// 头文件
// ApiHook.h: interface for the CApiHook class.
//
//////////////////////////////////////////////////////////////////////

 #ifndef  API_HOOK_H
 #define  API_HOOK_H

 class  CApiHook 
 {
 public :
     HANDLE hProc ;
     Unlock ();
     Lock ();
     BOOL Initialize ( LPCTSTR lpLibFileName LPCTSTR lpProcName FARPROC lpNewFunc );
     void  SetHookOn ( void );
     void  SetHookOff ( void );
     CApiHook ();
     virtual  ~ CApiHook ();

 protected :
     BYTE m_OldFunc [ 8 ];
     BYTE m_NewFunc [ 8 ];
     FARPROC m_lpHookFunc ;
     CRITICAL_SECTION m_cs ;
};

 #endif

 // 实现文件
// ApiHook.cpp: implementation of the CApiHook class.
//
//////////////////////////////////////////////////////////////////////

 #include  "stdafx.h"
 #include  "ApiHook.h"
 #include  < stdio . h >

 //////////////////////////////////////////////////////////////////////
// Construction/Destruction
//////////////////////////////////////////////////////////////////////

 #define  OPEN_FLAGS  PROCESS_VM_OPERATION  PROCESS_VM_READ  PROCESS_VM_WRITE  )

 CApiHook :: CApiHook ()
{
     InitializeCriticalSection (& m_cs );
}

 CApiHook ::~ CApiHook ()
{
     CloseHandle ( hProc );
     DeleteCriticalSection (& m_cs );
}

 void  CApiHook :: SetHookOn ( void )
{
     DWORD dwOldFlag ;

     if ( WriteProcessMemory ( hProc , m_lpHookFunc , m_NewFunc , 5 , 0 ))
    {
         return ;
    }

     MessageBox ( NULL , "SetHookOn" , "fail" , MB_OK );
     return ;
}

 void  CApiHook :: SetHookOff ( void )
{
     DWORD dwOldFlag ;

     if ( WriteProcessMemory ( hProc , m_lpHookFunc , m_OldFunc , 5 , 0 ))
    {
         return ;
    }
     MessageBox ( NULL , "SetHookOff" , "fail" , MB_OK );
     return ;
}

 BOOL CApiHook :: Initialize ( LPCTSTR lpLibFileName LPCTSTR lpProcName FARPROC lpNewFunc )
{
     HMODULE hModule ;

     hModule = LoadLibrary ( lpLibFileName );
     if ( NULL == hModule )
         return  FALSE ;

     m_lpHookFunc = GetProcAddress ( hModule , lpProcName );
     if ( NULL == m_lpHookFunc )
         return  FALSE ;

     DWORD dwProcessID = GetCurrentProcessId ();
     DWORD dwOldFlag ;
     hProc = GetCurrentProcess ( /*OPEN_FLAGS,0,dwProcessID*/ );

     if ( hProc == NULL )
    {
         MessageBox ( NULL , "Initialize.OpenProcess" , "fail" , MB_OK );
         return  FALSE ;
    }

     if ( ReadProcessMemory ( hProc , m_lpHookFunc , m_OldFunc , 5 , 0 ))
    {
         m_NewFunc [ 0 ]= 0xe9 ;
         DWORD * pNewFuncAddress ;
         pNewFuncAddress =( DWORD *)& m_NewFunc [ 1 ];
        * pNewFuncAddress =( DWORD ) lpNewFunc -( DWORD ) m_lpHookFunc - 5 ;

         return  TRUE ;
    }

     MessageBox ( NULL , "Initialize" , "fail" , MB_OK );
     return  FALSE ;
}

 CApiHook :: Lock ()
{
     EnterCriticalSection (& m_cs );
}

 CApiHook :: Unlock ()
{
     LeaveCriticalSection (& m_cs );
}