1. Hook的实现参考
参考: http://github.com/Totto8492/VSAi/tree/master/Vendor/mhook-lib/
2. Detours
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourSetIgnoreTooSmall(TRUE);
DetourAttach(a, b);
if (DetourTransactionCommit() != 0)
{
PVOID *ppbFailedPointer = NULL;
DetourTransactionCommitEx(&ppbFailedPointer);
}以上是Detours使用的基本用法。
3. 浏览器控件更改HTTP Request Header的User-Agent
据可靠情报,加BeforeNavigate是没有用的,只能Hook。
IE6,Hook这个API,InternetOpenA,IE6以后的版本Hook InternetOpenW
我测试成功了。
4. 浏览器控件加载未注册的ActiveX控件
STDAPI _MyCoGetClassObjectFromURL( REFCLSID rCLASSID,
LPCWSTR szCODE, DWORD dwFileVersionMS,
DWORD dwFileVersionLS, LPCWSTR szTYPE,
LPBINDCTX pBindCtx, DWORD dwClsContext,
LPVOID pvReserved, REFIID riid, LPVOID * ppv)
{
//
HRESULT hRet = AxLoader::Instance()->MyGetClassObject(rCLASSID, 0, NULL, riid, ppv);
return hRet;
}AxLoader code:
HRESULT AxLoader::MyGetClassObject(__in REFCLSID inRefClassId,
__in DWORD dwClsContext,
__in_opt LPVOID pvReserved,
__in REFIID riid,
__deref_out LPVOID FAR* ppv)
{
HRESULT hRet = S_OK;
WCHAR szGuid[MAX_PATH] = {};
StringFromGUID2(inRefClassId, szGuid, MAX_PATH);
CString strAxPath;
if (!HasRegisterGUID(szGuid, strAxPath))
return S_FALSE;
//////////////////////////////////////////////////////////////////////////
HMODULE hMod = LoadLibrary(strAxPath);
if (hMod)
{
PF_DllGetClassObject pDllGetClassObject = (PF_DllGetClassObject)GetProcAddress(hMod, "DllGetClassObject");
if (pDllGetClassObject)
{
CComPtr<IClassFactory> pcf ;
hRet = pDllGetClassObject(inRefClassId, IID_IClassFactory, (void**)&pcf);
*ppv = pcf.Detach();
return hRet;
}
}
return hRet;
}OK
