приведу весь код, может так будет понятней
AdvBox32.dll
//----------------------------------------------------------------------------------
library AdvBox32;
uses
Windows,SysUtils;
type
OldCode = packed record
One: dword;
two: word;
end;
far_jmp = packed record
PuhsOp: byte;
PushArg: pointer;
RetOp: byte;
end;
var
hhPort:HWND;
Jmp_CreateFileW, Jmp_SetCommState: far_jmp;
Old_CreateFileW, Old_SetCommState: OldCode;
CreateFileW_Adr, SetCommState_Adr: pointer;
//-----------------------------------------------------------------------------
function New_CreateFileW( lpFileName:LPCWSTR;
dwDesiredAccess:DWORD;
dwShareMode:DWORD;
lpSecurityAttributes:PSecurityAttributes;
dwCreationDisposition:DWORD;
dwFlagsAndAttributes:DWORD;
hTemplateFile:HWND):HWND;stdcall
var
Written: dword;
begin
WriteProcessMemory(INVALID_HANDLE_VALUE, CreateFileW_Adr,
@Old_CreateFileW, SizeOf(OldCode), Written);
Result := CreateFileW(lpFileName,dwDesiredAccess, dwShareMode,lpSecurityAttributes,
dwCreationDisposition,
dwFlagsAndAttributes,
hTemplateFile);
if lpFileName='COM1' then
begin
MessageBox(0, 'COM1', '', 0);
hhPort:=Result;
end;
WriteProcessMemory(INVALID_HANDLE_VALUE, CreateFileW_Adr,
@Jmp_CreateFileW, SizeOf(far_jmp), Written);
//-------------------------------------------------------------------------
function New_SetCommState(pPort:HWND; DCB:_DCB):LongBool; stdcall;
var
Written: dword;
wDCB:_DCB;
begin
WriteProcessMemory(INVALID_HANDLE_VALUE, SetCommState_Adr,
@Old_SetCommState, SizeOf(OldCode), Written);
{здесь,pPort =hhPort, DCB.baudrate выдает непонятное число ,а GEtCommState(pPort,wDCB) в wDCB.baudrate установленную скорость 19200
}
result:= SetCommState(pPort,DCB);
//? здесь result=false
WriteProcessMemory(INVALID_HANDLE_VALUE, SetCommState_Adr,
@Jmp_SetCommState, SizeOf(far_jmp), Written);
end;
//----------------------------------------------------------------------
//*******************************************************************************
Procedure SetHook();
var
hkernel32: dword;
Bytes: dword;
begin
hkernel32 := GetModuleHandle('kernel32.dll');
CreateFileW_Adr := GetProcAddress(hkernel32, 'CreateFileW');
SetCommState_Adr := GetProcAddress(hkernel32, 'SetCommState');
ReadProcessMemory(INVALID_HANDLE_VALUE, CreateFileW_Adr, @Old_CreateFileW, SizeOf(OldCode), Bytes);
ReadProcessMemory(INVALID_HANDLE_VALUE, SetCommState_Adr, @Old_SetCommState, SizeOf(OldCode), Bytes);
Jmp_CreateFileW.PuhsOp := $68;
Jmp_CreateFileW.PushArg := @New_CreateFileW ;
Jmp_CreateFileW.RetOp := $C3;
Jmp_SetCommState.PuhsOp := $68;
Jmp_SetCommState.PushArg := @New_SetCommState;
Jmp_SetCommState.RetOp := $C3;
WriteProcessMemory(INVALID_HANDLE_VALUE, CreateFileW_Adr, @Jmp_CreateFileW, SizeOf(far_jmp), Bytes);
WriteProcessMemory(INVALID_HANDLE_VALUE, SetCommState_Adr, @Jmp_SetCommState, SizeOf(far_jmp), Bytes);
end;
//*******************************************************************************
Procedure Unhook();
var
Bytes: dword;
begin
WriteProcessMemory(INVALID_HANDLE_VALUE, SetCommState_Adr, @Old_SetCommState, SizeOf(OldCode), Bytes);
WriteProcessMemory(INVALID_HANDLE_VALUE, CreateFileW_Adr, @Old_CreateFileW, SizeOf(OldCode), Bytes);
end;
//*******************************************************************************
Function MessageProc(code : integer; wParam : word;
lParam : longint) : longint; stdcall;
begin
CallNextHookEx(0, Code, wParam, lparam);
Result := 0;
end;
//*******************************************************************************
Procedure SetGlobalHookProc();
begin
SetWindowsHookEx(WH_GETMESSAGE, @MessageProc, HInstance, 0);
Sleep(INFINITE);
end;
//*******************************************************************************
Procedure SetGlobalHook();
var
hMutex: dword;
TrId: dword;
begin
hMutex := CreateMutex(nil, false, 'AdvareHook');
if GetLastError = 0 then
CreateThread(nil, 0, @SetGlobalHookProc, nil, 0, TrId) else
CloseHandle(hMutex);
end;
//*******************************************************************************
procedure DLLEntryPoint(dwReason: DWord);
begin
case dwReason of
DLL_PROCESS_ATTACH: begin
SetGlobalHook();
ii:=0;
Randomize();
SetHook()
end;
DLL_PROCESS_DETACH: UnHook();
end;
end;
//*******************************************************************************
begin
DllProc := @DLLEntryPoint;
DLLEntryPoint(DLL_PROCESS_ATTACH);
end.
и exe файл
AdvBox.exe
program AdwareBox;
uses
Windows;
begin
LoadLibrary('AdvBox32.dll');
SLEEP(INFINITE);
end.
перехват в чужом процессе "com.exe", в windows xp,
про лог вы имеете ввиду, что нужно после снятия перехвата, сделать создание файла и запись туда значения pPort и DCB? , не особо понимю что это даст, и чем плох message box, но попробую сделать, других вариантов просто нет,
спасибо