#Forked. Make it work for Visual Studio 2013. Removed some features**
Provides abstract C++ 11 interface for various hooking methods
Technical Writeup: https://www.codeproject.com/articles/1100579/polyhook-the-cplusplus-x-x-hooking-library
#Hooking Methods*:
- Detour
- Description: Modifies opcode to jmp to hook and allocates a trampoline for jmp back
- Length Disassembler Support (Capstone)
- Supports Code Relocation, including EIP/RIP relative instructions
- Virtual Function Detour :
- Description: Detours the function pointed to by the Vtable
- Virtual Function Pointer Swap
- Description: Swaps the pointer in the Vtable to your hook
- Virtual Table Pointer Swap
- Description: Swaps the Vtable pointer after copying pointers in source Vtable, then swaps virtual function pointer in the new copy
- Import Address Table
- Description: Swaps pointer in the import address table to the hook
- VEH
-
Description: Intercepts an exception generated on purpose, sets instruction pointer to handler, then resets exception generating mechanism
-
Methods to generate exception: INT3 Breakpoints, Guard Page violations.
-
Note: it is important to call the GetProtectionObject function INSIDE of your callback as per my example for all VEH hooks
-
Other exception generation methods are in development
-
All methods support x86 and x64
-
Relies on modified capstone branch https://github.com/stevemk14ebr/capstone
-
More Information can be found at the wiki to the right
Credits to DarthTon, evolution536, Dogmatt
#Samples: The file Tests.cpp provides examples for every type of hooking method. Accompanied with these examples is unit testing code provided by the fantastic library Catch (https://github.com/philsquared/Catch/blob/master/docs/tutorial.md). With the addition of this code the example may look a little complex, the general interface is extremely simple, all hook types expose setup, hook, and unhook methods:
std::shared_ptr<PLH::Detour> Detour_Ex(new PLH::Detour);
Detour_Ex->SetupHook((BYTE*)&MessageBoxA,(BYTE*) &hkMessageBoxA); //can cast to byte* to
Detour_Ex->Hook();
oMessageBoxA = Detour_Ex->GetOriginal<tMessageBoxA>();
Detour_Ex->UnHook();
#DONATIONS: This project took a LOT of time to create. I open sourced my work because I believe that open sourcing helps everyone, commercial uses included. I'm a college student with a tight schedule, if this project helped you at all I ask you to consider donating. I promise to keep this project alive.
[] (https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=M2K8DQUNDUGMW&lc=US&item_name=PolyHook%20Donation¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted)
#LICENSE: MIT