C++

Forum

 
How to turn a Local Hook to a Global Hook?

closed account (G309216C)
Hi,

Recently I, made a hook which hooks MessageBoxA() function from the User32.dll. It was only Local Application Hook, but I want to change it to a Global\System Wide Hook. It would help me very much considering I am trying to start a Open Source Ring3 Anti-Virus soon.

Code of the Hook so far:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
#include <windows.h>
#include <iostream>
#include <conio.h>
PBYTE DetourFunction( PBYTE pFunc, PBYTE pHook ) //returns oFunc
{
    if( (pFunc == NULL) || (pHook == NULL) )
  return NULL;
    PBYTE oFunc = (PBYTE) VirtualAlloc(NULL, 32, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
    DWORD oldProtect;
    VirtualProtect( (PBYTE)pFunc, 5, PAGE_EXECUTE_READWRITE, &oldProtect );
    for( unsigned int i = 0; i < 5; i ++ )
  *(BYTE *) &oFunc[i] = *(BYTE *) (pFunc + i);
    *(BYTE *) &oFunc[5] = (BYTE) 0xE9;
    *(DWORD *) &oFunc[6] = (DWORD) (pFunc - oFunc - 5);
    *(BYTE *) &pFunc[0] = (BYTE) 0xE9;
    *(DWORD *) &pFunc[1] = (DWORD) ( pHook - pFunc - 5 );
    VirtualProtect( (PBYTE)pFunc, 5, oldProtect, &oldProtect );
    return oFunc;
}

PBYTE oMsgBox;

int myMessageBoxA( HWND hWnd, LPCTSTR lpText, LPCTSTR lpCaption, UINT uType )
{
	for(;;){ printf("\nHooked Function is called");
	_getch();MessageBox(0,"Hello","Sup",MB_OK);
	}
	return ((int(*)(int, int, int, int))oMsgBox)(0,0, 0, 0);
}

int main()
{ FARPROC pFunc = GetProcAddress( GetModuleHandle("user32.dll"), "MessageBoxA");
    oMsgBox = DetourFunction( (PBYTE)pFunc, (PBYTE)myMessageBoxA );
    MessageBox(0, "Hello World!", 0, 0);
    return 0;
	}

I would appreicaite it if any one of you will edit this source to make this a System Wide Hook.
Thanks
Last edited on
closed account (G309216C)
Does anyone want to help. Please .

:<
Topic archived. No new replies allowed.