高考问答冷王的腹黑王妃第二篇:在VB中如何挂钩WIN32 API函数?
来源:百度文库 编辑:高考问答 时间:2024/04/28 00:13:20
只知道在汇编里可以完成 但是在VB6能实现吗?
VB高手和汇编高手一定多指教一下!谢谢了!
妙,妙!太棒了.
三楼是把汇编的地址送到窗口去执行,
这样就可以执行任意汇编代码了.
可是我还有一个问题,CASM类的代码我还没有看懂
ASMCode里面应该有四个POP先把那四个不用的参数弹出啊,为什么一开始是Push呢? 后面要RET返回的话,也应该先把地址Pop出去才能返回啊.
希望大哥能详细的说一下 小弟感激不尽^_^
分已经提了 如果我能看懂就再提20分
'--以下代码为CASM.cls的源代码-------------------------
Private Declare Function CallByteCodeProc Lib "user32" Alias "CallWindowProcA" (ByVal lpFunc As Long, ByVal P1 As Long, ByVal P2 As Long, ByVal P3 As Long, ByVal P4 As Long) As Long
Private m_strCode As String
Private m_ByteCode() As Byte
Private Sub Class_Initialize()
m_strCode = ""
End Sub
Public Sub Add(ByVal s As String)
m_strCode = m_strCode & s
End Sub
Public Function CallAsm(Optional ByVal P1 As Long = 0, Optional ByVal P2 As Long = 0, Optional ByVal P3 As Long = 0, Optional ByVal P4 As Long = 0) As Long
Dim nLen As Long
m_strCode = Replace(m_strCode, " ", "")
nLen = Len(m_strCode) / 2
ReDim m_ByteCode(0 To nLen - 1)
For i = 0 To nLen - 1
m_ByteCode(i) = Val("&H" & Mid(m_strCode, i * 2 + 1, 2))
Next
Dim pfnAddress As Long
pfnAddress = VarPtr(m_ByteCode(0))
CallAsm = CallByteCodeProc(pfnAddress, P1, P2, P3, P4)
End Function
Public Sub ReInit()
m_strCode = ""
End Sub
'--------以下代码为测试代码,可以放入test.BAS模块文件中------------
Option Explicit
Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)
Sub MakeResult(ByVal nBig As Long, ByVal nSmall As Long, pBuff As Long)
Dim asm As New CASM
asm.Add "55" 'push ebp
asm.Add "8B EC" 'mov ebp,esp
asm.Add "53" 'push ebx ;
asm.Add "56" 'push esi ;
asm.Add "57" 'push edi ;
'---------------------------;
asm.Add "B9 00 00 00 00" ' mov ecx,0
asm.Add "8B 7D 10" ' mov edi,dword ptr [ebp+10h]
asm.Add "41" 'jlll: inc ecx
asm.Add "8B 45 08" ' mov eax,dword ptr [ebp+8]
asm.Add "99" ' cdq
asm.Add "F7 F9" ' idiv eax,ecx
asm.Add "89 07" ' mov dword ptr [edi],eax
asm.Add "83 C7 04" ' add edi,4
asm.Add "3B 4D 0C" ' cmp ecx,dword ptr [ebp+0Ch]
asm.Add "7C EF" ' jl jlll
'----------------------------
asm.Add "5F" 'pop edi ; Recover register values
asm.Add "5E" 'pop esi
asm.Add "5B" 'pop ebx
asm.Add "8B E5" 'mov esp,ebp
asm.Add "5D" 'pop ebp
asm.Add "C2 10 00" 'ret 16
asm.CallAsm nBig, nSmall, pBuff
End Sub
VB应该是可以挂钩
但是好像从来没见过用VBHookAPI的代码
你可以看看C或者Delphi的代码翻译过来
一般也是用一些API
(但是VB处理指针比较麻烦所以HookAPI有点难度)