From a747c366b41c85837c37d9cd5c2f2c04d61838ce Mon Sep 17 00:00:00 2001 From: Souhardya Sardar <24700571+Souhardya@users.noreply.github.com> Date: Thu, 30 Dec 2021 07:47:05 +0530 Subject: [PATCH] Add files via upload --- HookPorts/Dispatch_USER32.cpp | 137 ++++++++ HookPorts/Dispatch_USER32.h | 3 + HookPorts/Dispatch_USER32_CreateWindowEx.cpp | 317 ++++++++++++++++++ HookPorts/Dispatch_USER32_CreateWindowEx.h | 69 ++++ HookPorts/Dispatch_USER32_ExitWindowsEx.cpp | 52 +++ HookPorts/Dispatch_USER32_ExitWindowsEx.h | 14 + ...spatch_USER32_GetWindowThreadProcessId.cpp | 54 +++ ...Dispatch_USER32_GetWindowThreadProcessId.h | 14 + HookPorts/Dispatch_USER32_PostMessage.cpp | 122 +++++++ HookPorts/Dispatch_USER32_PostMessage.h | 37 ++ HookPorts/Dispatch_USER32_SendMessage.cpp | 234 +++++++++++++ HookPorts/Dispatch_USER32_SendMessage.h | 37 ++ HookPorts/Dispatch_USER32_SetWindowLong.cpp | 68 ++++ HookPorts/Dispatch_USER32_SetWindowLong.h | 16 + HookPorts/Dispatch_USER32_SetWindowText.cpp | 178 ++++++++++ HookPorts/Dispatch_USER32_SetWindowText.h | 29 ++ .../Dispatch_USER32_SetWindowsHookEx.cpp | 75 +++++ HookPorts/Dispatch_USER32_SetWindowsHookEx.h | 18 + .../Dispatch_USER32_UnhookWindowsHookEx.cpp | 51 +++ .../Dispatch_USER32_UnhookWindowsHookEx.h | 12 + 20 files changed, 1537 insertions(+) create mode 100644 HookPorts/Dispatch_USER32.cpp create mode 100644 HookPorts/Dispatch_USER32.h create mode 100644 HookPorts/Dispatch_USER32_CreateWindowEx.cpp create mode 100644 HookPorts/Dispatch_USER32_CreateWindowEx.h create mode 100644 HookPorts/Dispatch_USER32_ExitWindowsEx.cpp create mode 100644 HookPorts/Dispatch_USER32_ExitWindowsEx.h create mode 100644 HookPorts/Dispatch_USER32_GetWindowThreadProcessId.cpp create mode 100644 HookPorts/Dispatch_USER32_GetWindowThreadProcessId.h create mode 100644 HookPorts/Dispatch_USER32_PostMessage.cpp create mode 100644 HookPorts/Dispatch_USER32_PostMessage.h create mode 100644 HookPorts/Dispatch_USER32_SendMessage.cpp create mode 100644 HookPorts/Dispatch_USER32_SendMessage.h create mode 100644 HookPorts/Dispatch_USER32_SetWindowLong.cpp create mode 100644 HookPorts/Dispatch_USER32_SetWindowLong.h create mode 100644 HookPorts/Dispatch_USER32_SetWindowText.cpp create mode 100644 HookPorts/Dispatch_USER32_SetWindowText.h create mode 100644 HookPorts/Dispatch_USER32_SetWindowsHookEx.cpp create mode 100644 HookPorts/Dispatch_USER32_SetWindowsHookEx.h create mode 100644 HookPorts/Dispatch_USER32_UnhookWindowsHookEx.cpp create mode 100644 HookPorts/Dispatch_USER32_UnhookWindowsHookEx.h diff --git a/HookPorts/Dispatch_USER32.cpp b/HookPorts/Dispatch_USER32.cpp new file mode 100644 index 0000000..100dab2 --- /dev/null +++ b/HookPorts/Dispatch_USER32.cpp @@ -0,0 +1,137 @@ +#include +#include + +#include "./Dispatch_USER32.h" +#include "./InlineHook.h" +#include "../Common/DebugLog.h" + +#include "./Dispatch_USER32_CreateWindowEx.h" +#include "./Dispatch_USER32_ExitWindowsEx.h" +#include "./Dispatch_USER32_GetWindowThreadProcessId.h" +#include "./Dispatch_USER32_PostMessage.h" +#include "./Dispatch_USER32_SendMessage.h" +#include "./Dispatch_USER32_SetWindowLong.h" +#include "./Dispatch_USER32_SetWindowsHookEx.h" +#include "./Dispatch_USER32_SetWindowText.h" +#include "./Dispatch_USER32_UnhookWindowsHookEx.h" + + + +// +//Global +// +BOOL bUSER32Patched = FALSE; + + + +// +//Dispatch_USER32 Functions +// +int Dispatch_USER32_Start(void) +{ + //Return Value: + //-1 = error + //0 = patched + //1 = succeed + + if( bUSER32Patched == TRUE ) + { + return 0; + } + + HINSTANCE hUSER32 = NULL; + hUSER32 = LoadLibrary(L"user32.dll"); + + // + //Patch API + // + + //CreateWindowExA + InlineHook( + (__pfnCreateWindowExA)GetProcAddress(hUSER32,"CreateWindowExA"), + OnCreateWindowExA, + (void **)&pfnCreateWindowExA + ); + //CreateWindowExW + InlineHook( + (__pfnCreateWindowExW)GetProcAddress(hUSER32,"CreateWindowExW"), + OnCreateWindowExW, + (void **)&pfnCreateWindowExW + ); + + //ExitWindowsEx + InlineHook( + (__pfnExitWindowsEx)GetProcAddress(hUSER32,"ExitWindowsEx"), + OnExitWindowsEx, + (void **)&pfnExitWindowsEx + ); + + //GetWindowThreadProcessId + InlineHook( + (__pfnGetWindowThreadProcessId)GetProcAddress(hUSER32,"GetWindowThreadProcessId"), + OnGetWindowThreadProcessId, + (void **)&pfnGetWindowThreadProcessId + ); + + //PostMessageA + InlineHook( + (__pfnPostMessageA)GetProcAddress(hUSER32,"PostMessageA"), + OnPostMessageA, + (void **)&pfnPostMessageA + ); + //PostMessageW + InlineHook( + (__pfnPostMessageW)GetProcAddress(hUSER32,"PostMessageW"), + OnPostMessageW, + (void **)&pfnPostMessageW + ); + + //SendMessageA + InlineHook( + (__pfnSendMessageA)GetProcAddress(hUSER32,"SendMessageA"), + OnSendMessageA, + (void **)&pfnSendMessageA + ); + //SendMessageW + InlineHook( + (__pfnSendMessageW)GetProcAddress(hUSER32,"SendMessageW"), + OnSendMessageW, + (void **)&pfnSendMessageW + ); + + //SetWindowLongW + InlineHook( + (__pfnSetWindowLongW)GetProcAddress(hUSER32,"SetWindowLongW"), + OnSetWindowLongW, + (void **)&pfnSetWindowLongW + ); + + //SetWindowsHookExW + InlineHook( + (__pfnSetWindowsHookExW)GetProcAddress(hUSER32,"SetWindowsHookExW"), + OnSetWindowsHookExW, + (void **)&pfnSetWindowsHookExW + ); + + //SetWindowTextA + InlineHook( + (__pfnSetWindowTextA)GetProcAddress(hUSER32,"SetWindowTextA"), + OnSetWindowTextA, + (void **)&pfnSetWindowTextA + ); + //SetWindowTextW + InlineHook( + (__pfnSetWindowTextW)GetProcAddress(hUSER32,"SetWindowTextW"), + OnSetWindowTextW, + (void **)&pfnSetWindowTextW + ); + + //UnhookWindowsHookEx + InlineHook( + (__pfnUnhookWindowsHookEx)GetProcAddress(hUSER32,"UnhookWindowsHookEx"), + OnUnhookWindowsHookEx, + (void **)&pfnUnhookWindowsHookEx + ); + + return 1; +} \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32.h b/HookPorts/Dispatch_USER32.h new file mode 100644 index 0000000..56116ea --- /dev/null +++ b/HookPorts/Dispatch_USER32.h @@ -0,0 +1,3 @@ +#pragma once + +int Dispatch_USER32_Start(void); \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_CreateWindowEx.cpp b/HookPorts/Dispatch_USER32_CreateWindowEx.cpp new file mode 100644 index 0000000..d5d60df --- /dev/null +++ b/HookPorts/Dispatch_USER32_CreateWindowEx.cpp @@ -0,0 +1,317 @@ +#include +#include + +#include "./Dispatch_USER32_CreateWindowEx.h" +#include "../Common/DebugLog.h" +#include "./HookHelp.h" +#include "./Main.h" +#include "./Initalization.h" +#include "./GetProcAddressEx.h" + + + +// +//Global +// +__pfnCreateWindowExA pfnCreateWindowExA = NULL; +__pfnCreateWindowExW pfnCreateWindowExW = NULL; + + + +// +//Dispatch_USER32_CreateWindowEx Functions +// +HWND +WINAPI +OnCreateWindowExA( + IN DWORD dwExStyle, + IN LPCSTR lpClassName, + IN LPCSTR lpWindowName, + IN DWORD dwStyle, + IN int X, + IN int Y, + IN int nWidth, + IN int nHeight, + IN HWND hWndParent, + IN HMENU hMenu, + IN HINSTANCE hInstance, + IN LPVOID lpParam) +{ + HWND hRet; + + DWORD dwRetAddr = 0; + __asm + { + mov eax, [ebp+4]; + sub eax, 5; + mov dwRetAddr, eax; + } + if( IsBypassCaller(dwRetAddr) ) + { + hRet = pfnCreateWindowExA( + dwExStyle, + lpClassName, + lpWindowName, + dwStyle, + X, + Y, + nWidth, + nHeight, + hWndParent, + hMenu, + hInstance, + lpParam + ); + + return hRet; + } + + // + //Check if includes [WS_EX_TOOLWINDOW] Extended Window Styles + // + if( (dwExStyle & (WS_EX_TOOLWINDOW)) ) + { + hRet = pfnCreateWindowExA( + dwExStyle, + lpClassName, + lpWindowName, + dwStyle, + X, + Y, + nWidth, + nHeight, + hWndParent, + hMenu, + hInstance, + lpParam + ); + + return hRet; + } + + // + //Check if includes [WS_CHILD] Window Styles + // + if( (dwStyle & WS_CHILD) || + (dwStyle & WS_CAPTION) == 0 + ) + { + hRet = pfnCreateWindowExA( + dwExStyle, + lpClassName, + lpWindowName, + dwStyle, + X, + Y, + nWidth, + nHeight, + hWndParent, + hMenu, + hInstance, + lpParam + ); + + return hRet; + } + + // + //Check if is init Window + // + char strWindowName[1024] = {NULL}; + lstrcpyA(strWindowName,lpWindowName); + if( lstrlenA(strWindowName) <= 0 ) + { + hRet = pfnCreateWindowExA( + dwExStyle, + lpClassName, + lpWindowName, + dwStyle, + X, + Y, + nWidth, + nHeight, + hWndParent, + hMenu, + hInstance, + lpParam + ); + + return hRet; + } + + // + //Set new window title + // + char strNewWindowTitle[1024] = {NULL}; + wsprintfA(strNewWindowTitle,"[#] [%s] %s [#]",g_strSandBoxName,lpWindowName); + +#ifdef Dbg + OutputDebugStringA("\r\nOnCreateWindowExA strNewWindowTitle="); + OutputDebugStringA(strNewWindowTitle); +#endif + + hRet = pfnCreateWindowExA( + dwExStyle, + lpClassName, + strNewWindowTitle, + dwStyle, + X, + Y, + nWidth, + nHeight, + hWndParent, + hMenu, + hInstance, + lpParam + ); + + return hRet; +} + +HWND +WINAPI +OnCreateWindowExW( + IN DWORD dwExStyle, + IN LPCWSTR lpClassName, + IN LPCWSTR lpWindowName, + IN DWORD dwStyle, + IN int X, + IN int Y, + IN int nWidth, + IN int nHeight, + IN HWND hWndParent, + IN HMENU hMenu, + IN HINSTANCE hInstance, + IN LPVOID lpParam) +{ + HWND hRet; + + DWORD dwRetAddr = 0; + __asm + { + mov eax, [ebp+4]; + sub eax, 5; + mov dwRetAddr, eax; + } + if( IsBypassCaller(dwRetAddr) ) + { + hRet = pfnCreateWindowExW( + dwExStyle, + lpClassName, + lpWindowName, + dwStyle, + X, + Y, + nWidth, + nHeight, + hWndParent, + hMenu, + hInstance, + lpParam + ); + + return hRet; + } + + // + //Check if includes [WS_EX_TOOLWINDOW] Extended Window Styles + // + if( (dwExStyle & WS_EX_TOOLWINDOW) ) + { + hRet = pfnCreateWindowExW( + dwExStyle, + lpClassName, + lpWindowName, + dwStyle, + X, + Y, + nWidth, + nHeight, + hWndParent, + hMenu, + hInstance, + lpParam + ); + + return hRet; + } + + // + //Check if includes [WS_CHILD] Window Styles + // + if( (dwStyle & WS_CHILD) ) + { + hRet = pfnCreateWindowExW( + dwExStyle, + lpClassName, + lpWindowName, + dwStyle, + X, + Y, + nWidth, + nHeight, + hWndParent, + hMenu, + hInstance, + lpParam + ); + + return hRet; + } + + // + //Check if is init Window + // + WCHAR szWindowName[1024] = {NULL}; + lstrcpyW(szWindowName,lpWindowName); + if( lstrlenW(szWindowName) <= 0 || + wcsicmp(szWindowName,L"MSCTFIME UI") == 0 || + wcsicmp(szWindowName,L"OleMainThreadWndName") == 0 + ) + { + hRet = pfnCreateWindowExW( + dwExStyle, + lpClassName, + lpWindowName, + dwStyle, + X, + Y, + nWidth, + nHeight, + hWndParent, + hMenu, + hInstance, + lpParam + ); + + return hRet; + } + + // + //Set new window title + // + WCHAR szNewWindowTitle[1024] = {NULL}; + wsprintfW(szNewWindowTitle,L"[#] [%s] %s [#]",g_szSandBoxName,lpWindowName); + +#ifdef Dbg + OutputDebugStringW(L"\r\nOnCreateWindowExW szNewWindowTitle="); + OutputDebugStringW(szNewWindowTitle); +#endif + + hRet = pfnCreateWindowExW( + dwExStyle, + lpClassName, + szNewWindowTitle, + dwStyle, + X, + Y, + nWidth, + nHeight, + hWndParent, + hMenu, + hInstance, + lpParam + ); + + return hRet; +} \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_CreateWindowEx.h b/HookPorts/Dispatch_USER32_CreateWindowEx.h new file mode 100644 index 0000000..ce16370 --- /dev/null +++ b/HookPorts/Dispatch_USER32_CreateWindowEx.h @@ -0,0 +1,69 @@ +#pragma once + +typedef HWND (WINAPI * __pfnCreateWindowExA) +( + IN DWORD dwExStyle, + IN LPCSTR lpClassName, + IN LPCSTR lpWindowName, + IN DWORD dwStyle, + IN int X, + IN int Y, + IN int nWidth, + IN int nHeight, + IN HWND hWndParent, + IN HMENU hMenu, + IN HINSTANCE hInstance, + IN LPVOID lpParam); + +extern __pfnCreateWindowExA pfnCreateWindowExA; + +HWND +WINAPI +OnCreateWindowExA( + IN DWORD dwExStyle, + IN LPCSTR lpClassName, + IN LPCSTR lpWindowName, + IN DWORD dwStyle, + IN int X, + IN int Y, + IN int nWidth, + IN int nHeight, + IN HWND hWndParent, + IN HMENU hMenu, + IN HINSTANCE hInstance, + IN LPVOID lpParam); + + + +typedef HWND (WINAPI * __pfnCreateWindowExW) +( + IN DWORD dwExStyle, + IN LPCWSTR lpClassName, + IN LPCWSTR lpWindowName, + IN DWORD dwStyle, + IN int X, + IN int Y, + IN int nWidth, + IN int nHeight, + IN HWND hWndParent, + IN HMENU hMenu, + IN HINSTANCE hInstance, + IN LPVOID lpParam); + +extern __pfnCreateWindowExW pfnCreateWindowExW; + +HWND +WINAPI +OnCreateWindowExW( + IN DWORD dwExStyle, + IN LPCWSTR lpClassName, + IN LPCWSTR lpWindowName, + IN DWORD dwStyle, + IN int X, + IN int Y, + IN int nWidth, + IN int nHeight, + IN HWND hWndParent, + IN HMENU hMenu, + IN HINSTANCE hInstance, + IN LPVOID lpParam); \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_ExitWindowsEx.cpp b/HookPorts/Dispatch_USER32_ExitWindowsEx.cpp new file mode 100644 index 0000000..a1b1a37 --- /dev/null +++ b/HookPorts/Dispatch_USER32_ExitWindowsEx.cpp @@ -0,0 +1,52 @@ +#include +#include + +#include "./Dispatch_USER32_ExitWindowsEx.h" +#include "../Common/DebugLog.h" +#include "./HookHelp.h" +#include "./Main.h" +#include "./Initalization.h" +#include "./GetProcAddressEx.h" + + + +// +//Global +// +__pfnExitWindowsEx pfnExitWindowsEx = NULL; + + + +// +//Dispatch_USER32_ExitWindowsEx Functions +// +BOOL +WINAPI +OnExitWindowsEx( + IN UINT uFlags, + IN DWORD dwReserved) +{ + DWORD dwRet; + + DWORD dwRetAddr = 0; + __asm + { + mov eax, [ebp+4]; + sub eax, 5; + mov dwRetAddr, eax; + } + if( IsBypassCaller(dwRetAddr) ) + { + dwRet = pfnExitWindowsEx( + uFlags, + dwReserved + ); + + return dwRet; + } + + // + //Refuse directly + // + return FALSE; +} \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_ExitWindowsEx.h b/HookPorts/Dispatch_USER32_ExitWindowsEx.h new file mode 100644 index 0000000..aac1193 --- /dev/null +++ b/HookPorts/Dispatch_USER32_ExitWindowsEx.h @@ -0,0 +1,14 @@ +#pragma once + +typedef BOOL (WINAPI * __pfnExitWindowsEx) +( + IN UINT uFlags, + IN DWORD dwReserved); + +extern __pfnExitWindowsEx pfnExitWindowsEx; + +BOOL +WINAPI +OnExitWindowsEx( + IN UINT uFlags, + IN DWORD dwReserved); \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_GetWindowThreadProcessId.cpp b/HookPorts/Dispatch_USER32_GetWindowThreadProcessId.cpp new file mode 100644 index 0000000..e99532f --- /dev/null +++ b/HookPorts/Dispatch_USER32_GetWindowThreadProcessId.cpp @@ -0,0 +1,54 @@ +#include +#include + +#include "./Dispatch_USER32_GetWindowThreadProcessId.h" +#include "../Common/DebugLog.h" +#include "./HookHelp.h" +#include "./Main.h" +#include "./Initalization.h" +#include "./GetProcAddressEx.h" + + + +// +//Global +// +__pfnGetWindowThreadProcessId pfnGetWindowThreadProcessId = NULL; + + + +// +//Dispatch_USER32_GetWindowThreadProcessId Functions +// +DWORD +WINAPI +OnGetWindowThreadProcessId( + IN HWND hWnd, + OUT LPDWORD lpdwProcessId) +{ + DWORD dwRet; + + //DWORD dwRetAddr = 0; + //__asm + //{ + // mov eax, [ebp+4]; + // sub eax, 5; + // mov dwRetAddr, eax; + //} + //if( IsBypassCaller(dwRetAddr) ) + //{ + // dwRet = pfnGetWindowThreadProcessId( + // hWnd, + // lpdwProcessId + // ); + + // return dwRet; + //} + + dwRet = pfnGetWindowThreadProcessId( + hWnd, + lpdwProcessId + ); + + return dwRet; +} \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_GetWindowThreadProcessId.h b/HookPorts/Dispatch_USER32_GetWindowThreadProcessId.h new file mode 100644 index 0000000..631b0ec --- /dev/null +++ b/HookPorts/Dispatch_USER32_GetWindowThreadProcessId.h @@ -0,0 +1,14 @@ +#pragma once + +typedef DWORD (WINAPI * __pfnGetWindowThreadProcessId) +( + IN HWND hWnd, + OUT LPDWORD lpdwProcessId); + +extern __pfnGetWindowThreadProcessId pfnGetWindowThreadProcessId; + +DWORD +WINAPI +OnGetWindowThreadProcessId( + IN HWND hWnd, + OUT LPDWORD lpdwProcessId); \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_PostMessage.cpp b/HookPorts/Dispatch_USER32_PostMessage.cpp new file mode 100644 index 0000000..a65219f --- /dev/null +++ b/HookPorts/Dispatch_USER32_PostMessage.cpp @@ -0,0 +1,122 @@ +#include +#include + +#include "./Dispatch_USER32_PostMessage.h" +#include "../Common/DebugLog.h" +#include "./HookHelp.h" +#include "./Main.h" +#include "./Initalization.h" +#include "./GetProcAddressEx.h" + + + +// +//Global +// +__pfnPostMessageA pfnPostMessageA = NULL; +__pfnPostMessageW pfnPostMessageW = NULL; + + + +// +//Dispatch_USER32_PostMessage Functions +// +BOOL +WINAPI +OnPostMessageA( + IN HWND hWnd, + IN UINT Msg, + IN WPARAM wParam, + IN LPARAM lParam) +{ + BOOL bRet; + + //DWORD dwRetAddr = 0; + //__asm + //{ + // mov eax, [ebp+4]; + // sub eax, 5; + // mov dwRetAddr, eax; + //} + //if( IsBypassCaller(dwRetAddr) ) + //{ + // bRet = pfnPostMessageA( + // hWnd, + // Msg, + // wParam, + // lParam + // ); + + // return bRet; + //} + + //// + ////Check if target process in SandBox + //// + //DWORD dwProcessId = 0; + //GetWindowThreadProcessId(hWnd, &dwProcessId); + //if( IsProcessPatched(dwProcessId,FALSE) == FALSE ) + //{ + // bRet = FALSE; + // return bRet; + //} + + bRet = pfnPostMessageA( + hWnd, + Msg, + wParam, + lParam + ); + + return bRet; +} + +BOOL +WINAPI +OnPostMessageW( + IN HWND hWnd, + IN UINT Msg, + IN WPARAM wParam, + IN LPARAM lParam) +{ + BOOL bRet; + + //DWORD dwRetAddr = 0; + //__asm + //{ + // mov eax, [ebp+4]; + // sub eax, 5; + // mov dwRetAddr, eax; + //} + //if( IsBypassCaller(dwRetAddr) ) + //{ + // bRet = pfnPostMessageW( + // hWnd, + // Msg, + // wParam, + // lParam + // ); + + // return bRet; + //} + + //// + ////Check if target process in SandBox + //// + //DWORD dwProcessId = 0; + //GetWindowThreadProcessId(hWnd, &dwProcessId); + //if( IsProcessPatched(dwProcessId,FALSE) == FALSE ) + //{ + // bRet = FALSE; + // return bRet; + //} + + bRet = pfnPostMessageW( + hWnd, + Msg, + wParam, + lParam + ); + + return bRet; +} \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_PostMessage.h b/HookPorts/Dispatch_USER32_PostMessage.h new file mode 100644 index 0000000..7e609e2 --- /dev/null +++ b/HookPorts/Dispatch_USER32_PostMessage.h @@ -0,0 +1,37 @@ +#pragma once + +typedef BOOL (WINAPI * __pfnPostMessageA) +( + IN HWND hWnd, + IN UINT Msg, + IN WPARAM wParam, + IN LPARAM lParam); + +extern __pfnPostMessageA pfnPostMessageA; + +BOOL +WINAPI +OnPostMessageA( + IN HWND hWnd, + IN UINT Msg, + IN WPARAM wParam, + IN LPARAM lParam); + + + +typedef BOOL (WINAPI * __pfnPostMessageW) +( + IN HWND hWnd, + IN UINT Msg, + IN WPARAM wParam, + IN LPARAM lParam); + +extern __pfnPostMessageW pfnPostMessageW; + +BOOL +WINAPI +OnPostMessageW( + IN HWND hWnd, + IN UINT Msg, + IN WPARAM wParam, + IN LPARAM lParam); \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_SendMessage.cpp b/HookPorts/Dispatch_USER32_SendMessage.cpp new file mode 100644 index 0000000..bbacd48 --- /dev/null +++ b/HookPorts/Dispatch_USER32_SendMessage.cpp @@ -0,0 +1,234 @@ +#include +#include + +#include "./Dispatch_USER32_SendMessage.h" +#include "../Common/DebugLog.h" +#include "./HookHelp.h" +#include "./Main.h" +#include "./Initalization.h" +#include "./GetProcAddressEx.h" + + + +// +//Global +// +__pfnSendMessageA pfnSendMessageA = NULL; +__pfnSendMessageW pfnSendMessageW = NULL; + + + +// +//Dispatch_USER32_SendMessage Functions +// +LRESULT +WINAPI +OnSendMessageA( + IN HWND hWnd, + IN UINT Msg, + IN WPARAM wParam, + IN LPARAM lParam) +{ + LRESULT lRet; + + DWORD dwRetAddr = 0; + __asm + { + mov eax, [ebp+4]; + sub eax, 5; + mov dwRetAddr, eax; + } + if( IsBypassCaller(dwRetAddr) ) + { + lRet = pfnSendMessageA( + hWnd, + Msg, + wParam, + lParam + ); + + return lRet; + } + + // + //Check if target process in SandBox + // + DWORD dwProcessId = 0; + GetWindowThreadProcessId(hWnd, &dwProcessId); + if( IsProcessPatched(dwProcessId,FALSE) == FALSE ) + { + lRet = FALSE; + return lRet; + } + + // + //Check if is [WM_SETTEXT] command + // + if( Msg != WM_SETTEXT ) + { + lRet = pfnSendMessageA( + hWnd, + Msg, + wParam, + lParam + ); + + return lRet; + } + + // + //Check if includes [WS_CAPTION]&[WS_VISIBLE]&[WS_SYSMENU]&[WS_CLIPSIBLINGS] Window Styles + // + LONG lStylesValue = GetWindowLong(hWnd,GWL_STYLE); + if( lStylesValue == 0 ) + { + lRet = pfnSendMessageA( + hWnd, + Msg, + wParam, + lParam + ); + + return lRet; + } + if( (lStylesValue & WS_CAPTION) == 0 || + (lStylesValue & WS_VISIBLE) == 0 || + (lStylesValue & WS_SYSMENU) == 0 + ) + { + lRet = pfnSendMessageA( + hWnd, + Msg, + wParam, + lParam + ); + + return lRet; + } + + // + //Set new window title + // + char strNewWindowTitle[1024] = {NULL}; + wsprintfA(strNewWindowTitle,"[#] [%s] %s [#]",g_strSandBoxName,(LPCTSTR)lParam); + +//#ifdef Dbg +// OutputDebugStringA("\r\nSendMessageA strNewWindowTitle="); +// OutputDebugStringA(strNewWindowTitle); +//#endif + + lRet = pfnSendMessageA( + hWnd, + Msg, + wParam, + (LPARAM)strNewWindowTitle + ); + + return lRet; +} + +LRESULT +WINAPI +OnSendMessageW( + IN HWND hWnd, + IN UINT Msg, + IN WPARAM wParam, + IN LPARAM lParam) +{ + LRESULT lRet; + + DWORD dwRetAddr = 0; + __asm + { + mov eax, [ebp+4]; + sub eax, 5; + mov dwRetAddr, eax; + } + if( IsBypassCaller(dwRetAddr) ) + { + lRet = pfnSendMessageW( + hWnd, + Msg, + wParam, + lParam + ); + + return lRet; + } + + // + //Check if target process in SandBox + // + DWORD dwProcessId = 0; + GetWindowThreadProcessId(hWnd, &dwProcessId); + if( IsProcessPatched(dwProcessId,FALSE) == FALSE ) + { + lRet = FALSE; + return lRet; + } + + // + //Check if is [WM_SETTEXT] command + // + if( Msg != WM_SETTEXT ) + { + lRet = pfnSendMessageW( + hWnd, + Msg, + wParam, + lParam + ); + + return lRet; + } + + // + //Check if includes [WS_CAPTION]&[WS_VISIBLE]&[WS_SYSMENU]&[WS_CLIPSIBLINGS] Window Styles + // + LONG lStylesValue = GetWindowLong(hWnd,GWL_STYLE); + if( lStylesValue == 0 ) + { + lRet = pfnSendMessageW( + hWnd, + Msg, + wParam, + lParam + ); + + return lRet; + } + if( (lStylesValue & WS_CAPTION) == 0 || + (lStylesValue & WS_VISIBLE) == 0 || + (lStylesValue & WS_SYSMENU) == 0 + ) + { + lRet = pfnSendMessageW( + hWnd, + Msg, + wParam, + lParam + ); + + return lRet; + } + + // + //Set new window title + // + WCHAR szNewWindowTitle[1024] = {NULL}; + wsprintfW(szNewWindowTitle,L"[#] [%s] %s [#]",g_szSandBoxName,(LPCWSTR)lParam); + +//#ifdef Dbg +// OutputDebugStringW(L"\r\nSendMessageW szNewWindowTitle="); +// OutputDebugStringW(szNewWindowTitle); +//#endif + + lRet = pfnSendMessageW( + hWnd, + Msg, + wParam, + (LPARAM)szNewWindowTitle + ); + + return lRet; +} \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_SendMessage.h b/HookPorts/Dispatch_USER32_SendMessage.h new file mode 100644 index 0000000..f85f157 --- /dev/null +++ b/HookPorts/Dispatch_USER32_SendMessage.h @@ -0,0 +1,37 @@ +#pragma once + +typedef LRESULT (WINAPI * __pfnSendMessageA) +( + IN HWND hWnd, + IN UINT Msg, + IN WPARAM wParam, + IN LPARAM lParam); + +extern __pfnSendMessageA pfnSendMessageA; + +LRESULT +WINAPI +OnSendMessageA( + IN HWND hWnd, + IN UINT Msg, + IN WPARAM wParam, + IN LPARAM lParam); + + + +typedef LRESULT (WINAPI * __pfnSendMessageW) +( + IN HWND hWnd, + IN UINT Msg, + IN WPARAM wParam, + IN LPARAM lParam); + +extern __pfnSendMessageW pfnSendMessageW; + +LRESULT +WINAPI +OnSendMessageW( + IN HWND hWnd, + IN UINT Msg, + IN WPARAM wParam, + IN LPARAM lParam); \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_SetWindowLong.cpp b/HookPorts/Dispatch_USER32_SetWindowLong.cpp new file mode 100644 index 0000000..7b05f89 --- /dev/null +++ b/HookPorts/Dispatch_USER32_SetWindowLong.cpp @@ -0,0 +1,68 @@ +#include +#include + +#include "./Dispatch_USER32_SetWindowLong.h" +#include "../Common/DebugLog.h" +#include "./HookHelp.h" +#include "./Main.h" +#include "./Initalization.h" +#include "./GetProcAddressEx.h" + + + +// +//Global +// +__pfnSetWindowLongW pfnSetWindowLongW = NULL; + + + +// +//Dispatch_USER32_SetWindowLong Functions +// +LONG +WINAPI +OnSetWindowLongW( + IN HWND hWnd, + IN int nIndex, + IN LONG dwNewLong) +{ + LONG lRet; + + DWORD dwRetAddr = 0; + __asm + { + mov eax, [ebp+4]; + sub eax, 5; + mov dwRetAddr, eax; + } + if( IsBypassCaller(dwRetAddr) ) + { + lRet = pfnSetWindowLongW( + hWnd, + nIndex, + dwNewLong + ); + + return lRet; + } + + // + //Check if target process in SandBox + // + DWORD dwProcessId = 0; + GetWindowThreadProcessId(hWnd, &dwProcessId); + if( IsProcessPatched(dwProcessId,FALSE) == FALSE ) + { + lRet = 0; + return lRet; + } + + lRet = pfnSetWindowLongW( + hWnd, + nIndex, + dwNewLong + ); + + return lRet; +} \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_SetWindowLong.h b/HookPorts/Dispatch_USER32_SetWindowLong.h new file mode 100644 index 0000000..bbe1ead --- /dev/null +++ b/HookPorts/Dispatch_USER32_SetWindowLong.h @@ -0,0 +1,16 @@ +#pragma once + +typedef LONG (WINAPI * __pfnSetWindowLongW) +( + IN HWND hWnd, + IN int nIndex, + IN LONG dwNewLong); + +extern __pfnSetWindowLongW pfnSetWindowLongW; + +LONG +WINAPI +OnSetWindowLongW( + IN HWND hWnd, + IN int nIndex, + IN LONG dwNewLong); \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_SetWindowText.cpp b/HookPorts/Dispatch_USER32_SetWindowText.cpp new file mode 100644 index 0000000..8119d5f --- /dev/null +++ b/HookPorts/Dispatch_USER32_SetWindowText.cpp @@ -0,0 +1,178 @@ +#include +#include + +#include "./Dispatch_USER32_SetWindowText.h" +#include "../Common/DebugLog.h" +#include "./HookHelp.h" +#include "./Main.h" +#include "./Initalization.h" +#include "./GetProcAddressEx.h" + + + +// +//Global +// +__pfnSetWindowTextA pfnSetWindowTextA = NULL; +__pfnSetWindowTextW pfnSetWindowTextW = NULL; + + + +// +//Dispatch_USER32_SetWindowText Functions +// +BOOL +WINAPI +OnSetWindowTextA( + IN HWND hWnd, + IN LPCSTR lpString) +{ + BOOL bRet; + + DWORD dwRetAddr = 0; + __asm + { + mov eax, [ebp+4]; + sub eax, 5; + mov dwRetAddr, eax; + } + if( IsBypassCaller(dwRetAddr) ) + { + bRet = pfnSetWindowTextA( + hWnd, + lpString + ); + + return bRet; + } + + // + //Check if target process in SandBox + // + DWORD dwProcessId = 0; + GetWindowThreadProcessId(hWnd, &dwProcessId); + if( IsProcessPatched(dwProcessId,FALSE) == FALSE ) + { + bRet = FALSE; + return bRet; + } + + // + //Check if includes [WS_CAPTION] Window Styles + // + LONG lStylesValue = GetWindowLong(hWnd,GWL_STYLE); + if( lStylesValue == 0 ) + { + bRet = pfnSetWindowTextA( + hWnd, + lpString + ); + + return bRet; + } + if( (lStylesValue & WS_CAPTION) == 0 ) + { + bRet = pfnSetWindowTextA( + hWnd, + lpString + ); + + return bRet; + } + + // + //Set new window title + // + char szNewlpString[1024] = {0}; + wsprintfA(szNewlpString,"[#] [%s] %s [#]",g_strSandBoxName,lpString); + + bRet = pfnSetWindowTextA( + hWnd, + szNewlpString + ); + +#ifdef Dbg + OutputDebugStringA("SetWindowTextA szNewlpString="); + OutputDebugStringA(szNewlpString); +#endif + + return bRet; +} + +BOOL +WINAPI +OnSetWindowTextW( + IN HWND hWnd, + IN LPCWSTR lpString) +{ + BOOL bRet; + + DWORD dwRetAddr = 0; + __asm + { + mov eax, [ebp+4]; + sub eax, 5; + mov dwRetAddr, eax; + } + if( IsBypassCaller(dwRetAddr) ) + { + bRet = pfnSetWindowTextW( + hWnd, + lpString + ); + + return bRet; + } + + // + //Check if target process in SandBox + // + DWORD dwProcessId = 0; + GetWindowThreadProcessId(hWnd, &dwProcessId); + if( IsProcessPatched(dwProcessId,FALSE) == FALSE ) + { + bRet = FALSE; + return bRet; + } + + // + //Check if includes [WS_CAPTION] Window Styles + // + LONG lStylesValue = GetWindowLong(hWnd,GWL_STYLE); + if( lStylesValue == 0 ) + { + bRet = pfnSetWindowTextW( + hWnd, + lpString + ); + + return bRet; + } + if( (lStylesValue & WS_CAPTION) == 0 ) + { + bRet = pfnSetWindowTextW( + hWnd, + lpString + ); + + return bRet; + } + + // + //Set new window title + // + WCHAR szNewlpString[1024] = {0}; + wsprintfW(szNewlpString,L"[#] [%s] %s [#]",g_szSandBoxName,lpString); + + bRet = pfnSetWindowTextW( + hWnd, + szNewlpString + ); + +#ifdef Dbg + OutputDebugStringW(L"SetWindowTextW szNewlpString="); + OutputDebugStringW(szNewlpString); +#endif + + return bRet; +} \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_SetWindowText.h b/HookPorts/Dispatch_USER32_SetWindowText.h new file mode 100644 index 0000000..92906dc --- /dev/null +++ b/HookPorts/Dispatch_USER32_SetWindowText.h @@ -0,0 +1,29 @@ +#pragma once + +typedef BOOL (WINAPI * __pfnSetWindowTextA) +( + IN HWND hWnd, + IN LPCSTR lpString); + +extern __pfnSetWindowTextA pfnSetWindowTextA; + +BOOL +WINAPI +OnSetWindowTextA( + IN HWND hWnd, + IN LPCSTR lpString); + + + +typedef BOOL (WINAPI * __pfnSetWindowTextW) +( + IN HWND hWnd, + IN LPCWSTR lpString); + +extern __pfnSetWindowTextW pfnSetWindowTextW; + +BOOL +WINAPI +OnSetWindowTextW( + IN HWND hWnd, + IN LPCWSTR lpString); \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_SetWindowsHookEx.cpp b/HookPorts/Dispatch_USER32_SetWindowsHookEx.cpp new file mode 100644 index 0000000..7871f86 --- /dev/null +++ b/HookPorts/Dispatch_USER32_SetWindowsHookEx.cpp @@ -0,0 +1,75 @@ +#include +#include + +#include "./Dispatch_USER32_SetWindowsHookEx.h" +#include "../Common/DebugLog.h" +#include "./HookHelp.h" +#include "./Main.h" +#include "./Initalization.h" +#include "./GetProcAddressEx.h" + + + +// +//Global +// +__pfnSetWindowsHookExW pfnSetWindowsHookExW = NULL; + + + +// +//Dispatch_USER32_SetWindowsHookEx Functions +// +HHOOK +WINAPI +OnSetWindowsHookExW( + IN int idHook, + IN HOOKPROC lpfn, + IN HINSTANCE hmod, + IN DWORD dwThreadId) +{ + HHOOK hRet; + + DWORD dwRetAddr = 0; + __asm + { + mov eax, [ebp+4]; + sub eax, 5; + mov dwRetAddr, eax; + } + if( IsBypassCaller(dwRetAddr) ) + { + hRet = pfnSetWindowsHookExW( + idHook, + lpfn, + hmod, + dwThreadId + ); + + return hRet; + } + + // + //Parameters + // + //dwThreadId + //If this parameter is zero, the hook procedure is associated with all existing threads running in the same desktop as the calling thread. + + // + //Check if is global hook + // + if( dwThreadId == 0 ) + { + hRet = NULL; + return hRet; + } + + hRet = pfnSetWindowsHookExW( + idHook, + lpfn, + hmod, + dwThreadId + ); + + return hRet; +} \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_SetWindowsHookEx.h b/HookPorts/Dispatch_USER32_SetWindowsHookEx.h new file mode 100644 index 0000000..1b9d08c --- /dev/null +++ b/HookPorts/Dispatch_USER32_SetWindowsHookEx.h @@ -0,0 +1,18 @@ +#pragma once + +typedef HHOOK (WINAPI * __pfnSetWindowsHookExW) +( + IN int idHook, + IN HOOKPROC lpfn, + IN HINSTANCE hmod, + IN DWORD dwThreadId); + +extern __pfnSetWindowsHookExW pfnSetWindowsHookExW; + +HHOOK +WINAPI +OnSetWindowsHookExW( + IN int idHook, + IN HOOKPROC lpfn, + IN HINSTANCE hmod, + IN DWORD dwThreadId); \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_UnhookWindowsHookEx.cpp b/HookPorts/Dispatch_USER32_UnhookWindowsHookEx.cpp new file mode 100644 index 0000000..95a4b70 --- /dev/null +++ b/HookPorts/Dispatch_USER32_UnhookWindowsHookEx.cpp @@ -0,0 +1,51 @@ +#include +#include + +#include "./Dispatch_USER32_UnhookWindowsHookEx.h" +#include "../Common/DebugLog.h" +#include "./HookHelp.h" +#include "./Main.h" +#include "./Initalization.h" +#include "./GetProcAddressEx.h" + + + +// +//Global +// +__pfnUnhookWindowsHookEx pfnUnhookWindowsHookEx = NULL; + + + +// +//Dispatch_USER32_UnhookWindowsHookEx Functions +// +BOOL +WINAPI +OnUnhookWindowsHookEx( + IN HHOOK hhk) +{ + BOOL bRet; + + DWORD dwRetAddr = 0; + __asm + { + mov eax, [ebp+4]; + sub eax, 5; + mov dwRetAddr, eax; + } + if( IsBypassCaller(dwRetAddr) ) + { + bRet = pfnUnhookWindowsHookEx( + hhk + ); + + return bRet; + } + + bRet = pfnUnhookWindowsHookEx( + hhk + ); + + return bRet; +} \ No newline at end of file diff --git a/HookPorts/Dispatch_USER32_UnhookWindowsHookEx.h b/HookPorts/Dispatch_USER32_UnhookWindowsHookEx.h new file mode 100644 index 0000000..6cdbaa8 --- /dev/null +++ b/HookPorts/Dispatch_USER32_UnhookWindowsHookEx.h @@ -0,0 +1,12 @@ +#pragma once + +typedef BOOL (WINAPI * __pfnUnhookWindowsHookEx) +( + IN HHOOK hhk); + +extern __pfnUnhookWindowsHookEx pfnUnhookWindowsHookEx; + +BOOL +WINAPI +OnUnhookWindowsHookEx( + IN HHOOK hhk); \ No newline at end of file