文件名称:ZyComHookSample
- 所属分类:
- 钩子与API截获
- 资源属性:
- [Windows] [Visual.Net] [源码]
- 上传时间:
- 2012-11-26
- 文件大小:
- 73kb
- 下载次数:
- 0次
- 提 供 者:
- 海***
- 相关连接:
- 无
- 下载说明:
- 别用迅雷下载,失败请重下,重下不扣分!
介绍说明--下载内容均来自于网络,请自行研究使用
IFileOperation COM HOOK代码实例
WIN7系统在explorer.exe中操作文件都是调用IFileOperation COM接口,因此通用方法HOOK Win32 API 如DeleteFile就失去了作用
该实例成功HOOK到了NewItem、RenameItem、RenameItems、MoveItem、MoveItems、CopyItem、CopyItems、DeleteItem、DeleteItems等接口
备注:
google您可以找到有关com hook代码实例,但存在两大问题:
1、只能hook一次,并且操作文件将失效
2、反注入后,explorer.exe直接奔溃
该版本未修复这两个问题
如果需要完整版本,请访问:http://www.csto.com/case/show/id:51-The IFileOperation COM HOOK code instance WIN7 system operating in the explorer.exe in file to call IFileOperation COM interface, therefore, universal method HOOK Win32 APIs such as DeleteFile will lose the role of the instance successfully HOOK to NewItem RenameItem, RenameItems MoveItem, MoveItems CopyItem Remarks CopyItems, DeleteItem, DeleteItems interface: google you can find com, hook code examples, but there are two major problems: 1 hook only once, and manipulating files will fail, anti-implantation, explorer.exe directly Ben collapse version did not fix these two problems if you need the full version, please visit: http://www.csto.com/case/show/id:5177
WIN7系统在explorer.exe中操作文件都是调用IFileOperation COM接口,因此通用方法HOOK Win32 API 如DeleteFile就失去了作用
该实例成功HOOK到了NewItem、RenameItem、RenameItems、MoveItem、MoveItems、CopyItem、CopyItems、DeleteItem、DeleteItems等接口
备注:
google您可以找到有关com hook代码实例,但存在两大问题:
1、只能hook一次,并且操作文件将失效
2、反注入后,explorer.exe直接奔溃
该版本未修复这两个问题
如果需要完整版本,请访问:http://www.csto.com/case/show/id:51-The IFileOperation COM HOOK code instance WIN7 system operating in the explorer.exe in file to call IFileOperation COM interface, therefore, universal method HOOK Win32 APIs such as DeleteFile will lose the role of the instance successfully HOOK to NewItem RenameItem, RenameItems MoveItem, MoveItems CopyItem Remarks CopyItems, DeleteItem, DeleteItems interface: google you can find com, hook code examples, but there are two major problems: 1 hook only once, and manipulating files will fail, anti-implantation, explorer.exe directly Ben collapse version did not fix these two problems if you need the full version, please visit: http://www.csto.com/case/show/id:5177
(系统自动生成,下载前可以参看下载内容)
下载文件列表
ZyComHookSample\ZyComHook\cpu.c
...............\.........\cpu.h
...............\.........\CreationHook.cpp
...............\.........\CreationHook.h
...............\.........\disasm.c
...............\.........\disasm.h
...............\.........\disasm_x86.c
...............\.........\disasm_x86.h
...............\.........\disasm_x86_tables.h
...............\.........\dllmain.cpp
...............\.........\Factory.cpp
...............\.........\Factory.h
...............\.........\mhook.cpp
...............\.........\mhook.h
...............\.........\misc.c
...............\.........\misc.h
...............\.........\ReadMe.txt
...............\.........\stdafx.cpp
...............\.........\stdafx.h
...............\.........\targetver.h
...............\.........\VtableHooks.cpp
...............\.........\VtableHooks.h
...............\.........\ZyComHook.cpp
...............\.........\ZyComHook.vcxproj
...............\.........\ZyComHook.vcxproj.filters
...............\.........\ZyComHook.vcxproj.user
...............\ZyComHook.sln
...............\ZyComHook.suo
...............\ZyComHook
ZyComHookSample
...............\.........\cpu.h
...............\.........\CreationHook.cpp
...............\.........\CreationHook.h
...............\.........\disasm.c
...............\.........\disasm.h
...............\.........\disasm_x86.c
...............\.........\disasm_x86.h
...............\.........\disasm_x86_tables.h
...............\.........\dllmain.cpp
...............\.........\Factory.cpp
...............\.........\Factory.h
...............\.........\mhook.cpp
...............\.........\mhook.h
...............\.........\misc.c
...............\.........\misc.h
...............\.........\ReadMe.txt
...............\.........\stdafx.cpp
...............\.........\stdafx.h
...............\.........\targetver.h
...............\.........\VtableHooks.cpp
...............\.........\VtableHooks.h
...............\.........\ZyComHook.cpp
...............\.........\ZyComHook.vcxproj
...............\.........\ZyComHook.vcxproj.filters
...............\.........\ZyComHook.vcxproj.user
...............\ZyComHook.sln
...............\ZyComHook.suo
...............\ZyComHook
ZyComHookSample