终身高级VIP会员
  
- 资源币
- 7
- 积分
- 67
- 贡献
- 0
- 在线时间
- 27 小时
- 注册时间
- 2021-3-17
- 最后登录
- 2023-2-11
|
楼主 |
发表于 2021-5-8 18:39:40
|
显示全部楼层
本帖最后由 bs0303 于 2021-5-8 18:44 编辑
- Hook* hook2;
- struct {
- DWORD dwBase;
- DWORD dwLen;
- BYTE* strBuff;
- CString strRecv;
- CString strTempRecv;
- }recvPack;
- __declspec(naked) void recvHook(){
- __asm pushad
- //自己代码
- __asm{
- mov recvPack.dwBase,ebx
- mov ecx,[edi]
- mov ecx,[ecx+0x8]
- mov edx,[edi]
- mov edx,[edx+0x4]
- sub ecx,edx
- add ecx,2
- mov recvPack.dwLen,ecx
- }
- recvPack.strBuff = new BYTE[recvPack.dwLen];
- ReadProcessMemory((HANDLE)-1,(LPCVOID)recvPack.dwBase,recvPack.strBuff,recvPack.dwLen,NULL);
- for(DWORD i=0; i<recvPack.dwLen; i++){
- recvPack.strTempRecv.Format(L"%02X ",recvPack.strBuff[i]);
- recvPack.strRecv+=recvPack.strTempRecv;
- }
- OutputDebug(L"包地址:0X%08X 包长:0X%02X===%08d 包内容:%s",recvPack.dwBase,recvPack.dwLen,recvPack.dwLen,recvPack.strRecv);
- delete[] recvPack.strBuff;
- recvPack.strBuff = nullptr;
- recvPack.strRecv = "";
- __asm{
- popad
- mov ebp,dword ptr ds:[esi+0x2874]
- retn
- }
- }
- void CDLG::OnBnClickedButton10()
- {
- // TODO: 在此添加控件通知处理程序代码
- hook2 = new Hook();
- hook2->onHook((DWORD)0x00B92931,(DWORD)recvHook,(BYTE)0xE8,6);
- }
- void CDLG::OnBnClickedButton11()
- {
- // TODO: 在此添加控件通知处理程序代码
- hook2->unHook();
- delete hook2;
- hook2 = nullptr;
- }
传的和视频一样的ebx |
|
发表于 2021-5-8 15:14:43
