wacked/hook_tests
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

polyhook

Browse Source
This commit is contained in:
aaaaaa aaaaaaa
2017-12-27 20:37:03 +01:00
parent 605d03c0f5
commit 90a7e57dd7
5 changed files with 167 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tester/main.cpp
View File

@@ -8,11 +8,13 @@
#pragma comment(lib, "..\\x64\\debug\\test_cases.lib") #pragma comment(lib, "..\\x64\\debug\\test_cases.lib")
extern AbstractHookEngine* g_mhook; extern AbstractHookEngine* g_mhook,
*g_PolyHook;
int main(int argc, char** argv) { int main(int argc, char** argv) {
AbstractHookEngine* engines[] = { AbstractHookEngine* engines[] = {
g_mhook, g_mhook,
g_PolyHook
}; };
for(auto&& x : engines) { for(auto&& x : engines) {

87
tester/polyhook.cpp Normal file
View File

@@ -0,0 +1,87 @@
#include <Windows.h>
#include <cstdint>
#include <memory>
#include "..\third_party\poly\PolyHook\PolyHook.hpp"
#include "typedefs.h"
#include "abstracthook.h"
#include "PolyHook.h"
#pragma comment(lib, "..\\x64\\debug\\test_cases.lib")
static TypeSmall trueSmall = &_small;
static TypeBranch trueBranch = &_branch;
static TypeRip_relative trueRip_Relative = &_rip_relative;
static TypeAVX trueAVX = &_AVX;
static TypeRDRAND trueRDRAND = &_RDRAND;
static TypeLoop trueLoop = &_loop;
static TypeTailRecursion trueTailRecursion = &_tail_recursion;
AbstractHookEngine* g_PolyHook = new PolyHook();
uint64_t PolyHook_Hooks::hookSmall(void) {
g_PolyHook->small_ = true;
return trueSmall();
}
uint64_t PolyHook_Hooks::hookBranch(uint64_t x) {
g_PolyHook->branch = true;
return trueBranch(x);
}
uint64_t PolyHook_Hooks::hookRip_relative(void) {
g_PolyHook->rip_relative = true;
return trueRip_Relative();
}
void PolyHook_Hooks::hookAVX(float num, void* res) {
g_PolyHook->avx = true;
return trueAVX(num, res);
}
uint32_t PolyHook_Hooks::hookRDRAND(void) {
g_PolyHook->rdrand = true;
return trueRDRAND();
}
uint32_t PolyHook_Hooks::hookLoop(uint32_t num, uint32_t cnt) {
g_PolyHook->loop = true;
return trueLoop(num, cnt);
}
uint32_t PolyHook_Hooks::hookTail_recursion(uint32_t x) {
g_PolyHook->tail_recursion = true;
return trueTailRecursion(x);
}
bool PolyHook::hook_all(void) {
bool ret = hook<decltype(&_small)>(detSmall, &_small, (void*&)trueSmall, &PolyHook_Hooks::hookSmall);
ret |= hook<decltype(&_branch)>(detBranch, &_branch, (void*&)trueBranch, &PolyHook_Hooks::hookBranch);
ret |= hook<decltype(&rip_relative)>(detRIPRelative, &rip_relative, (void*&)trueRip_Relative, &PolyHook_Hooks::hookRip_relative);
ret |= hook<decltype(&_AVX)>(detAVX, &_AVX, (void*&)trueAVX, &PolyHook_Hooks::hookAVX);
ret |= hook<decltype(&_RDRAND)>(detRDRAND, &_RDRAND, (void*&)trueRDRAND, &PolyHook_Hooks::hookRDRAND);
ret |= hook<decltype(&_loop)>(detLoop, &_loop, (void*&)trueLoop, &PolyHook_Hooks::hookLoop);
ret |= hook<decltype(&_tail_recursion)>(detTailRecursion, &_tail_recursion, (void*&)trueTailRecursion, &PolyHook_Hooks::hookTail_recursion);
return ret;
}
bool PolyHook::unhook_all() {
detSmall->UnHook();
detBranch->UnHook();
detRIPRelative->UnHook();
detAVX->UnHook();
detRDRAND->UnHook();
detLoop->UnHook();
detTailRecursion->UnHook();
return true;
}

63
tester/polyhook.h Normal file
View File

@@ -0,0 +1,63 @@
#pragma once
namespace PolyHook_Hooks {
uint64_t hookSmall(void);
uint64_t hookBranch(uint64_t);
uint64_t hookRip_relative(void);
void hookAVX(float num, void* res);
uint32_t hookRDRAND(void);
uint32_t hookLoop(uint32_t num, uint32_t cnt);
uint32_t hookTail_recursion(uint32_t x);
};
class PolyHook : public AbstractHookEngine {
private:
std::shared_ptr<PLH::Detour> detSmall,
detBranch,
detRIPRelative,
detAVX,
detRDRAND,
detLoop,
detTailRecursion;
template <typename T>
bool hook(std::shared_ptr<PLH::Detour> det, void* func, void*& original, void* hook) {
det->SetupHook((BYTE*)func, (BYTE*)hook);
if (!det->Hook()) {
return false;
}
return (original = det->GetOriginal<T>());
}
public:
bool hook_all();
bool unhook_all();
PolyHook() : AbstractHookEngine("PolyHook"),
detSmall(new PLH::Detour),
detRIPRelative(new PLH::Detour),
detBranch(new PLH::Detour),
detAVX(new PLH::Detour),
detRDRAND(new PLH::Detour),
detLoop(new PLH::Detour),
detTailRecursion(new PLH::Detour)
{
assert(detSmall->GetType() == PLH::HookType::Detour);
assert(detBranch->GetType() == PLH::HookType::Detour);
assert(detRIPRelative->GetType() == PLH::HookType::Detour);
assert(detAVX->GetType() == PLH::HookType::Detour);
assert(detRDRAND->GetType() == PLH::HookType::Detour);
assert(detLoop->GetType() == PLH::HookType::Detour);
assert(detTailRecursion->GetType() == PLH::HookType::Detour);
}
friend uint64_t PolyHook_Hooks::hookSmall(void);
friend uint64_t PolyHook_Hooks::hookBranch(uint64_t);
friend uint64_t PolyHook_Hooks::hookRip_relative(void);
friend void PolyHook_Hooks::hookAVX(float num, void* res);
friend uint32_t PolyHook_Hooks::hookRDRAND(void);
friend uint32_t PolyHook_Hooks::hookLoop(uint32_t num, uint32_t cnt);
friend uint32_t PolyHook_Hooks::hookTail_recursion(uint32_t x);
};

5
tester/tester.vcxproj
View File

@@ -150,10 +150,12 @@
<ItemGroup> <ItemGroup>
<ClCompile Include="main.cpp" /> <ClCompile Include="main.cpp" />
<ClCompile Include="mhook.cpp" /> <ClCompile Include="mhook.cpp" />
<ClCompile Include="polyhook.cpp" />
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<ClInclude Include="abstracthook.h" /> <ClInclude Include="abstracthook.h" />
<ClInclude Include="mhook.h" /> <ClInclude Include="mhook.h" />
<ClInclude Include="polyhook.h" />
<ClInclude Include="typedefs.h" /> <ClInclude Include="typedefs.h" />
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
@@ -163,6 +165,9 @@
<Object Include="..\x64\Debug\mhook.obj" /> <Object Include="..\x64\Debug\mhook.obj" />
<Object Include="..\x64\Debug\misc.obj" /> <Object Include="..\x64\Debug\misc.obj" />
</ItemGroup> </ItemGroup>
<ItemGroup>
<Library Include="..\third_party\poly\Capstone\msvc\x64\Release\capstone.lib" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets"> <ImportGroup Label="ExtensionTargets">
</ImportGroup> </ImportGroup>

9
tester/tester.vcxproj.filters
View File

@@ -21,6 +21,9 @@
<ClCompile Include="mhook.cpp"> <ClCompile Include="mhook.cpp">
<Filter>Source Files</Filter> <Filter>Source Files</Filter>
</ClCompile> </ClCompile>
<ClCompile Include="polyhook.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<ClInclude Include="typedefs.h"> <ClInclude Include="typedefs.h">
@@ -32,6 +35,9 @@
<ClInclude Include="abstracthook.h"> <ClInclude Include="abstracthook.h">
<Filter>Header Files</Filter> <Filter>Header Files</Filter>
</ClInclude> </ClInclude>
<ClInclude Include="polyhook.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<Object Include="..\x64\Debug\mhook.obj" /> <Object Include="..\x64\Debug\mhook.obj" />
@@ -40,4 +46,7 @@
<Object Include="..\x64\Debug\disasm.obj" /> <Object Include="..\x64\Debug\disasm.obj" />
<Object Include="..\x64\Debug\cpu.obj" /> <Object Include="..\x64\Debug\cpu.obj" />
</ItemGroup> </ItemGroup>
<ItemGroup>
<Library Include="..\third_party\poly\Capstone\msvc\x64\Release\capstone.lib" />
</ItemGroup>
</Project> </Project>