aboutsummaryrefslogtreecommitdiffhomepage
path: root/samples/einst/einst.cpp
blob: e732a1fb20da0ed4723f3475a9da75ff3be0c413 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
//////////////////////////////////////////////////////////////////////////////
//
//  Detours Test Program (einst.cpp of einst.exe)
//
//  Microsoft Research Detours Package
//
//  Copyright (c) Microsoft Corporation.  All rights reserved.
//
#include <stdio.h>
#include <windows.h>
#include <detours.h>

struct CPrivateStuff
{
    DETOUR_SECTION_HEADER   header;
    DETOUR_SECTION_RECORD   record;
    CHAR                    szMessage[32];
};

#ifdef INCLUDE_THIS
#pragma data_seg(".detour")

static CPrivateStuff private_stuff = {
    DETOUR_SECTION_HEADER_DECLARE(sizeof(CPrivateStuff)),
    {
        (sizeof(CPrivateStuff) - sizeof(DETOUR_SECTION_HEADER)),
        0,
        { /* d9ab8a40-f4cc-11d1-b6d7-006097b010e3 */
            0xd9ab8a40,
            0xf4cc,
            0x11d1,
            {0xb6, 0xd7, 0x00, 0x60, 0x97, 0xb0, 0x10, 0xe3}
        }
    },
    "The Application!"
};
#pragma data_seg()
#endif

GUID my_guid =
{ /* d9ab8a40-f4cc-11d1-b6d7-006097b010e3 */
    0xd9ab8a40,
    0xf4cc,
    0x11d1,
    {0xb6, 0xd7, 0x00, 0x60, 0x97, 0xb0, 0x10, 0xe3}
};

__declspec(dllimport) VOID WINAPI EDll1Function(VOID);
__declspec(dllimport) VOID WINAPI EDll2Function(VOID);
__declspec(dllimport) VOID WINAPI EDll3Function(VOID);

void FindPayload(HINSTANCE hinst)
{
    CHAR szModuleName[256];
    GetModuleFileNameA(hinst, szModuleName, ARRAYSIZE(szModuleName));
    printf("  %p : %s\n", hinst, szModuleName);

    ULONG cbData = 0;
    PBYTE pbData = (PBYTE)DetourFindPayload(hinst, my_guid, &cbData);

    if (pbData) {
        printf("  %08p..%08p : %50.50s\n",
               pbData,
               pbData + cbData,
               pbData);
    }
}

int WINAPI WinMain(HINSTANCE hinst, HINSTANCE hprev, LPSTR lpszCmdLine, int nCmdShow)
{
    (void)hinst;
    (void)hprev;
    (void)lpszCmdLine;
    (void)nCmdShow;

    printf("Source .EXE:\n");
    FindPayload(NULL);
    printf("\n");

    printf("DLL and EXE binaries loaded:\n");

    EDll1Function();
    EDll2Function();
    EDll3Function();

    for (HINSTANCE hiter = NULL; (hiter = DetourEnumerateModules(hiter)) != NULL;) {
        FindPayload(hiter);
    }

    if ((PVOID)hinst == (PVOID)lpszCmdLine) {
        DispatchMessage(NULL);                          // Force load of gdi32.dll
    }

    return 0;
}

//
///////////////////////////////////////////////////////////////// End of File.