0
NtCreateFile 함수에 연결되어 있지만 일부 오류 때문에 아닙니다. 내 코드는 입니다. 아래 두 가지 오류가 발생합니다. 1) 해결되지 않은 외부 기호 _NtCreateFile 및 2) 해결되지 않은 1 개의 외부. 도와주세요. 사전에NtCreateFile 후크 할 수 없습니다.
#include "stdafx.h"
#include "MinHook.h"
#include <Winternl.h>
#if defined _M_X64
#pragma comment(lib, "libMinHook.x64.lib")
#elif defined _M_IX86
#pragma comment(lib, "libMinHook.x86.lib")
#endif
typedef NTSTATUS(WINAPI *NtCreateFileNext)(PHANDLE FileHandle,ACCESS_MASK DesiredAccess,POBJECT_ATTRIBUTES ObjectAttributes,
PIO_STATUS_BLOCK IoStatusBlock,PLARGE_INTEGER AllocationSize,ULONG FileAttributes,
ULONG ShareAccess,ULONG CreateDisposition,ULONG CreateOptions,PVOID EaBuffer,ULONG EaLength);
NtCreateFileNext Real_NtCreateFileData = NULL;
NTSTATUS WINAPI NtCreateFileCallback(PHANDLE FileHandle,ACCESS_MASK DesiredAccess,POBJECT_ATTRIBUTES ObjectAttributes,
PIO_STATUS_BLOCK IoStatusBlock,PLARGE_INTEGER AllocationSize,ULONG FileAttributes,
ULONG ShareAccess,ULONG CreateDisposition,ULONG CreateOptions,PVOID EaBuffer,ULONG EaLength)
{
MessageBoxA(NULL,"NtCreateFile Called","Info",MB_OK);
return(FileHandle, DesiredAccess, ObjectAttributes,IoStatusBlock, AllocationSize, FileAttributes,
ShareAccess, CreateDisposition, CreateOptions, EaBuffer, EaLength);
}
BOOL APIENTRY DllMain(HMODULE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
if (MH_CreateHook(&NtCreateFile, &NtCreateFileCallback, reinterpret_cast<void**>(&Real_NtCreateFileData)) != MH_OK)
{
MessageBoxW(NULL,L"Failed CreateHook NtCreateFile",L"Info!",MB_ICONWARNING|MB_OK);
}
if (MH_EnableHook(&NtCreateFile) != MH_OK)
{
MessageBoxW(NULL,L"Failed EnableHook NtCreateFile",L"Info!",MB_ICONWARNING|MB_OK);
}
break;
case DLL_PROCESS_DETACH:
if (MH_Uninitialize() != MH_OK)
{
}
if (MH_DisableHook(&NtCreateFile) != MH_OK)
{
}
break;
}
return TRUE;
}
감사