答案

可能最简单的方法是将自己的具有相同名称的包装DLL 放在EXE目录中，并放置一个副本具有新名称的相同目录中的挂钩DLL的名称.然后，在包装DLL的IAT中，将所有未拦截的调用重定向到包装的DLL(导出转发)，然后自己实现其他调用.

Probably the easiest way is to put your own wrapper DLL with the same name in the directory of the EXE, and put a copy of the hooked DLL in the same directory with a new name. Then, in the IAT of your wrapper DLL, redirect any non-intercepted call to the wrapped DLL (export forwarding), and implement the others yourself.

要重定向功能，请将以下行放在.DEF文件中: Foo = wrapped_mytestdll.Foo 其中Foo是(缠结的)函数名称，而 wrapped_mytestdll 是新的复制的DLL的名称.

To redirect functions, put the following line in your .DEF file: Foo=wrapped_mytestdll.Foo where Foo is the (mangled) function name and wrapped_mytestdll is the new name of the copied DLL.

因此，受影响的EXE会加载您的包装DLL，然后依次包装该DLL.包装DLL中的功能优先于包装的DLL. not 唯一被拦截的调用是包装的DLL对其自身的调用，因为这些调用不会通过您的IAT.

As a result, the affected EXE loads your wrapper DLL, and in turn the wrapped DLL. Functions in your wrapper DLL take precedence over the wrapped DLL. The only calls not intercepted are calls by the wrapped DLL to itself, as those don't go through your IAT.

(此后我发现 a链接到工具以生成基本的".DEF"文件，但尚未对其进行自我测试.使用后果自负.)

(I've since found a link to a tool to generate a basic ".DEF" file, but haven't tested it myself. Use at your own risk.)

这篇关于C ++钩住dll吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！