当前位置: 首页 > news >正文

winhttp劫持dll

news 来源:原创 2024/9/20 18:54:03

转发类

#include "pch.h"
#include "WinHttpForward.h"void WinHttpForward::InitWinHttpForward() {HMODULE hValve = LoadLibrary(L"winhttp.dll");//导入系统路径下的if (GetLastError() != ERROR_MOD_NOT_FOUND && hValve != NULL) {GetFileVersionInfoA = GetProcAddress(hValve, "GetFileVersionInfoA");//获取所有的导出函数地址GetFileVersionInfoByHandle = GetProcAddress(hValve, "GetFileVersionInfoByHandle");//获取所有的导出函数地址GetFileVersionInfoExA = GetProcAddress(hValve, "GetFileVersionInfoExA");//获取所有的导出函数地址GetFileVersionInfoExW = GetProcAddress(hValve, "GetFileVersionInfoExW");//获取所有的导出函数地址GetFileVersionInfoSizeA = GetProcAddress(hValve, "GetFileVersionInfoSizeA");//获取所有的导出函数地址GetFileVersionInfoSizeExA = GetProcAddress(hValve, "GetFileVersionInfoSizeExA");//获取所有的导出函数地址GetFileVersionInfoSizeExW = GetProcAddress(hValve, "GetFileVersionInfoSizeExW");//获取所有的导出函数地址GetFileVersionInfoSizeW = GetProcAddress(hValve, "GetFileVersionInfoSizeW");//获取所有的导出函数地址GetFileVersionInfoW = GetProcAddress(hValve, "GetFileVersionInfoW");//获取所有的导出函数地址Private1 = GetProcAddress(hValve, "Private1");//获取所有的导出函数地址SvchostPushServiceGlobals = GetProcAddress(hValve, "SvchostPushServiceGlobals");//获取所有的导出函数地址VerFindFileA = GetProcAddress(hValve, "VerFindFileA");//获取所有的导出函数地址VerFindFileW = GetProcAddress(hValve, "VerFindFileW");//获取所有的导出函数地址VerInstallFileA = GetProcAddress(hValve, "VerInstallFileA");//获取所有的导出函数地址VerInstallFileW = GetProcAddress(hValve, "VerInstallFileW");//获取所有的导出函数地址VerLanguageNameA = GetProcAddress(hValve, "VerLanguageNameA");//获取所有的导出函数地址VerLanguageNameW = GetProcAddress(hValve, "VerLanguageNameW");//获取所有的导出函数地址VerQueryValueA = GetProcAddress(hValve, "VerQueryValueA");//获取所有的导出函数地址VerQueryValueW = GetProcAddress(hValve, "VerQueryValueW");//获取所有的导出函数地址WinHttpAddRequestHeaders = GetProcAddress(hValve, "WinHttpAddRequestHeaders");//获取所有的导出函数地址WinHttpAutoProxySvcMain = GetProcAddress(hValve, "WinHttpAutoProxySvcMain");//获取所有的导出函数地址WinHttpCheckPlatform = GetProcAddress(hValve, "WinHttpCheckPlatform");//获取所有的导出函数地址WinHttpCloseHandle = GetProcAddress(hValve, "WinHttpCloseHandle");//获取所有的导出函数地址WinHttpConnect = GetProcAddress(hValve, "WinHttpConnect");//获取所有的导出函数地址WinHttpConnectionDeletePolicyEntries = GetProcAddress(hValve, "WinHttpConnectionDeletePolicyEntries");//获取所有的导出函数地址WinHttpConnectionDeleteProxyInfo = GetProcAddress(hValve, "WinHttpConnectionDeleteProxyInfo");//获取所有的导出函数地址WinHttpConnectionFreeNameList = GetProcAddress(hValve, "WinHttpConnectionFreeNameList");//获取所有的导出函数地址WinHttpConnectionFreeProxyInfo = GetProcAddress(hValve, "WinHttpConnectionFreeProxyInfo");//获取所有的导出函数地址WinHttpConnectionFreeProxyList = GetProcAddress(hValve, "WinHttpConnectionFreeProxyList");//获取所有的导出函数地址WinHttpConnectionGetNameList = GetProcAddress(hValve, "WinHttpConnectionGetNameList");//获取所有的导出函数地址WinHttpConnectionGetProxyInfo = GetProcAddress(hValve, "WinHttpConnectionGetProxyInfo");//获取所有的导出函数地址WinHttpConnectionGetProxyList = GetProcAddress(hValve, "WinHttpConnectionGetProxyList");//获取所有的导出函数地址WinHttpConnectionSetPolicyEntries = GetProcAddress(hValve, "WinHttpConnectionSetPolicyEntries");//获取所有的导出函数地址WinHttpConnectionSetProxyInfo = GetProcAddress(hValve, "WinHttpConnectionSetProxyInfo");//获取所有的导出函数地址WinHttpConnectionUpdateIfIndexTable = GetProcAddress(hValve, "WinHttpConnectionUpdateIfIndexTable");//获取所有的导出函数地址WinHttpCrackUrl = GetProcAddress(hValve, "WinHttpCrackUrl");//获取所有的导出函数地址WinHttpCreateProxyResolver = GetProcAddress(hValve, "WinHttpCreateProxyResolver");//获取所有的导出函数地址WinHttpCreateUrl = GetProcAddress(hValve, "WinHttpCreateUrl");//获取所有的导出函数地址WinHttpDetectAutoProxyConfigUrl = GetProcAddress(hValve, "WinHttpDetectAutoProxyConfigUrl");//获取所有的导出函数地址WinHttpFreeProxyResult = GetProcAddress(hValve, "WinHttpFreeProxyResult");//获取所有的导出函数地址WinHttpFreeProxyResultEx = GetProcAddress(hValve, "WinHttpFreeProxyResultEx");//获取所有的导出函数地址WinHttpFreeProxySettings = GetProcAddress(hValve, "WinHttpFreeProxySettings");//获取所有的导出函数地址WinHttpGetDefaultProxyConfiguration = GetProcAddress(hValve, "WinHttpGetDefaultProxyConfiguration");//获取所有的导出函数地址WinHttpGetIEProxyConfigForCurrentUser = GetProcAddress(hValve, "WinHttpGetIEProxyConfigForCurrentUser");//获取所有的导出函数地址WinHttpGetProxyForUrl = GetProcAddress(hValve, "WinHttpGetProxyForUrl");//获取所有的导出函数地址WinHttpGetProxyForUrlEx = GetProcAddress(hValve, "WinHttpGetProxyForUrlEx");//获取所有的导出函数地址WinHttpGetProxyForUrlEx2 = GetProcAddress(hValve, "WinHttpGetProxyForUrlEx2");//获取所有的导出函数地址WinHttpGetProxyForUrlHvsi = GetProcAddress(hValve, "WinHttpGetProxyForUrlHvsi");//获取所有的导出函数地址WinHttpGetProxyResult = GetProcAddress(hValve, "WinHttpGetProxyResult");//获取所有的导出函数地址WinHttpGetProxyResultEx = GetProcAddress(hValve, "WinHttpGetProxyResultEx");//获取所有的导出函数地址WinHttpGetProxySettingsVersion = GetProcAddress(hValve, "WinHttpGetProxySettingsVersion");//获取所有的导出函数地址WinHttpGetTunnelSocket = GetProcAddress(hValve, "WinHttpGetTunnelSocket");//获取所有的导出函数地址WinHttpOpen = GetProcAddress(hValve, "WinHttpOpen");//获取所有的导出函数地址WinHttpOpenRequest = GetProcAddress(hValve, "WinHttpOpenRequest");//获取所有的导出函数地址WinHttpPacJsWorkerMain = GetProcAddress(hValve, "WinHttpPacJsWorkerMain");//获取所有的导出函数地址WinHttpProbeConnectivity = GetProcAddress(hValve, "WinHttpProbeConnectivity");//获取所有的导出函数地址WinHttpQueryAuthSchemes = GetProcAddress(hValve, "WinHttpQueryAuthSchemes");//获取所有的导出函数地址WinHttpQueryDataAvailable = GetProcAddress(hValve, "WinHttpQueryDataAvailable");//获取所有的导出函数地址WinHttpQueryHeaders = GetProcAddress(hValve, "WinHttpQueryHeaders");//获取所有的导出函数地址WinHttpQueryOption = GetProcAddress(hValve, "WinHttpQueryOption");//获取所有的导出函数地址WinHttpReadData = GetProcAddress(hValve, "WinHttpReadData");//获取所有的导出函数地址WinHttpReadProxySettings = GetProcAddress(hValve, "WinHttpReadProxySettings");//获取所有的导出函数地址WinHttpReadProxySettingsHvsi = GetProcAddress(hValve, "WinHttpReadProxySettingsHvsi");//获取所有的导出函数地址WinHttpReceiveResponse = GetProcAddress(hValve, "WinHttpReceiveResponse");//获取所有的导出函数地址WinHttpResetAutoProxy = GetProcAddress(hValve, "WinHttpResetAutoProxy");//获取所有的导出函数地址WinHttpSaveProxyCredentials = GetProcAddress(hValve, "WinHttpSaveProxyCredentials");//获取所有的导出函数地址WinHttpSendRequest = GetProcAddress(hValve, "WinHttpSendRequest");//获取所有的导出函数地址WinHttpSetCredentials = GetProcAddress(hValve, "WinHttpSetCredentials");//获取所有的导出函数地址WinHttpSetDefaultProxyConfiguration = GetProcAddress(hValve, "WinHttpSetDefaultProxyConfiguration");//获取所有的导出函数地址WinHttpSetOption = GetProcAddress(hValve, "WinHttpSetOption");//获取所有的导出函数地址WinHttpSetStatusCallback = GetProcAddress(hValve, "WinHttpSetStatusCallback");//获取所有的导出函数地址WinHttpSetTimeouts = GetProcAddress(hValve, "WinHttpSetTimeouts");//获取所有的导出函数地址WinHttpTimeFromSystemTime = GetProcAddress(hValve, "WinHttpTimeFromSystemTime");//获取所有的导出函数地址WinHttpTimeToSystemTime = GetProcAddress(hValve, "WinHttpTimeToSystemTime");//获取所有的导出函数地址WinHttpWebSocketClose = GetProcAddress(hValve, "WinHttpWebSocketClose");//获取所有的导出函数地址WinHttpWebSocketCompleteUpgrade = GetProcAddress(hValve, "WinHttpWebSocketCompleteUpgrade");//获取所有的导出函数地址WinHttpWebSocketQueryCloseStatus = GetProcAddress(hValve, "WinHttpWebSocketQueryCloseStatus");//获取所有的导出函数地址WinHttpWebSocketReceive = GetProcAddress(hValve, "WinHttpWebSocketReceive");//获取所有的导出函数地址WinHttpWebSocketSend = GetProcAddress(hValve, "WinHttpWebSocketSend");//获取所有的导出函数地址WinHttpWebSocketShutdown = GetProcAddress(hValve, "WinHttpWebSocketShutdown");//获取所有的导出函数地址WinHttpWriteData = GetProcAddress(hValve, "WinHttpWriteData");//获取所有的导出函数地址WinHttpWriteProxySettings = GetProcAddress(hValve, "WinHttpWriteProxySettings");//获取所有的导出函数地址}
}FARPROC WinHttpForward::GetFileVersionInfoA;
FARPROC WinHttpForward::GetFileVersionInfoByHandle;
FARPROC WinHttpForward::GetFileVersionInfoExA;
FARPROC WinHttpForward::GetFileVersionInfoExW;
FARPROC WinHttpForward::GetFileVersionInfoSizeA;
FARPROC WinHttpForward::GetFileVersionInfoSizeExA;
FARPROC WinHttpForward::GetFileVersionInfoSizeExW;
FARPROC WinHttpForward::GetFileVersionInfoSizeW;
FARPROC WinHttpForward::GetFileVersionInfoW;
FARPROC WinHttpForward::Private1;
FARPROC WinHttpForward::SvchostPushServiceGlobals;
FARPROC WinHttpForward::VerFindFileA;
FARPROC WinHttpForward::VerFindFileW;
FARPROC WinHttpForward::VerInstallFileA;
FARPROC WinHttpForward::VerInstallFileW;
FARPROC WinHttpForward::VerLanguageNameA;
FARPROC WinHttpForward::VerLanguageNameW;
FARPROC WinHttpForward::VerQueryValueA;
FARPROC WinHttpForward::VerQueryValueW;
FARPROC WinHttpForward::WinHttpAddRequestHeaders;
FARPROC WinHttpForward::WinHttpAutoProxySvcMain;
FARPROC WinHttpForward::WinHttpCheckPlatform;
FARPROC WinHttpForward::WinHttpCloseHandle;
FARPROC WinHttpForward::WinHttpConnect;
FARPROC WinHttpForward::WinHttpConnectionDeletePolicyEntries;
FARPROC WinHttpForward::WinHttpConnectionDeleteProxyInfo;
FARPROC WinHttpForward::WinHttpConnectionFreeNameList;
FARPROC WinHttpForward::WinHttpConnectionFreeProxyInfo;
FARPROC WinHttpForward::WinHttpConnectionFreeProxyList;
FARPROC WinHttpForward::WinHttpConnectionGetNameList;
FARPROC WinHttpForward::WinHttpConnectionGetProxyInfo;
FARPROC WinHttpForward::WinHttpConnectionGetProxyList;
FARPROC WinHttpForward::WinHttpConnectionSetPolicyEntries;
FARPROC WinHttpForward::WinHttpConnectionSetProxyInfo;
FARPROC WinHttpForward::WinHttpConnectionUpdateIfIndexTable;
FARPROC WinHttpForward::WinHttpCrackUrl;
FARPROC WinHttpForward::WinHttpCreateProxyResolver;
FARPROC WinHttpForward::WinHttpCreateUrl;
FARPROC WinHttpForward::WinHttpDetectAutoProxyConfigUrl;
FARPROC WinHttpForward::WinHttpFreeProxyResult;
FARPROC WinHttpForward::WinHttpFreeProxyResultEx;
FARPROC WinHttpForward::WinHttpFreeProxySettings;
FARPROC WinHttpForward::WinHttpGetDefaultProxyConfiguration;
FARPROC WinHttpForward::WinHttpGetIEProxyConfigForCurrentUser;
FARPROC WinHttpForward::WinHttpGetProxyForUrl;
FARPROC WinHttpForward::WinHttpGetProxyForUrlEx;
FARPROC WinHttpForward::WinHttpGetProxyForUrlEx2;
FARPROC WinHttpForward::WinHttpGetProxyForUrlHvsi;
FARPROC WinHttpForward::WinHttpGetProxyResult;
FARPROC WinHttpForward::WinHttpGetProxyResultEx;
FARPROC WinHttpForward::WinHttpGetProxySettingsVersion;
FARPROC WinHttpForward::WinHttpGetTunnelSocket;
FARPROC WinHttpForward::WinHttpOpen;
FARPROC WinHttpForward::WinHttpOpenRequest;
FARPROC WinHttpForward::WinHttpPacJsWorkerMain;
FARPROC WinHttpForward::WinHttpProbeConnectivity;
FARPROC WinHttpForward::WinHttpQueryAuthSchemes;
FARPROC WinHttpForward::WinHttpQueryDataAvailable;
FARPROC WinHttpForward::WinHttpQueryHeaders;
FARPROC WinHttpForward::WinHttpQueryOption;
FARPROC WinHttpForward::WinHttpReadData;
FARPROC WinHttpForward::WinHttpReadProxySettings;
FARPROC WinHttpForward::WinHttpReadProxySettingsHvsi;
FARPROC WinHttpForward::WinHttpReceiveResponse;
FARPROC WinHttpForward::WinHttpResetAutoProxy;
FARPROC WinHttpForward::WinHttpSaveProxyCredentials;
FARPROC WinHttpForward::WinHttpSendRequest;
FARPROC WinHttpForward::WinHttpSetCredentials;
FARPROC WinHttpForward::WinHttpSetDefaultProxyConfiguration;
FARPROC WinHttpForward::WinHttpSetOption;
FARPROC WinHttpForward::WinHttpSetStatusCallback;
FARPROC WinHttpForward::WinHttpSetTimeouts;
FARPROC WinHttpForward::WinHttpTimeFromSystemTime;
FARPROC WinHttpForward::WinHttpTimeToSystemTime;
FARPROC WinHttpForward::WinHttpWebSocketClose;
FARPROC WinHttpForward::WinHttpWebSocketCompleteUpgrade;
FARPROC WinHttpForward::WinHttpWebSocketQueryCloseStatus;
FARPROC WinHttpForward::WinHttpWebSocketReceive;
FARPROC WinHttpForward::WinHttpWebSocketSend;
FARPROC WinHttpForward::WinHttpWebSocketShutdown;
FARPROC WinHttpForward::WinHttpWriteData;
FARPROC WinHttpForward::WinHttpWriteProxySettings;

转发头文件


#ifndef WinHttpForward_H
#define WinHttpForward_Hclass WinHttpForward
{
public:static void InitWinHttpForward();static FARPROC GetFileVersionInfoA;static FARPROC GetFileVersionInfoByHandle;static FARPROC GetFileVersionInfoExA;static FARPROC GetFileVersionInfoExW;static FARPROC GetFileVersionInfoSizeA;static FARPROC GetFileVersionInfoSizeExA;static FARPROC GetFileVersionInfoSizeExW;static FARPROC GetFileVersionInfoSizeW;static FARPROC GetFileVersionInfoW;static FARPROC Private1;static FARPROC SvchostPushServiceGlobals;static FARPROC VerFindFileA;static FARPROC VerFindFileW;static FARPROC VerInstallFileA;static FARPROC VerInstallFileW;static FARPROC VerLanguageNameA;static FARPROC VerLanguageNameW;static FARPROC VerQueryValueA;static FARPROC VerQueryValueW;static FARPROC WinHttpAddRequestHeaders;static FARPROC WinHttpAutoProxySvcMain;static FARPROC WinHttpCheckPlatform;static FARPROC WinHttpCloseHandle;static FARPROC WinHttpConnect;static FARPROC WinHttpConnectionDeletePolicyEntries;static FARPROC WinHttpConnectionDeleteProxyInfo;static FARPROC WinHttpConnectionFreeNameList;static FARPROC WinHttpConnectionFreeProxyInfo;static FARPROC WinHttpConnectionFreeProxyList;static FARPROC WinHttpConnectionGetNameList;static FARPROC WinHttpConnectionGetProxyInfo;static FARPROC WinHttpConnectionGetProxyList;static FARPROC WinHttpConnectionSetPolicyEntries;static FARPROC WinHttpConnectionSetProxyInfo;static FARPROC WinHttpConnectionUpdateIfIndexTable;static FARPROC WinHttpCrackUrl;static FARPROC WinHttpCreateProxyResolver;static FARPROC WinHttpCreateUrl;static FARPROC WinHttpDetectAutoProxyConfigUrl;static FARPROC WinHttpFreeProxyResult;static FARPROC WinHttpFreeProxyResultEx;static FARPROC WinHttpFreeProxySettings;static FARPROC WinHttpGetDefaultProxyConfiguration;static FARPROC WinHttpGetIEProxyConfigForCurrentUser;static FARPROC WinHttpGetProxyForUrl;static FARPROC WinHttpGetProxyForUrlEx;static FARPROC WinHttpGetProxyForUrlEx2;static FARPROC WinHttpGetProxyForUrlHvsi;static FARPROC WinHttpGetProxyResult;static FARPROC WinHttpGetProxyResultEx;static FARPROC WinHttpGetProxySettingsVersion;static FARPROC WinHttpGetTunnelSocket;static FARPROC WinHttpOpen;static FARPROC WinHttpOpenRequest;static FARPROC WinHttpPacJsWorkerMain;static FARPROC WinHttpProbeConnectivity;static FARPROC WinHttpQueryAuthSchemes;static FARPROC WinHttpQueryDataAvailable;static FARPROC WinHttpQueryHeaders;static FARPROC WinHttpQueryOption;static FARPROC WinHttpReadData;static FARPROC WinHttpReadProxySettings;static FARPROC WinHttpReadProxySettingsHvsi;static FARPROC WinHttpReceiveResponse;static FARPROC WinHttpResetAutoProxy;static FARPROC WinHttpSaveProxyCredentials;static FARPROC WinHttpSendRequest;static FARPROC WinHttpSetCredentials;static FARPROC WinHttpSetDefaultProxyConfiguration;static FARPROC WinHttpSetOption;static FARPROC WinHttpSetStatusCallback;static FARPROC WinHttpSetTimeouts;static FARPROC WinHttpTimeFromSystemTime;static FARPROC WinHttpTimeToSystemTime;static FARPROC WinHttpWebSocketClose;static FARPROC WinHttpWebSocketCompleteUpgrade;static FARPROC WinHttpWebSocketQueryCloseStatus;static FARPROC WinHttpWebSocketReceive;static FARPROC WinHttpWebSocketSend;static FARPROC WinHttpWebSocketShutdown;static FARPROC WinHttpWriteData;static FARPROC WinHttpWriteProxySettings;};#endif //PCH_H

进入主函数

// dllmain.cpp : 定义 DLL 应用程序的入口点。
#include "pch.h"BOOL APIENTRY DllMain( HMODULE hModule,DWORD  ul_reason_for_call,LPVOID lpReserved)
{switch (ul_reason_for_call){case DLL_PROCESS_ATTACH:case DLL_THREAD_ATTACH:case DLL_THREAD_DETACH:case DLL_PROCESS_DETACH:break;}return TRUE;
}//设置导出函数
//DLLEXPORT void GetFileVersionInfoA() { WinHttpForward::GetFileVersionInfoA(); };
DLLEXPORT void GetFileVersionInfoByHandle() { WinHttpForward::GetFileVersionInfoByHandle(); };
//DLLEXPORT void GetFileVersionInfoExA() { WinHttpForward::GetFileVersionInfoExA(); };
//DLLEXPORT void GetFileVersionInfoExW() { WinHttpForward::GetFileVersionInfoExW(); };
//DLLEXPORT void GetFileVersionInfoSizeA() { WinHttpForward::GetFileVersionInfoSizeA(); };
//DLLEXPORT void GetFileVersionInfoSizeExA() { WinHttpForward::GetFileVersionInfoSizeExA(); };
//DLLEXPORT void GetFileVersionInfoSizeExW() { WinHttpForward::GetFileVersionInfoSizeExW(); };
//DLLEXPORT void GetFileVersionInfoSizeW() { WinHttpForward::GetFileVersionInfoSizeW(); };
//DLLEXPORT void GetFileVersionInfoW() { WinHttpForward::GetFileVersionInfoW(); };
DLLEXPORT void Private1() { WinHttpForward::Private1(); };
DLLEXPORT void SvchostPushServiceGlobals() { WinHttpForward::SvchostPushServiceGlobals(); };
//DLLEXPORT void VerFindFileA() { WinHttpForward::VerFindFileA(); };
//DLLEXPORT void VerFindFileW() { WinHttpForward::VerFindFileW(); };
//DLLEXPORT void VerInstallFileA() { WinHttpForward::VerInstallFileA(); };
//DLLEXPORT void VerInstallFileW() { WinHttpForward::VerInstallFileW(); };
//DLLEXPORT void VerLanguageNameA() { WinHttpForward::VerLanguageNameA(); };
//DLLEXPORT void VerLanguageNameW() { WinHttpForward::VerLanguageNameW(); };
//DLLEXPORT void VerQueryValueA() { WinHttpForward::VerQueryValueA(); };
//DLLEXPORT void VerQueryValueW() { WinHttpForward::VerQueryValueW(); };
DLLEXPORT void WinHttpAddRequestHeaders() { WinHttpForward::WinHttpAddRequestHeaders(); };
DLLEXPORT void WinHttpAutoProxySvcMain() { WinHttpForward::WinHttpAutoProxySvcMain(); };
DLLEXPORT void WinHttpCheckPlatform() { WinHttpForward::WinHttpCheckPlatform(); };
DLLEXPORT void WinHttpCloseHandle() { WinHttpForward::WinHttpCloseHandle(); };
DLLEXPORT void WinHttpConnect() { WinHttpForward::WinHttpConnect(); };
DLLEXPORT void WinHttpConnectionDeletePolicyEntries() { WinHttpForward::WinHttpConnectionDeletePolicyEntries(); };
DLLEXPORT void WinHttpConnectionDeleteProxyInfo() { WinHttpForward::WinHttpConnectionDeleteProxyInfo(); };
DLLEXPORT void WinHttpConnectionFreeNameList() { WinHttpForward::WinHttpConnectionFreeNameList(); };
DLLEXPORT void WinHttpConnectionFreeProxyInfo() { WinHttpForward::WinHttpConnectionFreeProxyInfo(); };
DLLEXPORT void WinHttpConnectionFreeProxyList() { WinHttpForward::WinHttpConnectionFreeProxyList(); };
DLLEXPORT void WinHttpConnectionGetNameList() { WinHttpForward::WinHttpConnectionGetNameList(); };
DLLEXPORT void WinHttpConnectionGetProxyInfo() { WinHttpForward::WinHttpConnectionGetProxyInfo(); };
DLLEXPORT void WinHttpConnectionGetProxyList() { WinHttpForward::WinHttpConnectionGetProxyList(); };
DLLEXPORT void WinHttpConnectionSetPolicyEntries() { WinHttpForward::WinHttpConnectionSetPolicyEntries(); };
DLLEXPORT void WinHttpConnectionSetProxyInfo() { WinHttpForward::WinHttpConnectionSetProxyInfo(); };
DLLEXPORT void WinHttpConnectionUpdateIfIndexTable() { WinHttpForward::WinHttpConnectionUpdateIfIndexTable(); };
DLLEXPORT void WinHttpCrackUrl() { WinHttpForward::WinHttpCrackUrl(); };
DLLEXPORT void WinHttpCreateProxyResolver() { WinHttpForward::WinHttpCreateProxyResolver(); };
DLLEXPORT void WinHttpCreateUrl() { WinHttpForward::WinHttpCreateUrl(); };
DLLEXPORT void WinHttpDetectAutoProxyConfigUrl() { WinHttpForward::WinHttpDetectAutoProxyConfigUrl(); };
DLLEXPORT void WinHttpFreeProxyResult() { WinHttpForward::WinHttpFreeProxyResult(); };
DLLEXPORT void WinHttpFreeProxyResultEx() { WinHttpForward::WinHttpFreeProxyResultEx(); };
DLLEXPORT void WinHttpFreeProxySettings() { WinHttpForward::WinHttpFreeProxySettings(); };
DLLEXPORT void WinHttpGetDefaultProxyConfiguration() { WinHttpForward::WinHttpGetDefaultProxyConfiguration(); };
DLLEXPORT void WinHttpGetIEProxyConfigForCurrentUser() { WinHttpForward::WinHttpGetIEProxyConfigForCurrentUser(); };
DLLEXPORT void WinHttpGetProxyForUrl() { WinHttpForward::WinHttpGetProxyForUrl(); };
DLLEXPORT void WinHttpGetProxyForUrlEx() { WinHttpForward::WinHttpGetProxyForUrlEx(); };
DLLEXPORT void WinHttpGetProxyForUrlEx2() { WinHttpForward::WinHttpGetProxyForUrlEx2(); };
DLLEXPORT void WinHttpGetProxyForUrlHvsi() { WinHttpForward::WinHttpGetProxyForUrlHvsi(); };
DLLEXPORT void WinHttpGetProxyResult() { WinHttpForward::WinHttpGetProxyResult(); };
DLLEXPORT void WinHttpGetProxyResultEx() { WinHttpForward::WinHttpGetProxyResultEx(); };
DLLEXPORT void WinHttpGetProxySettingsVersion() { WinHttpForward::WinHttpGetProxySettingsVersion(); };
DLLEXPORT void WinHttpGetTunnelSocket() { WinHttpForward::WinHttpGetTunnelSocket(); };
DLLEXPORT void WinHttpOpen() { WinHttpForward::WinHttpOpen(); };
DLLEXPORT void WinHttpOpenRequest() { WinHttpForward::WinHttpOpenRequest(); };
DLLEXPORT void WinHttpPacJsWorkerMain() { WinHttpForward::WinHttpPacJsWorkerMain(); };
DLLEXPORT void WinHttpProbeConnectivity() { WinHttpForward::WinHttpProbeConnectivity(); };
DLLEXPORT void WinHttpQueryAuthSchemes() { WinHttpForward::WinHttpQueryAuthSchemes(); };
DLLEXPORT void WinHttpQueryDataAvailable() { WinHttpForward::WinHttpQueryDataAvailable(); };
DLLEXPORT void WinHttpQueryHeaders() { WinHttpForward::WinHttpQueryHeaders(); };
DLLEXPORT void WinHttpQueryOption() { WinHttpForward::WinHttpQueryOption(); };
DLLEXPORT void WinHttpReadData() { WinHttpForward::WinHttpReadData(); };
DLLEXPORT void WinHttpReadProxySettings() { WinHttpForward::WinHttpReadProxySettings(); };
DLLEXPORT void WinHttpReadProxySettingsHvsi() { WinHttpForward::WinHttpReadProxySettingsHvsi(); };
DLLEXPORT void WinHttpReceiveResponse() { WinHttpForward::WinHttpReceiveResponse(); };
DLLEXPORT void WinHttpResetAutoProxy() { WinHttpForward::WinHttpResetAutoProxy(); };
DLLEXPORT void WinHttpSaveProxyCredentials() { WinHttpForward::WinHttpSaveProxyCredentials(); };
DLLEXPORT void WinHttpSendRequest() { WinHttpForward::WinHttpSendRequest(); };
DLLEXPORT void WinHttpSetCredentials() { WinHttpForward::WinHttpSetCredentials(); };
DLLEXPORT void WinHttpSetDefaultProxyConfiguration() { WinHttpForward::WinHttpSetDefaultProxyConfiguration(); };
DLLEXPORT void WinHttpSetOption() { WinHttpForward::WinHttpSetOption(); };
DLLEXPORT void WinHttpSetStatusCallback() { WinHttpForward::WinHttpSetStatusCallback(); };
DLLEXPORT void WinHttpSetTimeouts() { WinHttpForward::WinHttpSetTimeouts(); };
DLLEXPORT void WinHttpTimeFromSystemTime() { WinHttpForward::WinHttpTimeFromSystemTime(); };
DLLEXPORT void WinHttpTimeToSystemTime() { WinHttpForward::WinHttpTimeToSystemTime(); };
DLLEXPORT void WinHttpWebSocketClose() { WinHttpForward::WinHttpWebSocketClose(); };
DLLEXPORT void WinHttpWebSocketCompleteUpgrade() { WinHttpForward::WinHttpWebSocketCompleteUpgrade(); };
DLLEXPORT void WinHttpWebSocketQueryCloseStatus() { WinHttpForward::WinHttpWebSocketQueryCloseStatus(); };
DLLEXPORT void WinHttpWebSocketReceive() { WinHttpForward::WinHttpWebSocketReceive(); };
DLLEXPORT void WinHttpWebSocketSend() { WinHttpForward::WinHttpWebSocketSend(); };
DLLEXPORT void WinHttpWebSocketShutdown() { WinHttpForward::WinHttpWebSocketShutdown(); };
DLLEXPORT void WinHttpWriteData() { WinHttpForward::WinHttpWriteData(); };
DLLEXPORT void WinHttpWriteProxySettings() { WinHttpForward::WinHttpWriteProxySettings(); };

hook mono函数

#ifndef _MonoFun_H_
#define _MonoFun_H_class MonoFun
{
public:static FARPROC mono_fun_init(HMODULE hModule);static FARPROC InitVerionApiDebug(HMODULE hModule, LPCSTR lpString1);//--------------成员------------static Mono_thread_current_Fun mono_thread_current ;static Mono_thread_set_main_Fun mono_thread_set_main;static Mono_jit_init_version_Fun mono_jit_init_version ;static Mono_domain_assembly_open_Fun mono_domain_assembly_open ;static Mono_assembly_get_image_Fun mono_assembly_get_image ;static Mono_runtime_invoke_Fun mono_runtime_invoke;static Mono_method_desc_new_Fun mono_method_desc_new;static Mono_method_desc_search_in_image_Fun mono_method_desc_search_in_image ;static Mono_method_desc_free_Fun mono_method_desc_free;static Mono_method_signature_Fun mono_method_signature;static Mono_signature_get_param_count_Fun mono_signature_get_param_count ;static Mono_domain_set_config_Fun mono_domain_set_config ;static Mono_array_new_Fun mono_array_new ;static Mono_get_string_class_Fun mono_get_string_class;static Mono_assembly_getrootdir_Fun mono_assembly_getrootdir ;static Mono_set_dirs_Fun mono_set_dirs ;static Mono_config_parse_Fun mono_config_parse ;static Mono_set_assemblies_path_Fun mono_set_assemblies_path ;static Mono_object_to_string_Fun mono_object_to_string;static Mono_string_to_utf8_Fun mono_string_to_utf8 ;static Mono_free_Fun mono_free;static Mono_image_open_from_data_with_name_Fun mono_image_open_from_data_with_name ;static Mono_assembly_load_from_full_Fun mono_assembly_load_from_full ;static Mono_jit_parse_options_Fun mono_jit_parse_options ;static Mono_debug_init_Fun mono_debug_init ;static Mono_debug_domain_create_Fun mono_debug_domain_create;static Mono_debug_enabled_Fun mono_debug_enabled ;};#endif

hook 头文件

#include "pch.h"
#include "Mono.h"
#include "MonoFun.h"Mono_thread_current_Fun MonoFun::mono_thread_current;
Mono_thread_set_main_Fun MonoFun::mono_thread_set_main;
Mono_jit_init_version_Fun MonoFun::mono_jit_init_version;
Mono_domain_assembly_open_Fun MonoFun::mono_domain_assembly_open;
Mono_assembly_get_image_Fun MonoFun::mono_assembly_get_image;
Mono_runtime_invoke_Fun MonoFun::mono_runtime_invoke;
Mono_method_desc_new_Fun MonoFun::mono_method_desc_new;
Mono_method_desc_search_in_image_Fun MonoFun::mono_method_desc_search_in_image;
Mono_method_desc_free_Fun MonoFun::mono_method_desc_free;
Mono_method_signature_Fun MonoFun::mono_method_signature;
Mono_signature_get_param_count_Fun MonoFun::mono_signature_get_param_count;
Mono_domain_set_config_Fun MonoFun::mono_domain_set_config;
Mono_array_new_Fun MonoFun::mono_array_new;
Mono_get_string_class_Fun MonoFun::mono_get_string_class;
Mono_assembly_getrootdir_Fun MonoFun::mono_assembly_getrootdir;
Mono_set_dirs_Fun MonoFun::mono_set_dirs;
Mono_config_parse_Fun MonoFun::mono_config_parse;
Mono_set_assemblies_path_Fun MonoFun::mono_set_assemblies_path;
Mono_object_to_string_Fun MonoFun::mono_object_to_string;
Mono_string_to_utf8_Fun MonoFun::mono_string_to_utf8;
Mono_free_Fun MonoFun::mono_free;
Mono_image_open_from_data_with_name_Fun MonoFun::mono_image_open_from_data_with_name;
Mono_assembly_load_from_full_Fun MonoFun::mono_assembly_load_from_full;
Mono_jit_parse_options_Fun MonoFun::mono_jit_parse_options;
Mono_debug_init_Fun MonoFun::mono_debug_init;
Mono_debug_domain_create_Fun MonoFun::mono_debug_domain_create;
Mono_debug_enabled_Fun MonoFun::mono_debug_enabled;FARPROC MonoFun::mono_fun_init(HMODULE hModule) {FARPROC result =NULL; // eaxmono_thread_current =(Mono_thread_current_Fun) GetProcAddress(hModule, "mono_thread_current");mono_thread_set_main = (Mono_thread_set_main_Fun)GetProcAddress(hModule, "mono_thread_set_main");mono_jit_init_version = (Mono_jit_init_version_Fun)GetProcAddress(hModule, "mono_jit_init_version");mono_domain_assembly_open = (Mono_domain_assembly_open_Fun)GetProcAddress(hModule, "mono_domain_assembly_open");mono_assembly_get_image = (Mono_assembly_get_image_Fun)GetProcAddress(hModule, "mono_assembly_get_image");mono_runtime_invoke = (Mono_runtime_invoke_Fun)GetProcAddress(hModule, "mono_runtime_invoke");mono_method_desc_new = (Mono_method_desc_new_Fun)GetProcAddress(hModule, "mono_method_desc_new");mono_method_desc_search_in_image = (Mono_method_desc_search_in_image_Fun)GetProcAddress(hModule, "mono_method_desc_search_in_image");mono_method_desc_free = (Mono_method_desc_free_Fun)GetProcAddress(hModule, "mono_method_desc_free");mono_method_signature = (Mono_method_signature_Fun)GetProcAddress(hModule, "mono_method_signature");mono_signature_get_param_count = (Mono_signature_get_param_count_Fun)GetProcAddress(hModule, "mono_signature_get_param_count");mono_domain_set_config = (Mono_domain_set_config_Fun)GetProcAddress(hModule, "mono_domain_set_config");mono_array_new = (Mono_array_new_Fun)GetProcAddress(hModule, "mono_array_new");mono_get_string_class = (Mono_get_string_class_Fun)GetProcAddress(hModule, "mono_get_string_class");mono_assembly_getrootdir = (Mono_assembly_getrootdir_Fun)GetProcAddress(hModule, "mono_assembly_getrootdir");mono_set_dirs = (Mono_set_dirs_Fun)GetProcAddress(hModule, "mono_set_dirs");mono_config_parse = (Mono_config_parse_Fun)GetProcAddress(hModule, "mono_config_parse");mono_set_assemblies_path = (Mono_set_assemblies_path_Fun)GetProcAddress(hModule, "mono_set_assemblies_path");mono_object_to_string = (Mono_object_to_string_Fun)GetProcAddress(hModule, "mono_object_to_string");mono_string_to_utf8 = (Mono_string_to_utf8_Fun)GetProcAddress(hModule, "mono_string_to_utf8");mono_free = (Mono_free_Fun)GetProcAddress(hModule, "mono_free");mono_image_open_from_data_with_name = (Mono_image_open_from_data_with_name_Fun)GetProcAddress(hModule, "mono_image_open_from_data_with_name");mono_assembly_load_from_full = (Mono_assembly_load_from_full_Fun)GetProcAddress(hModule, "mono_assembly_load_from_full");mono_jit_parse_options = (Mono_jit_parse_options_Fun)GetProcAddress(hModule, "mono_jit_parse_options");mono_debug_init = (Mono_debug_init_Fun)GetProcAddress(hModule, "mono_debug_init");mono_debug_domain_create = (Mono_debug_domain_create_Fun)GetProcAddress(hModule, "mono_debug_domain_create");mono_debug_enabled = (Mono_debug_enabled_Fun)GetProcAddress(hModule, "mono_debug_enabled");return result;}FARPROC MonoFun::InitVerionApiDebug(HMODULE hModule, LPCSTR lpString1) {bool IsglobaFlag = false;if (lstrcmpA(lpString1, "il2cpp_init")){if (lstrcmpA(lpString1, "mono_jit_init_version")){if (lstrcmpA(lpString1, "mono_image_open_from_data_with_name")){if (lstrcmpA(lpString1, "mono_jit_parse_options")){if (lstrcmpA(lpString1, "mono_debug_init")){return GetProcAddress(hModule, lpString1);}else{if (!IsglobaFlag){IsglobaFlag = true;//sub_10001BA1(hModule);mono_fun_init(hModule);}//return sub_100026B7;}}else{if (!IsglobaFlag){IsglobaFlag = true;//sub_10001BA1(hModule);mono_fun_init(hModule);}//return (FARPROC)&sub_100027D1;}}else{if (!IsglobaFlag){IsglobaFlag = true;//sub_10001BA1(hModule);mono_fun_init(hModule);}//return (FARPROC)sub_100026C7;}}else{if (!IsglobaFlag){IsglobaFlag = true;//sub_10001BA1(hModule);mono_fun_init(hModule);}//return (FARPROC)sub_10002AA7;}}else{if (!IsglobaFlag){IsglobaFlag = true;//sub_10001EEB(hModule);}//return sub_10002A7F;}return GetProcAddress(hModule, lpString1);}

hook 函数声明

#ifndef _MONO_H_
#define _MONO_H_typedef bool gboolean;
typedef unsigned short guint16;
typedef unsigned int guint32;
typedef bool mono_bool;
typedef int int32_t;typedef struct _MonoMethodDesc {char* name_space;char* klass;char* name;char* args;
} MonoMethodDesc;typedef struct _MonoImage {int   ref_count;void* raw_data_handle;char* raw_data;unsigned int raw_data_len;//Others...
} MonoImage;typedef struct _MonoAssembly {//Others...
} MonoAssembly;typedef  struct _MonoMethod {guint16 flags;  /* method flags */guint16 iflags; /* method implementation flags */guint32 token;void* klass; /* To what class does this method belong */void* signature;/* name is useful mostly for debugging */const char* name;/* this is used by the inlining algorithm */unsigned int inline_info : 1;unsigned int inline_failure : 1;unsigned int wrapper_type : 5;unsigned int string_ctor : 1;unsigned int save_lmf : 1;unsigned int dynamic : 1; /* created & destroyed during runtime */unsigned int sre_method : 1; /* created at runtime using Reflection.Emit */unsigned int is_generic : 1; /* whenever this is a generic method definition */unsigned int is_inflated : 1; /* whether we're a MonoMethodInflated */unsigned int skip_visibility : 1; /* whenever to skip JIT visibility checks */unsigned int _unused : 2; /* unused */signed int slot : 16;
} MonoMethod;typedef  struct _MonoMethodSignature {void* ret;} MonoMethodSignature;typedef enum {MONO_DEBUG_FORMAT_NONE,MONO_DEBUG_FORMAT_MONO,/* Deprecated, the mdb debugger is not longer supported. */MONO_DEBUG_FORMAT_DEBUGGER
} MonoDebugFormat;typedef struct _MonoObject {void* vtable;void* synchronisation;
} MonoObject;typedef enum {MONO_IMAGE_OK,MONO_IMAGE_ERROR_ERRNO,MONO_IMAGE_MISSING_ASSEMBLYREF,MONO_IMAGE_IMAGE_INVALID
} MonoImageOpenStatus;typedef MonoImage* (*Mono_image_open_from_data_with_name_Fun) (char* data, unsigned int data_len, bool need_copy, MonoImageOpenStatus* status, bool refonly, const char* name);typedef MonoAssembly* (*Mono_assembly_load_from_full_Fun) (MonoImage* image, const char* fname, MonoImageOpenStatus* status, gboolean refonly);typedef void (*Mono_jit_parse_options_Fun)(int argc, char* argv[]);typedef MonoMethodDesc* (*Mono_method_desc_new_Fun)(const char* name, gboolean include_namespace);typedef MonoMethod* (*Mono_method_desc_search_in_image_Fun)(MonoMethodDesc* desc, MonoImage* image);typedef void (*Mono_method_desc_free_Fun)(MonoMethodDesc* desc);typedef  MonoMethodSignature* (*Mono_method_signature_Fun)(MonoMethod* method);typedef  guint32 (*Mono_signature_get_param_count_Fun)(MonoMethodSignature* sig);typedef  struct _MonoDomain {} MonoDomain;typedef  struct _MonoThread {MonoObject obj;void* *internal_thread;MonoObject *start_obj;void* pending_exception;
} MonoThread;typedef  struct _MonoArray {MonoObject obj;/* bounds is NULL for szarrays */void *bounds;/* total number of elements of the array */} MonoArray;typedef  struct _MonoClass {void* element_class;void*  cast_class;
} MonoClass;typedef  struct _MonoString {MonoObject object;int32_t length;} MonoString;typedef  MonoObject* (*Mono_runtime_invoke_Fun)(MonoMethod* method, void* obj, void** params,MonoObject** exc);typedef  void (*Mono_debug_init_Fun)(MonoDebugFormat format);typedef  void (*Mono_debug_domain_create_Fun)(MonoDomain* domain);typedef  mono_bool (*Mono_debug_enabled_Fun)(void);typedef  void (*Mono_config_parse_Fun)(const char* filename);typedef  void (*Mono_set_assemblies_path_Fun)(const char* path);typedef  void (*Mono_free_Fun) (void *);typedef  MonoImage* (*Mono_assembly_get_image_Fun) (MonoAssembly *assembly);typedef  void (*Mono_domain_set_config_Fun)(MonoDomain *domain, const char *base_dir, const char *config_file_name);typedef  MonoArray* (*Mono_array_new_Fun) (MonoDomain *domain, MonoClass *eclass, uintptr_t n);typedef  MonoClass* (*Mono_get_string_class_Fun) (void);typedef  char* (*Mono_assembly_getrootdir_Fun) (void);typedef  void  (*Mono_set_dirs_Fun) (const char *assembly_dir, const char *config_dir);typedef  MonoThread* (*Mono_thread_current_Fun) (void);typedef  void  (*Mono_thread_set_main_Fun) (MonoThread *thread);typedef  MonoDomain* (*Mono_jit_init_version_Fun)(const char *root_domain_name, const char *runtime_version);typedef  MonoAssembly* (*Mono_domain_assembly_open_Fun) (MonoDomain* domain, const char* name);typedef  MonoString* (*Mono_object_to_string_Fun) (MonoObject *obj, MonoObject **exc);typedef  char* (*Mono_string_to_utf8_Fun) (MonoString* s);#endif

相关文章:

  • 北京网站建设多少钱?
  • 辽宁网页制作哪家好_网站建设
  • 高端品牌网站建设_汉中网站制作
  • 文字悬停效果
  • PCIE的吞吐量如何计算和记忆诀窍?
  • Calibre版图验证工具调用_笔记
  • 下载kibana-7.10.2教程
  • 恭喜!X医生斩获英国伦敦大学学院访问学者邀请函
  • Java工程师入职指南:从准备到适应新工作的每一步
  • [Python学习篇] Python运算符
  • GStreamer编译安装——使用Meson从源代码编译
  • 服务器无法远程桌面连接,解决服务器进行无法远程桌面连接方法有哪些
  • 在typora中利用正则表达式,批量处理图片
  • 【MySQL】MySQL45讲-读书笔记
  • 通过Stream流对集合进行操作
  • PHP聚合通多平台支付平台源码
  • 关于stm32的软件复位
  • spark MLlib (DataFrame-based) 中的聚类算法Bisecting K-Means、K-Means、Gaussian Mixture
  • 【vuex入门系列02】mutation接收单个参数和多个参数
  • 30天自制操作系统-2
  • CSS 专业技巧
  • DataBase in Android
  • ES6核心特性
  • gcc介绍及安装
  • Golang-长连接-状态推送
  • HomeBrew常规使用教程
  • react-native 安卓真机环境搭建
  • Shell编程
  • SpringCloud集成分布式事务LCN (一)
  • Spring思维导图,让Spring不再难懂(mvc篇)
  • Vue ES6 Jade Scss Webpack Gulp
  • 基于Android乐音识别(2)
  • 七牛云 DV OV EV SSL 证书上线,限时折扣低至 6.75 折!
  • ​​​​​​​ubuntu16.04 fastreid训练过程
  • ​如何防止网络攻击?
  • ## 1.3.Git命令
  • (C语言)输入一个序列,判断是否为奇偶交叉数
  • (libusb) usb口自动刷新
  • (博弈 sg入门)kiki's game -- hdu -- 2147
  • (超详细)2-YOLOV5改进-添加SimAM注意力机制
  • (二)c52学习之旅-简单了解单片机
  • (附源码)ssm高校志愿者服务系统 毕业设计 011648
  • (附源码)ssm教师工作量核算统计系统 毕业设计 162307
  • (论文阅读31/100)Stacked hourglass networks for human pose estimation
  • (南京观海微电子)——示波器使用介绍
  • (杂交版)植物大战僵尸
  • .[backups@airmail.cc].faust勒索病毒的最新威胁:如何恢复您的数据?
  • .class文件转换.java_从一个class文件深入理解Java字节码结构
  • .java 指数平滑_转载:二次指数平滑法求预测值的Java代码
  • .Net FrameWork总结
  • .NET 设计模式—简单工厂(Simple Factory Pattern)
  • ??在JSP中,java和JavaScript如何交互?
  • @Autowired标签与 @Resource标签 的区别
  • @Autowired自动装配
  • @RequestMapping-占位符映射
  • [ 数据结构 - C++] AVL树原理及实现
  • [Algorithm][动态规划][两个数组的DP][正则表达式匹配][交错字符串][两个字符串的最小ASCII删除和][最长重复子数组]详细讲解
  • [Android]使用Retrofit进行网络请求