This article was contributed by Wade Brainerd ([email protected]).
Based on DelayLoadProfileDLL.CPP, by Matt Pietrek for MSJ February 2000. This code is intended to be included in a DLL inserted through a global Windows Hook (CBT hook for example).
It will replace functions from other DLLs (e.g. DDRAW.DLL) with functions from your DLL.
Functions are hooked by passing a parameter structure to the HookAPICalls() function as follows:
// Hook structure.
SDLLHook D3DHook =
{
"DDRAW.DLL",
false, NULL, // Default hook disabled, NULL function pointer.
{
{ "DirectDrawCreate", MyDirectDrawCreate },
{ NULL, NULL }
}
};
BOOL APIENTRY DllMain( HINSTANCE hModule, DWORD fdwReason, LPVOID lpReserved )
{
if ( fdwReason == DLL_PROCESS_ATTACH ) // When initializing....
{
hDLL = hModule;
// We don't need thread notifications for what we're doing. Thus, get
// rid of them, thereby eliminating some of the overhead of this DLL
DisableThreadLibraryCalls( hModule );
// Only hook the APIs if this is the Everquest proess.
GetModuleFileName( GetModuleHandle( NULL ), Work, sizeof(Work) );
PathStripPath( Work );
if ( stricmp( Work, "myhooktarget.exe" ) == 0 )
HookAPICalls( &D3DHook; );
}
return TRUE;
}
Now all that remains is to get your DLL loaded into the target process. The MSDN has a few good articles on Windows hooks, which are the preferred way to get an arbitrary DLL loaded into a process:
http://msdn.microsoft.com/library/techart/msdn_hooks32.htm
Also, the article from which this code is based shows another way to do it, which involves loading the process to be hooked as a debug target:
http://msdn.microsoft.com/library/periodic/period00/hood0200.htm
Stay on top of the latest technology trends — delivered directly to your inbox, free!
Subscription Form Posts
Written by Bobby
YOU MAY ALSO LIKE
Secure your digital life with NordVPN
- Privacy on any Wi-Fi
- Malware protection
- One account, six devices
- 5,500+ servers in 59 countries
