aboutsummaryrefslogtreecommitdiff
path: root/NorthstarDedicatedTest/hooks.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'NorthstarDedicatedTest/hooks.cpp')
-rw-r--r--NorthstarDedicatedTest/hooks.cpp34
1 files changed, 33 insertions, 1 deletions
diff --git a/NorthstarDedicatedTest/hooks.cpp b/NorthstarDedicatedTest/hooks.cpp
index 3de8d483..e5ea0cb6 100644
--- a/NorthstarDedicatedTest/hooks.cpp
+++ b/NorthstarDedicatedTest/hooks.cpp
@@ -1,10 +1,12 @@
#include "pch.h"
#include "hooks.h"
#include "hookutils.h"
+#include "sigscanning.h"
#include <wchar.h>
#include <iostream>
#include <vector>
+#include <filesystem>
typedef HMODULE(*LoadLibraryExAType)(LPCSTR lpLibFileName, HANDLE hFile, DWORD dwFlags);
HMODULE LoadLibraryExAHook(LPCSTR lpLibFileName, HANDLE hFile, DWORD dwFlags);
@@ -12,9 +14,15 @@ HMODULE LoadLibraryExAHook(LPCSTR lpLibFileName, HANDLE hFile, DWORD dwFlags);
typedef HMODULE(*LoadLibraryExWType)(LPCWSTR lpLibFileName, HANDLE hFile, DWORD dwFlags);
HMODULE LoadLibraryExWHook(LPCWSTR lpLibFileName, HANDLE hFile, DWORD dwFlags);
+typedef BOOLEAN(*PDLL_INIT_ROUTINE)(PVOID DllHandle, ULONG Reason, PCONTEXT Context);
+typedef BOOLEAN(*LdrpCallInitRoutineType)(PDLL_INIT_ROUTINE EntryPoint, PVOID BaseAddress, ULONG Reason, PVOID Context);
+BOOLEAN LdrpCallInitRoutineHook(PDLL_INIT_ROUTINE EntryPoint, PVOID BaseAddress, ULONG Reason, PVOID Context);
+
LoadLibraryExAType LoadLibraryExAOriginal;
LoadLibraryExWType LoadLibraryExWOriginal;
+LdrpCallInitRoutineType LdrpCallInitRoutineHookOriginal;
+
void InstallInitialHooks()
{
if (MH_Initialize() != MH_OK)
@@ -23,6 +31,9 @@ void InstallInitialHooks()
HookEnabler hook;
ENABLER_CREATEHOOK(hook, &LoadLibraryExA, &LoadLibraryExAHook, reinterpret_cast<LPVOID*>(&LoadLibraryExAOriginal));
ENABLER_CREATEHOOK(hook, &LoadLibraryExW, &LoadLibraryExWHook, reinterpret_cast<LPVOID*>(&LoadLibraryExWOriginal));
+
+ void* LdrpCallInitRoutine = FindSignature("ntdll.dll", "\x48\x89\x5C\x24\x00\x44\x89\x44\x24\x00\x48\x89\x54\x24", "xxxx?xxxx?xxxx");
+ ENABLER_CREATEHOOK(hook, LdrpCallInitRoutine, &LdrpCallInitRoutineHook, reinterpret_cast<LPVOID*>(&LdrpCallInitRoutineHookOriginal));
}
// dll load callback stuff
@@ -32,16 +43,18 @@ struct DllLoadCallback
std::string dll;
DllLoadCallbackFuncType callback;
bool called;
+ bool preinit;
};
std::vector<DllLoadCallback*> dllLoadCallbacks;
-void AddDllLoadCallback(std::string dll, DllLoadCallbackFuncType callback)
+void AddDllLoadCallback(std::string dll, DllLoadCallbackFuncType callback, bool preinit)
{
DllLoadCallback* callbackStruct = new DllLoadCallback;
callbackStruct->dll = dll;
callbackStruct->callback = callback;
callbackStruct->called = false;
+ callbackStruct->preinit = preinit;
dllLoadCallbacks.push_back(callbackStruct);
}
@@ -84,4 +97,23 @@ HMODULE LoadLibraryExWHook(LPCWSTR lpLibFileName, HANDLE hFile, DWORD dwFlags)
}
return moduleAddress;
+}
+
+BOOLEAN LdrpCallInitRoutineHook(PDLL_INIT_ROUTINE EntryPoint, PVOID BaseAddress, ULONG Reason, PVOID Context)
+{
+ char fullModulePath[MAX_PATH] = { 0 };
+ GetModuleFileNameA((HMODULE)BaseAddress, fullModulePath, sizeof(fullModulePath));
+
+ std::string name = std::filesystem::path(fullModulePath).filename().string();
+
+ for (auto& callbackStruct : dllLoadCallbacks)
+ {
+ if (!callbackStruct->called && callbackStruct->preinit && name == callbackStruct->dll)
+ {
+ callbackStruct->callback((HMODULE)BaseAddress);
+ callbackStruct->called = true;
+ }
+ }
+
+ return LdrpCallInitRoutineHookOriginal(EntryPoint, BaseAddress, Reason, Context);
} \ No newline at end of file