forked from nogginware/mstscdump
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtest.cpp
89 lines (71 loc) · 1.95 KB
/
test.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
//======================================================================
//
// NWHookAPI.h
//
// Copyright (C) 2014 Nogginware Corporation
//
// Unit test code for NWHookAPI.
//
// Change History:
//
// 19-Feb-2014 Mike McDonald
// Initial release.
//
//======================================================================
#include <intrin.h>
#include <windows.h>
#include <sspi.h>
#include <stdio.h>
#include <stdlib.h>
#ifdef USE_DETOURS
#undef USE_DETOURS
#endif
#ifdef USE_DEVIARE
#undef USE_DEVIARE
#endif
#include "NWHookAPI.h"
typedef int (WINAPI *LPGETSYSTEMMETRICS)(int nIndex);
static LPGETSYSTEMMETRICS Real_GetSystemMetrics;
static ENCRYPT_MESSAGE_FN Real_EncryptMessage;
int WINAPI Hook_GetSystemMetrics(int nIndex)
{
printf("Hook_GetSystemMetrics(%d)\n", nIndex);
if (nIndex == SM_CMONITORS) return 0;
return Real_GetSystemMetrics(nIndex);
}
SECURITY_STATUS SEC_ENTRY
Hook_EncryptMessage(
PCtxtHandle phContext,
unsigned long fQOP,
PSecBufferDesc pMessage,
unsigned long MessageSeqNo
)
{
printf("Hook_EncryptMessage\n");
return Real_EncryptMessage(
phContext,
fQOP,
pMessage,
MessageSeqNo);
}
void main(int argc, char **argv)
{
HMODULE hModUser32;
HMODULE hModSecur32;
hModUser32 = LoadLibrary("USER32.DLL");
if (hModUser32 == NULL) exit(1);
hModSecur32 = LoadLibrary("SECUR32.DLL");
if (hModSecur32 == NULL) exit(1);
#if 1
printf("cMonitors(real)=%d\n", GetSystemMetrics(SM_CMONITORS));
Real_GetSystemMetrics = (LPGETSYSTEMMETRICS)NWHookCreate(GetProcAddress(hModUser32, "GetSystemMetrics"), Hook_GetSystemMetrics);
printf("cMonitors(hook)=%d\n", GetSystemMetrics(SM_CMONITORS));
NWHookDelete(Real_GetSystemMetrics);
#endif
Real_EncryptMessage = (ENCRYPT_MESSAGE_FN)NWHookCreate(GetProcAddress(hModSecur32, "EncryptMessage"), Hook_EncryptMessage);
EncryptMessage(NULL, 0, NULL, 0);
NWHookDelete(Real_EncryptMessage);
FreeLibrary(hModUser32);
FreeLibrary(hModSecur32);
exit(0);
}