www.pudn.com > API_VC_HOOK-.rar > VxDCall.asm
;@goto translate .586P .MODEL FLAT, STDCALL OPTION CASEMAP: NONE INCLUDE WINDOWS.inc UNICODE = FALSE INCLUDE APIMACRO.mac INCLUDELIB iKERNEL32.lib INCLUDELIB iUSER32.lib INCLUDELIB iApiHooks.lib .DATA? hLog DWORD ? WClass WNDCLASS <> Place SIGN MAX_PATH+80 DUP (?) .CODE TEXT zTitle,TEXT zPress, TEXT LogName, TEXT VxDCallDll, ; TEXT ApiHooks, TEXT RegHwnd, TEXT LogTmpl, PrimaryThread: MOV EAX, DS TEST AL, 100B JE Exit ;NT? -> exit iWin32 GetCurrentProcessId iWin32 EstablishApiHooksA, sVxDCallDll, EAX TEST EAX, EAX JNE Exit iWin32i GetModuleHandle, sVxDCallDll TEST EAX, EAX JE Exit iWin32 GetProcAddress, EAX, sRegHwnd TEST EAX, EAX JE Exit MOV EDI, EAX iWin32i CreateFile, sLogName, GENERIC_WRITE, FILE_SHARE_READ,\ NULL, CREATE_ALWAYS, NULL, NULL MOV hLog, EAX INC EAX JE Exit iWin32i GetModuleHandle, NULL MOV WClass.lpfnWndProc, OFFSET WndProc MOV EBX, EAX MOV WClass.lpszClassName, sRegHwnd MOV WClass.hInstance, EAX iWin32i RegisterClass, OFFSET WClass PUSH EAX iWin32i CreateWindowEx, 0, sRegHwnd, 0, 0, 0, 0, 0, 0, 0, 0, EBX, ESP POP ECX sWin32 EDI, EAX iWin32i MessageBox, NULL, szPress, szTitle, MB_OK sWin32 EDI, 0 iWin32 CloseHandle, hLog Exit: iWin32 ExitProcess, STATUS_SUCCESS WndProc PROC CMP DWORD PTR [ESP+8], WM_COPYDATA JNE @F PUSH EBX MOV EAX, [ESP+20] MOV EBX, OFFSET Place MOV EAX, (COPYDATASTRUCT PTR [EAX]).lpData LEA ECX, [EAX+28] icWin32i wsprintf, EBX, sLogTmpl, [EAX], [EAX+4], [EAX+8], ECX, [EAX+12], [EAX+16], [EAX+20], [EAX+24] PUSH EAX MOV ECX, ESP iWin32 WriteFile, hLog, EBX, EAX, ECX, NULL POP EAX POP EBX @@: MOV EAX, TRUE RET 16 WndProc ENDP END PrimaryThread :translate @echo off ML /c /coff /nologo VxDCall.bat LINK VxDCall /nologo /ALIGN:0X1000 /SUBSYSTEM:WINDOWS /RELEASE /MERGE:.rdata=.text /IGNORE:4108,4078 DEL VxDCall.obj