www.pudn.com > API_VC_HOOK-.rar > DIOC.asm
;@GOTO TRANSLATE .586P .MODEL FLAT, STDCALL OPTION CASEMAP: NONE INCLUDE WINDOWS.inc UNICODE = FALSE INCLUDE APIMACRO.mac INCLUDE ApiHooks.inc INCLUDELIB iKERNEL32.lib INCLUDELIB iUSER32.lib ;------------------------------------------------------------------ .DATA hLog HANDLE INVALID_HANDLE_VALUE FileSize DWORD 0 RecSize EQU 0C3H MAX_FILE_SIZE EQU 1000*RecSize TEXTA KERNEL32,TEXTA DeviceIoControl, TEXT DIOtext, TEXT OutPart, TEXT Failed, TEXT Succeeded, TEXT LogName, .DATA? Place ACHAR 4096 DUP (?) .CODE DllMain PROC DllHandle, Reason, pContext MOV EAX, Reason CMP EAX, DLL_PROCESS_ATTACH JE Attach CMP EAX, DLL_PROCESS_DETACH JE Detach Success: MOV EAX, TRUE RET Attach: CMP hLog, INVALID_HANDLE_VALUE JNE Success iWin32i CreateFile, sLogName, GENERIC_WRITE, FILE_SHARE_READ,\ NULL, CREATE_ALWAYS, NULL, NULL MOV hLog, EAX JMP Success Detach: iWin32 CloseHandle, hLog MOV hLog, INVALID_HANDLE_VALUE JMP Success DllMain ENDP ;------------------------------------------------------------------ NewDeviceIoControl PROC hDevice, dwIoControlCode, lpInBuffer, nInBuffer,\ lpOutBuffer, nOutBuffer, lpbytesReturned,\ lpOverlapped LOCAL Written : DWORD CMP FileSize, MAX_FILE_SIZE JB @F LEAVE iWin32j DeviceIoControl @@: iWin32i wsprintf, OFFSET Place, sDIOtext, dwIoControlCode, hDevice, lpInBuffer, nInBuffer, lpOutBuffer, nOutBuffer LEA ECX, Written iWin32 WriteFile, hLog, OFFSET Place, EAX, ECX, NULL LEA ECX, Written iWin32 WriteFile, hLog, lpInBuffer, nInBuffer, ECX, NULL iWin32 DeviceIoControl, hDevice, dwIoControlCode, lpInBuffer, nInBuffer, lpOutBuffer, nOutBuffer, lpbytesReturned, lpOverlapped PUSHp EAX, EAX LEA ECX, Written iWin32 WriteFile, hLog, sOutPart, LOutPart, ECX, NULL LEA ECX, Written iWin32 WriteFile, hLog, lpOutBuffer, nOutBuffer, ECX, NULL POP EAX MOV EDX, sFailed TEST EAX, EAX MOV EAX, LFailed JE @F MOV EDX, sSucceeded MOV EAX, LSucceeded @@: LEA ECX, Written iWin32 WriteFile, hLog, EDX, EAX, ECX, NULL ADD FileSize, RecSize POP EAX RET NewDeviceIoControl ENDP ;------------------------------------------------------------------ BeginHooks DIOC MkHook ,, DeviceIoControl EndHooks ;------------------------------------------------------------------ END DllMain :TRANSLATE @ECHO OFF ML /c /coff /nologo DIOC.bat LINK3 DIOC /nologo /DLL /EXPORT:DIOC,@1,NONAME /SUBSYSTEM:WINDOWS /MERGE:.idata=.text /MERGE:.rdata=.text /IGNORE:4078 /BASE:0X77770000 DEL DIOC.obj DEL DIOC.exp DEL DIOC.lib