www.pudn.com > API_VC_HOOK-.rar > Unhook.c

#if _MSC_VER > 1000 
#pragma once 
#endif 
 
#define WIN32_LEAN_AND_MEAN 
 
#include  
#include "ApiHooks.h" 
 
 
 
BOOL APIENTRY DllMain( HANDLE hModule,  
                       DWORD  ul_reason_for_call,  
                       LPVOID lpReserved 
					 ) 
{ 
    switch (ul_reason_for_call) 
	{ 
		case DLL_PROCESS_ATTACH: 
		case DLL_THREAD_ATTACH: 
		case DLL_THREAD_DETACH: 
		case DLL_PROCESS_DETACH: 
			break; 
    } 
    return TRUE; 
}; 
 
 
ADDR_CONTENTS AddrAndValue[3]; 
API_UNHOOK UnhookGetVersion = {3,0,AddrAndValue}; 
 
 
void __stdcall UnhookApi(PAPI_UNHOOK unhook) { 
	UINT i; 
	ULONG OldAttr; 
	for(i = 0; i < unhook->CurNoAddr; ++i) 
      if(VirtualProtect(unhook->WhereWhat[i].ReturnWhere, sizeof(DWORD), PAGE_READWRITE, &OldAttr)) 
	  { *unhook->WhereWhat[i].ReturnWhere = unhook->WhereWhat[i].ReturnWhat; 
        VirtualProtect(unhook->WhereWhat[i].ReturnWhere, sizeof(DWORD), OldAttr, &OldAttr); 
	  };	 
} 
 
 
DWORD WINAPI NewGetVersion(void) { 
	static counter = 0; 
	if(++counter > 10) MessageBox(NULL, "Not Unhooked!", "Unhook", MB_OK); 
	else if (counter == 10)  {  
	      UnhookApi(&UnhookGetVersion); 
          MessageBox(NULL, "Unhooked?", "Unhook", MB_OK); 
		  } 
	return (GetVersion()); 
} 
 
__declspec(dllexport) API_HOOK ApiHookChain[2] = { 
{"KERNEL32.DLL","GetVersion", HOOK_ALL, ALL_MODULES, &UnhookGetVersion, NewGetVersion}, 
{HOOKS_END} 
};