HookManager.h
4.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
/* Copyright (C) 2010-2012 kaosu (qiupf2000@gmail.com)
* This file is part of the Interactive Text Hooker.
* Interactive Text Hooker is free software: you can redistribute it and/or
* modify it under the terms of the GNU General Public License as published
* by the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#pragma once
#include <ITH\TextThread.h>
#include <ITH\AVL.h>
#define MAX_REGISTER 0xF
#define MAX_PREV_REPEAT_LENGTH 0x20
struct ProcessRecord {
DWORD pid_register;
DWORD hookman_register;
DWORD module_register;
DWORD engine_register;
HANDLE process_handle;
HANDLE hookman_mutex;
HANDLE hookman_section;
LPVOID hookman_map;
};
class ThreadTable : public MyVector<TextThread*,0x40>
{
public:
virtual void SetThread(DWORD number, TextThread* ptr);
virtual TextThread* FindThread(DWORD number);
};
class TCmp
{
public:
char operator()(const ThreadParameter* t1,const ThreadParameter* t2);
};
class TCpy
{
public:
void operator()(ThreadParameter* t1,const ThreadParameter* t2);
};
class TLen
{
public:
int operator()(const ThreadParameter* t);
};
typedef DWORD (*ProcessEventCallback)(DWORD pid);
class HookManager : public AVLTree<ThreadParameter,DWORD,TCmp,TCpy,TLen>
{
public:
HookManager();
~HookManager();
virtual TextThread* FindSingle(DWORD pid, DWORD hook, DWORD retn, DWORD split);
virtual TextThread* FindSingle(DWORD number);
virtual ProcessRecord* GetProcessRecord(DWORD pid);
virtual DWORD GetProcessIDByPath(LPWSTR str);
virtual void RemoveSingleThread(DWORD number);
virtual void LockHookman();
virtual void UnlockHookman();
virtual void ResetRepeatStatus();
virtual void ClearCurrent();
virtual void AddLink(WORD from, WORD to);
virtual void UnLink(WORD from);
virtual void UnLinkAll(WORD from);
virtual void SelectCurrent(DWORD num);
virtual void DetachProcess(DWORD pid);
virtual void SetCurrent(TextThread* it);
virtual void AddConsoleOutput(LPCWSTR text);
void DispatchText(DWORD pid, BYTE* text, DWORD hook, DWORD retn, DWORD split, int len);
void ClearText(DWORD pid, DWORD hook, DWORD retn, DWORD split);
void RemoveProcessContext(DWORD pid);
void RemoveSingleHook(DWORD pid, DWORD addr);
void RegisterThread(TextThread*, DWORD);
void RegisterPipe(HANDLE text, HANDLE cmd, HANDLE thread);
void RegisterProcess(DWORD pid, DWORD hookman, DWORD module, DWORD engine);
void UnRegisterProcess(DWORD pid);
void SetName(DWORD);
DWORD GetCurrentPID();
HANDLE GetCmdHandleByPID(DWORD pid);
inline ThreadEventCallback RegisterThreadCreateCallback(ThreadEventCallback cf)
{
return (ThreadEventCallback)_InterlockedExchange((long*)&create,(long)cf);
}
inline ThreadEventCallback RegisterThreadRemoveCallback(ThreadEventCallback cf)
{
return (ThreadEventCallback)_InterlockedExchange((long*)&remove,(long)cf);
}
inline ThreadEventCallback RegisterThreadResetCallback(ThreadEventCallback cf)
{
return (ThreadEventCallback)_InterlockedExchange((long*)&reset,(long)cf);
}
inline ProcessEventCallback RegisterProcessAttachCallback(ProcessEventCallback cf)
{
return (ProcessEventCallback)_InterlockedExchange((long*)&attach,(long)cf);
}
inline ProcessEventCallback RegisterProcessDetachCallback(ProcessEventCallback cf)
{
return (ProcessEventCallback)_InterlockedExchange((long*)&detach,(long)cf);
}
inline ProcessEventCallback RegisterProcessNewHookCallback(ProcessEventCallback cf)
{
return (ProcessEventCallback)_InterlockedExchange((long*)&hook,(long)cf);
}
inline ProcessEventCallback ProcessNewHook() {return hook;}
inline TextThread* GetCurrentThread() {return current;}
inline ProcessRecord* Records() {return record;}
inline ThreadTable* Table() {return thread_table;}
/*inline DWORD& SplitTime() {return split_time;}
inline DWORD& RepeatCount() {return repeat_count;}
inline DWORD& CyclicRemove() {return cyclic_remove;}
inline DWORD& GlobalFilter() {return global_filter;}*/
private:
CRITICAL_SECTION hmcs;
TextThread *current;
ThreadEventCallback create,remove,reset;
ProcessEventCallback attach,detach,hook;
DWORD current_pid;
ThreadTable *thread_table;
HANDLE destroy_event;
ProcessRecord record[MAX_REGISTER+1];
HANDLE text_pipes[MAX_REGISTER+1];
HANDLE cmd_pipes[MAX_REGISTER+1];
HANDLE recv_threads[MAX_REGISTER+1];
WORD register_count, new_thread_number;
};