一个关于DELLPHI的小疑点

2012-03-18

一个关于DELLPHI的小问题unit UnitDllMaininterfaceuses windows,UnitNt2000Hook,Sysutils,dialogs,messa

一个关于DELLPHI的小问题
unit UnitDllMain;

interface

uses windows,UnitNt2000Hook,Sysutils,dialogs,messages;

const
MappingFileName = 'Mapping File Comm DLL';
Trap=true; {True陷阱式,False改引入表式}

type
TShareMem = packed record
ComPortFile:array[0..255] of char;
FileHandle:THandle;
DatToWriteFile:array[0..255] of char;
DatToReadFile:array[0..255] of char;
end;
PShareMem = ^TShareMem;

procedure StartHook(FileBeSpy,readfile,writefile:pchar); stdcall;
procedure StopHook; stdcall;

implementation

var
pShMem : PShareMem;
hMappingFile : THandle;
hook:array[0..4]of THookClass;
FirstProcess:boolean;
MessageHook:Thandle;

function NewCreateFileA(lpFileName: PChar;dwDesiredAccess, dwShareMode: DWORD;
lpSecurityAttributes: PSecurityAttributes;dwCreationDisposition,dwFlagsAndAttributes: DWORD;
hTemplateFile: THandle): THandle;stdcall;
type
TCreateFileA=function(lpFileName: PChar;dwDesiredAccess, dwShareMode: DWORD;
lpSecurityAttributes: PSecurityAttributes;dwCreationDisposition,dwFlagsAndAttributes: DWORD;
hTemplateFile: THandle): THandle;stdcall;
begin
Hook[0].Restore; {改引入表式可以不使用此语句}
result:=TCreateFileA(hook[0].OldFunction)(lpFileName,dwDesiredAccess,dwShareMode,
lpSecurityAttributes,dwCreationDisposition,dwFlagsAndAttributes,
hTemplateFile); //这里我不是很明白，能请教下这里的意思吗？
if (stricomp(lpFileName,pShMem^.ComPortFile)=0)or // COM2
((plongword(@lpFileName[0])^=$5c2e5c5c)and(stricomp(@lpFileName[4],pShMem^.ComPortFile)=0)) or // \\.\COM2
((strlicomp(lpFileName,pShMem^.ComPortFile,4)=0)and(pword(@lpFileName[4])^=$002e))then // COM2.
begin
pShMem^.FileHandle:=result;
end;
Hook[0].Change; {改引入表式可以不使用此语句}
end;
下面省略。。。。。。。。。。。。。。

[解决办法]
把hook[0].OldFunction转成TCreateFileA的函数，然后调用。
[解决办法]
这一句就是挂钩的函数，
TCreateFileA(hook[0].OldFunction)就是你自己写的那个HOOK函数，之后的都是这个函数的参数，也就相当于你自己指定了一个CreateFileA让程序执行

热点排行

.NET

一个关于DELLPHI的小疑点