Skip to content

Instantly share code, notes, and snippets.

@RElesgoe

RElesgoe/dllmain.cpp

Created March 20, 2016 19:50
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save RElesgoe/16670bcc81226c1887ce to your computer and use it in GitHub Desktop.
Save RElesgoe/16670bcc81226c1887ce to your computer and use it in GitHub Desktop.
Download ZIP
Raw
dllmain.cpp
#include "NewHackUtil.h"
#include <cstring>
#include <fstream>
#include <functional>
#include <iostream>
#include <Windows.h>
std::function<FARPROC WINAPI(HMODULE, LPCSTR)> GetProcAddressOld;
std::function<void WINAPI(LPFILETIME)> GetSystemTimeAsFileTimeOld;
static std::ofstream logger;
FARPROC WINAPI _GetProcAddress(HMODULE hModule, LPCSTR lpProcName)
{
logger << "Call to _GetProcAddress" << std::endl;
logger << "lpProcName: " << lpProcName << std::endl;
return GetProcAddressOld(hModule, lpProcName);
}
void WINAPI _GetSystemTimeAsFileTime(LPFILETIME lpSystemTimeAsFileTime)
{
logger << "Call to _GetSystemTimeAsFileTime" << std::endl;
return GetSystemTimeAsFileTimeOld(lpSystemTimeAsFileTime);
}
BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID)
{
switch (fdwReason)
{
case DLL_PROCESS_ATTACH:
logger.open("bwhook.log", std::ios::out | std::ios::app);
logger << "Logging started" << std::endl;
GetProcAddressOld = HackUtil::PatchImport("kernel32.dll", "GetProcAddress", &_GetProcAddress);
GetSystemTimeAsFileTimeOld = HackUtil::PatchImport("kernel32.dll", "GetSystemTimeAsFileTime", &_GetSystemTimeAsFileTime);
if (GetProcAddressOld == nullptr)
logger << "HackUtil::PatchImport returned a nullptr" << std::endl;
break;
case DLL_PROCESS_DETACH:
logger << "Logging ended\n" << std::endl;
logger.close();
break;
default:
break;
}
return TRUE;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment