jascha-n / minhook-rs Goto Github PK
View Code? Open in Web Editor NEWA function hooking library for the Rust programming language
License: Other
A function hooking library for the Rust programming language
License: Other
Hi. I'm trying to implement an example: inject to notepad.exe
and hook user32::DialogBoxParamW
(About program dialog).
I use modified minject-rs for dll injecting.
If i use custom call user32::MessageBoxA
- it is hooks (see comment // This call hook works.
). But then i press notepad button for show About program dialog - user32::DialogBoxParamW
does not hook.
What could be wrong?
static_hooks! {
// Hook for user32::MessageBoxA.
pub impl MESSAGE_BOX_A for user32::MessageBoxA: unsafe extern "system" fn(winapi::HWND, winapi::LPCSTR, winapi::LPCSTR, winapi::UINT) -> winapi::c_int;
// Hook for user32::DialogBoxParamW.
pub impl DIALOG_BOX_PARAM_W for user32::DialogBoxParamW: unsafe extern "system" fn(winapi::HINSTANCE, winapi::LPCWSTR, winapi::HWND, winapi::DLGPROC, winapi::LPARAM) -> winapi::INT_PTR;
}
fn attach(hinstance: winapi::HINSTANCE) -> Result<()> {
// Disable thread attach/detach calls.
if unsafe { kernel32::DisableThreadLibraryCalls(hinstance) } == winapi::FALSE {
bail!(Error::with_chain(io::Error::last_os_error(),
ErrorKind::DisableThreadLibraryCalls));
}
// Init hooks.
unsafe {
MESSAGE_BOX_A
.initialize(|wnd, text, _caption, flags| {
debug!("MESSAGE_BOX_A");
println!("MESSAGE_BOX_A");
let caption = b"Hooked caption a ;).\0";
MESSAGE_BOX_A.call_real(wnd, text, caption.as_ptr() as winapi::LPCSTR, flags)
})?
};
unsafe {
DIALOG_BOX_PARAM_W
.initialize(|instance, template_name, parent, dialog_func, init_param| {
debug!("DIALOG_BOX_PARAM_W");
message_box("DIALOG_BOX_PARAM_W", "DIALOG_BOX_PARAM_W.").unwrap();
println!("DIALOG_BOX_PARAM_W");
DIALOG_BOX_PARAM_W.call_real(instance, template_name, parent, dialog_func, init_param)
})?
};
debug!("Hooks initialized.");
// Enable hooks.
MESSAGE_BOX_A.enable()?;
DIALOG_BOX_PARAM_W.enable()?;
debug!("Hooks enabled.");
// This call hook works.
{
let caption = b"Caption.\0";
let text = b"Text.\0";
unsafe {
user32::MessageBoxA(0 as winapi::HWND,
text.as_ptr() as winapi::LPCSTR,
caption.as_ptr() as winapi::LPCSTR,
0)
};
}
message_box("Attach", "Template module attached.")?;
debug!("Template module attached.");
Ok(())
}
System: Win 10. x86_64. rust: 1.20.0-nightly
I try to hook w2_32::recv
and w2_32::send
.
w2_32::send
hooks correctly, but w2_32::recv
return wrong buffer address and wrong length.
Init hooks:
// send/recv.
unsafe {
hook::Send
.initialize(|socket, buffer, length, flags| {
let buffer = slice::from_raw_parts_mut(buffer as *mut u8, length as usize);
let mut cursor = Cursor::new(buffer);
while cursor.position() < length as u64 {
trace_packet(protocol::Direction::Send, &mut cursor);
}
hook::Send.call_real(socket, buffer, length, flags)
})?
};
unsafe {
hook::Recv
.initialize(|socket, buffer, length, flags| {
let address = buffer;
let buffer = slice::from_raw_parts_mut(buffer as *mut u8, 7);
debug!("{} (buffer: {:?}, address: {:#?}, length: {}, flags: {})",
protocol::Direction::Receive,
buffer,
address as *const _,
length as usize,
flags);
hook::Recv.call_real(socket, buffer, length, flags)
})?
};
Define hooks:
static_hooks! {
// ws2_32.dll
// Hook for ws2_32::send.
pub impl Send for "send" in "ws2_32.dll": unsafe extern "system" fn(winapi::SOCKET, *const winapi::c_char, winapi::c_int, winapi::c_int) -> winapi::c_int;
// Hook for ws2_32::recv.
pub impl Recv for "recv" in "ws2_32.dll": unsafe extern "system" fn(winapi::SOCKET, *mut winapi::c_char, winapi::c_int, winapi::c_int) -> winapi::c_int;
...
}
Proc addresses from injector and from injected dll the same:
# from injector:
[DEBUG] injector::injector: Function. (name: "send", address: 0x7ffc785a4060)
[DEBUG] injector::injector: Function. (name: "recv", address: 0x7ffc78596ce0)
# from injected dll:
[DEBUG] injected: Function. (module: ws2_32.dll, name: "send", address: 0x00007ffc785a4060)
[DEBUG] injected: Function. (module: ws2_32.dll, name: "recv", address: 0x00007ffc78596ce0)
Example recv function log:
...
# Send (correct):
19:45:55 [DEBUG] injected: Send. Unknown { id: 0x0e01, encoded: 1, payload: HexBuffer { buffer: [0d 69 00 00 d8 e1 90 ce 46 00 00 00], length: 12 } }
19:45:58 [DEBUG] injected: Send. Unknown { id: 0x0e32, encoded: 1, payload: HexBuffer { buffer: [00], length: 1 } }
...
# Receive (incorrect):
19:48:01 [DEBUG] injected: Receive. (buffer: [0, 0, 0, 0, 0, 0, 0], address: 0x000000006b3e43d2, length: 9945838, flags: 0)
19:48:01 [DEBUG] injected: Receive. (buffer: [0, 0, 0, 0, 0, 0, 0], address: 0x000000006b3e43fb, length: 9945797, flags: 0)
19:48:01 [DEBUG] injected: Receive. (buffer: [0, 0, 0, 0, 0, 0, 0], address: 0x000000006b3e4424, length: 9945756, flags: 0)
19:48:02 [DEBUG] injected: Receive. (buffer: [0, 0, 0, 0, 0, 0, 0], address: 0x000000006b3e444d, length: 9945715, flags: 0)
19:48:02 [DEBUG] injected: Receive. (buffer: [0, 0, 0, 0, 0, 0, 0], address: 0x000000006b3e4476, length: 9945674, flags: 0)
...
Special soft for hooking send/recv functions (for example EchoMirage) hooks it correctly.
System: Win 10. x86_64. rust: 1.20.0-nightly
What could be the problem?
Could you make it work with latest versions of rust, please?
Hey, trying to do
let mut test = minhook::Hook::<fn(f32, *mut UserCmd) -> bool>::create::<fn(f32, *mut UserCmd) -> bool>(hook, fn_ptrs.addy);
test.enable();
Leads me to this error
no method named enable
found for type ()
in the current scope
Odd, shouldn't be doing this. Please help me :)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.