C# Класс DeviareLiteInterop.HookLib

Показать файл Открыть проект

Открытые методы

Метод Описание
CreateProcess ( string applicationName, string commandLine, Nullable processAttributes, Nullable threadAttributes, bool inheritHandles, ProcessCreationFlags creationFlags, string environment, string currentDirectory, Nullable startupInfo ) : ProcessInfo
CreateProcessWithDll ( string applicationName, string commandLine, Nullable processAttributes, Nullable threadAttributes, bool inheritHandles, ProcessCreationFlags creationFlags, string environment, string currentDirectory, Nullable startupInfo, string dllName, IntPtr signalCompletedEvent, string initFunctionName ) : ProcessInfo
CreateProcessWithLogonAndDll ( string userName, string domain, string password, int logonFlags, string applicationName, string commandLine, ProcessCreationFlags creationFlags, string environment, string currentDirectory, Nullable startupInfo, string dllName, IntPtr signalCompletedEvent, string initFunctionName ) : ProcessInfo
CreateProcessWithTokenAndDll ( IntPtr token, int logonFlags, string applicationName, string commandLine, ProcessCreationFlags creationFlags, string environment, string currentDirectory, Nullable startupInfo, string dllName, IntPtr signalCompletedEvent, string initFunctionName ) : ProcessInfo
EnableHook ( object o, bool enable ) : void
GetModuleBaseAddress ( string moduleName ) : IntPtr
GetProcedureAddress ( IntPtr moduleBaseAddress, string procName ) : IntPtr
GetRemoteModuleBaseAddress ( int pid, string moduleName, bool scanMappedImages ) : IntPtr
GetRemoteProcedureAddress ( int pid, IntPtr moduleBaseAddress, string procName ) : IntPtr
Hook ( IntPtr origAddr, IntPtr newAddr ) : object
Hook ( IntPtr origAddr, IntPtr newAddr, int flags ) : object
Hook ( Type origClassType, string origMethodName, Type origParams, Type newClassType, string newMethodName, Type newParams ) : object
Hook ( Type origClassType, string origMethodName, Type origParams, Type newClassType, string newMethodName, Type newParams, int flags ) : object
HookLib ( ) : System
InjectDll ( int procId, string dllName, string initFunctionName, uint processInitWaitTimeoutMs ) : void
InjectDll ( int procId, string dllName, string initFunctionName, uint processInitWaitTimeoutMs, IntPtr &injectorThreadHandle ) : void
InjectDllH ( IntPtr procHandle, string dllName, string initFunctionName, uint processInitWaitTimeoutMs ) : void
InjectDllH ( IntPtr procHandle, string dllName, string initFunctionName, uint processInitWaitTimeoutMs, IntPtr &injectorThreadHandle ) : void
RemoteHook ( IntPtr origAddr, IntPtr newAddr, int pid ) : object
RemoteHook ( IntPtr origAddr, IntPtr newAddr, int pid, int flags ) : object
RemoveHook ( object o, bool disable ) : void
ResumeThread ( IntPtr threadHandle ) : void
ResumeThread ( SafeWaitHandle threadHandle ) : void
Unhook ( object o ) : void
UnhookAll ( ) : void
UnhookProcess ( int pid ) : void
WaitForInjectorThread ( IntPtr injectorThreadHandle, uint timeoutMs ) : uint

Приватные методы

Метод Описание
DotNetInit ( ) : void
DuplicateAndConvertToSafeWaitHandle ( IntPtr h ) : SafeWaitHandle
GetMethodAddress ( Type classType, string methodName, Type parameters ) : IntPtr
GetProperty ( Object obj, string propName ) : Object
IntPtr2Obj ( IntPtr val ) : object
Invoke ( Object obj, string methodName ) : Object
Invoke ( Object obj, string methodName, object parameters ) : Object
Invoke ( Object obj, string methodName, object parameters, ParameterModifier modifiers ) : Object
NativeCloseHandle ( IntPtr hThread ) : uint
NativeCreateProcess ( string lpApplicationName, string lpCommandLine, IntPtr lpProcessAttributes, IntPtr lpThreadAttributes, [ bInheritHandles, uint dwCreationFlags, string lpEnvironment, string lpCurrentDirectory, IntPtr lpStartupInfo, PROCESS_INFORMATION &lpProcessInformation ) : bool
NativeDuplicateHandle ( IntPtr hSourceProcessHandle, IntPtr hSourceHandle, IntPtr hTargetProcessHandle, IntPtr &lpTargetHandle, uint dwDesiredAccess, [ bInheritHandle, uint dwOptions ) : bool
NativeGetCurrentProcess ( ) : IntPtr
NativeGetExitCodeThread ( IntPtr hThread, uint &lpExitCode ) : bool
NativeResumeThread ( IntPtr hThread ) : uint
NativeWaitForSingleObject ( IntPtr hHandle, UInt32 dwMilliseconds ) : UInt32
Obj2IntPtr ( object o ) : IntPtr
SetProperty ( Object obj, string propName, object propValue ) : void

Описание методов

CreateProcess() публичный Метод

public CreateProcess ( string applicationName, string commandLine, Nullable processAttributes, Nullable threadAttributes, bool inheritHandles, ProcessCreationFlags creationFlags, string environment, string currentDirectory, Nullable startupInfo ) : ProcessInfo
applicationName string
commandLine string
processAttributes Nullable
threadAttributes Nullable
inheritHandles bool
creationFlags ProcessCreationFlags
environment string
currentDirectory string
startupInfo Nullable
Результат ProcessInfo

CreateProcessWithDll() публичный Метод

public CreateProcessWithDll ( string applicationName, string commandLine, Nullable processAttributes, Nullable threadAttributes, bool inheritHandles, ProcessCreationFlags creationFlags, string environment, string currentDirectory, Nullable startupInfo, string dllName, IntPtr signalCompletedEvent, string initFunctionName ) : ProcessInfo
applicationName string
commandLine string
processAttributes Nullable
threadAttributes Nullable
inheritHandles bool
creationFlags ProcessCreationFlags
environment string
currentDirectory string
startupInfo Nullable
dllName string
signalCompletedEvent System.IntPtr
initFunctionName string
Результат ProcessInfo

CreateProcessWithLogonAndDll() публичный Метод

public CreateProcessWithLogonAndDll ( string userName, string domain, string password, int logonFlags, string applicationName, string commandLine, ProcessCreationFlags creationFlags, string environment, string currentDirectory, Nullable startupInfo, string dllName, IntPtr signalCompletedEvent, string initFunctionName ) : ProcessInfo
userName string
domain string
password string
logonFlags int
applicationName string
commandLine string
creationFlags ProcessCreationFlags
environment string
currentDirectory string
startupInfo Nullable
dllName string
signalCompletedEvent System.IntPtr
initFunctionName string
Результат ProcessInfo

CreateProcessWithTokenAndDll() публичный Метод

public CreateProcessWithTokenAndDll ( IntPtr token, int logonFlags, string applicationName, string commandLine, ProcessCreationFlags creationFlags, string environment, string currentDirectory, Nullable startupInfo, string dllName, IntPtr signalCompletedEvent, string initFunctionName ) : ProcessInfo
token System.IntPtr
logonFlags int
applicationName string
commandLine string
creationFlags ProcessCreationFlags
environment string
currentDirectory string
startupInfo Nullable
dllName string
signalCompletedEvent System.IntPtr
initFunctionName string
Результат ProcessInfo

EnableHook() публичный Метод

public EnableHook ( object o, bool enable ) : void
o object
enable bool
Результат void

GetModuleBaseAddress() публичный Метод

public GetModuleBaseAddress ( string moduleName ) : IntPtr
moduleName string
Результат System.IntPtr

GetProcedureAddress() публичный Метод

public GetProcedureAddress ( IntPtr moduleBaseAddress, string procName ) : IntPtr
moduleBaseAddress System.IntPtr
procName string
Результат System.IntPtr

GetRemoteModuleBaseAddress() публичный Метод

public GetRemoteModuleBaseAddress ( int pid, string moduleName, bool scanMappedImages ) : IntPtr
pid int
moduleName string
scanMappedImages bool
Результат System.IntPtr

GetRemoteProcedureAddress() публичный Метод

public GetRemoteProcedureAddress ( int pid, IntPtr moduleBaseAddress, string procName ) : IntPtr
pid int
moduleBaseAddress System.IntPtr
procName string
Результат System.IntPtr

Hook() публичный Метод

public Hook ( IntPtr origAddr, IntPtr newAddr ) : object
origAddr System.IntPtr
newAddr System.IntPtr
Результат object

Hook() публичный Метод

public Hook ( IntPtr origAddr, IntPtr newAddr, int flags ) : object
origAddr System.IntPtr
newAddr System.IntPtr
flags int
Результат object

Hook() публичный Метод

public Hook ( Type origClassType, string origMethodName, Type origParams, Type newClassType, string newMethodName, Type newParams ) : object
origClassType System.Type
origMethodName string
origParams System.Type
newClassType System.Type
newMethodName string
newParams System.Type
Результат object

Hook() публичный Метод

public Hook ( Type origClassType, string origMethodName, Type origParams, Type newClassType, string newMethodName, Type newParams, int flags ) : object
origClassType System.Type
origMethodName string
origParams System.Type
newClassType System.Type
newMethodName string
newParams System.Type
flags int
Результат object

HookLib() публичный Метод

public HookLib ( ) : System
Результат System

InjectDll() публичный Метод

public InjectDll ( int procId, string dllName, string initFunctionName, uint processInitWaitTimeoutMs ) : void
procId int
dllName string
initFunctionName string
processInitWaitTimeoutMs uint
Результат void

InjectDll() публичный Метод

public InjectDll ( int procId, string dllName, string initFunctionName, uint processInitWaitTimeoutMs, IntPtr &injectorThreadHandle ) : void
procId int
dllName string
initFunctionName string
processInitWaitTimeoutMs uint
injectorThreadHandle System.IntPtr
Результат void

InjectDllH() публичный Метод

public InjectDllH ( IntPtr procHandle, string dllName, string initFunctionName, uint processInitWaitTimeoutMs ) : void
procHandle System.IntPtr
dllName string
initFunctionName string
processInitWaitTimeoutMs uint
Результат void

InjectDllH() публичный Метод

public InjectDllH ( IntPtr procHandle, string dllName, string initFunctionName, uint processInitWaitTimeoutMs, IntPtr &injectorThreadHandle ) : void
procHandle System.IntPtr
dllName string
initFunctionName string
processInitWaitTimeoutMs uint
injectorThreadHandle System.IntPtr
Результат void

RemoteHook() публичный Метод

public RemoteHook ( IntPtr origAddr, IntPtr newAddr, int pid ) : object
origAddr System.IntPtr
newAddr System.IntPtr
pid int
Результат object

RemoteHook() публичный Метод

public RemoteHook ( IntPtr origAddr, IntPtr newAddr, int pid, int flags ) : object
origAddr System.IntPtr
newAddr System.IntPtr
pid int
flags int
Результат object

RemoveHook() публичный Метод

public RemoveHook ( object o, bool disable ) : void
o object
disable bool
Результат void

ResumeThread() публичный Метод

public ResumeThread ( IntPtr threadHandle ) : void
threadHandle System.IntPtr
Результат void

ResumeThread() публичный Метод

public ResumeThread ( SafeWaitHandle threadHandle ) : void
threadHandle Microsoft.Win32.SafeHandles.SafeWaitHandle
Результат void

Unhook() публичный Метод

public Unhook ( object o ) : void
o object
Результат void

UnhookAll() публичный Метод

public UnhookAll ( ) : void
Результат void

UnhookProcess() публичный Метод

public UnhookProcess ( int pid ) : void
pid int
Результат void

WaitForInjectorThread() публичный Метод

public WaitForInjectorThread ( IntPtr injectorThreadHandle, uint timeoutMs ) : uint
injectorThreadHandle System.IntPtr
timeoutMs uint
Результат uint