我正在尝试挂钩Get方法,现在我得到了这段代码:
#include "stdafx.h"
#pragma comment (lib, "detours.lib")
typedef HRESULT (WINAPI * True_GetFn)(LPCWSTR wszName, LONG lFlags, VARIANT *pVal, CIMTYPE *pvtType, LONG *plFlavor);
True_GetFn p_Get = nullptr;
__declspec(dllexport) HRESULT WINAPI Hooked_Get(LPCWSTR wszName, LONG lFlags, VARIANT *pVal, CIMTYPE *pvtType, LONG *plFlavor)
{
if (wcsstr(wszName, L"VideoProcessor") != NULL || wcsstr(wszName, L"Name") != NULL || wcsstr(wszName, L"AdapterCompatibility") != NULL || wcsstr(wszName, L"SystemName") != NULL)
{
pVal->vt = VT_BSTR;
V_BSTR(pVal) = L"NO_DATA";
}
else if (wcsstr(wszName, L"AdapterRAM") != NULL)
{
pVal->vt = VT_UI4;
V_BSTR(pVal) = L"0";
}
return p_Get(wszName, lFlags, pVal, pvtType, plFlavor);
}
PVOID SetDetour(PVOID* ppTarget, PVOID pHandler)
{
if (DetourTransactionBegin() != NO_ERROR)
return FALSE;
if (DetourUpdateThread(GetCurrentThread()) != NO_ERROR)
{
DetourTransactionCommit();
return NULL;
}
PDETOUR_TRAMPOLINE pTrampoline = NULL;
if (DetourAttachEx(ppTarget, pHandler, &pTrampoline, NULL, NULL) != NO_ERROR)
{
DetourTransactionCommit();
return NULL;
}
if (DetourTransactionCommit() != NO_ERROR)
{
DetourTransactionAbort();
return NULL;
}
return pTrampoline;
}
BOOL APIENTRY DllMain(HINSTANCE hinst, DWORD dwReason, LPVOID reserved)
{
HMODULE hLib = LoadLibraryA("fastprox.dll");
if (hLib)
{
p_Get = (True_GetFn)GetProcAddress(hLib, "?Get@CWbemObject@@UAGJPBGJPAUtagVARIANT@@PAJ2@Z");
if (p_Get)
{
if (dwReason == DLL_PROCESS_ATTACH)
{
SetDetour((PVOID*)&p_Get, Hooked_Get);
}
else if (dwReason == DLL_PROCESS_DETACH)
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach((PVOID*)&p_Get, Hooked_Get);
DetourTransactionCommit();
}
}
}
return TRUE;
}
它正在编译好但是......当我使用WITHDLL.EXE(包含在MS Detours包中)将编译的DLL附加到EXE文件并尝试启动程序时发生错误。
例如,我启动了dxdiag.exea并获得了这些窗口: Window #1和Window #2;
关于为什么会发生这种情况以及如何解决它的任何想法?
