Hello, I'm Katayama Hirofumi MZ, a Japanese programmer.
I figure out the tech of "Microsoft Layer for Unicode".
Convert ~ to once space in the following code.
//~API~Hook
#define~WIN32_LEAN_AND_MEAN
#define~STRICT
#include~<windows.h>
#include~<windowsx.h>
#include~<tchar.h>
#include~<tlhelp32.h>
#include~<Dbghelp.h>
#pragma~comment(lib,~"Dbghelp.lib")
void~ReplaceIATEntryInOneMod(
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~PCSTR~pszModuleName,
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~PROC~pfnCurrent,
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~PROC~pfnNew,
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~HMODULE~hmodCaller)~
{
~~~~ULONG~ulSize;
~~~~PIMAGE_IMPORT_DESCRIPTOR~pImportDesc;
~~~~pImportDesc~=~(PIMAGE_IMPORT_DESCRIPTOR)ImageDirectoryEntryToData(
~~~~~~~~hmodCaller,~TRUE,~IMAGE_DIRECTORY_ENTRY_IMPORT,~&ulSize);
~~~~if~(pImportDesc~==~NULL)
~~~~~~~~return;
~~~~while(pImportDesc->Name)~{
~~~~~~~~PSTR~pszModName~=~(PSTR)~((PBYTE)~hmodCaller~+~pImportDesc->Name);
~~~~~~~~if~(lstrcmpiA(pszModName,~pszModuleName)~==~0)~
~~~~~~~~~~~~break;
~~~~~~~~pImportDesc++;
~~~~}
~~~~if~(pImportDesc->Name~==~0)
~~~~~~~~return;
~~~~PIMAGE_THUNK_DATA~pThunk~=~(PIMAGE_THUNK_DATA)~
~~~~~~~~((PBYTE)~hmodCaller~+~pImportDesc->FirstThunk);
~~~~while(pThunk->u1.Function)~{
~~~~~~~~PROC~*ppfn~=~(PROC*)~&pThunk->u1.Function;
~~~~~~~~BOOL~fFound~=~(*ppfn~==~pfnCurrent);
~~~~~~~~if~(fFound)~{
~~~~~~~~~~~~DWORD~dwDummy;
~~~~~~~~~~~~VirtualProtect(ppfn,~sizeof(ppfn),~PAGE_EXECUTE_READWRITE,~&dwDummy);
~~~~~~~~~~~~WriteProcessMemory(
~~~~~~~~~~~~~~~~GetCurrentProcess(),~ppfn,~&pfnNew,~sizeof(pfnNew),~NULL);
~~~~~~~~~~~~return;
~~~~~~~~}
~~~~~~~~pThunk++;
~~~~}
~~~~return;
}
void~ReplaceIATEntryInAllMods(
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~PCSTR~pszModuleName,~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~PROC~pfnCurrent,~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~PROC~pfnNew)~
{
~~~~HANDLE~hModuleSnap~=~CreateToolhelp32Snapshot(
~~~~~~~~TH32CS_SNAPMODULE,~GetCurrentProcessId());
~~~~if(hModuleSnap~==~INVALID_HANDLE_VALUE)
~~~~~~~~return;
~~~~MODULEENTRY32~me;
~~~~me.dwSize~=~sizeof(me);
~~~~BOOL~bModuleResult~=~Module32First(hModuleSnap,~&me);
~~~~while(bModuleResult)~{~~~~~~~~
~~~~~~~~ReplaceIATEntryInOneMod(pszModuleName,~pfnCurrent,~pfnNew,~me.hModule);
~~~~~~~~bModuleResult~=~Module32Next(hModuleSnap,~&me);
~~~~}
~~~~CloseHandle(hModuleSnap);
}
typedef~int~(WINAPI~*PFNMESSAGEBOXA)(HWND,~PCSTR,~PCSTR,~UINT);
typedef~int~(WINAPI~*PFNMESSAGEBOXW)(HWND,~PCSTR,~PCSTR,~UINT);
int~WINAPI~Hook_MessageBoxA(
~~~~~~~~~~~~~~~~~~~~~~~~~~~~HWND~hWnd,~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~PCSTR~pszText,~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~PCSTR~pszCaption,~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~UINT~uType)
{
~~~~PROC~pfnOrig~=~GetProcAddress(
~~~~~~~~GetModuleHandleA("user32.dll"),~"MessageBoxA");
~~~~int~nResult~=~((PFNMESSAGEBOXA)~pfnOrig)
~~~~~~~~(hWnd,~_T("Hook~is~succeeded!"),~_T("Hook_MessageBoxA"),~uType);
~~~~return~nResult;
}
int~WINAPI~Hook_MessageBoxW(
~~~~~~~~~~~~~~~~~~~~~~~~~~~~HWND~hWnd,~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~PCSTR~pszText,~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~PCSTR~pszCaption,~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~UINT~uType)
{
~~~~PROC~pfnOrig~=~GetProcAddress(
~~~~~~~~GetModuleHandleA("user32.dll"),~"MessageBoxW");
~~~~int~nResult~=~((PFNMESSAGEBOXA)~pfnOrig)
~~~~~~~~(hWnd,~_T("Hook~is~succeeded!"),~_T("Hook_MessageBoxW"),~uType);
~~~~return~nResult;
}
int~APIENTRY~_tWinMain(HINSTANCE~hInstance,
~~~~~~~~~~~~~~~~~~~~~~~HINSTANCE~hPrevInstance,
~~~~~~~~~~~~~~~~~~~~~~~LPTSTR~~~~lpCmdLine,
~~~~~~~~~~~~~~~~~~~~~~~int~~~~~~~nCmdShow)
{
~~~~PROC~pfnOrig;
~~~~pfnOrig~=~::GetProcAddress(
~~~~~~~~GetModuleHandleA("user32.dll"),~"MessageBoxA");
~~~~ReplaceIATEntryInAllMods(
~~~~~~~~"user32.dll",~pfnOrig,~(PROC)Hook_MessageBoxA);
~~~~pfnOrig~=~::GetProcAddress(
~~~~~~~~GetModuleHandleA("user32.dll"),~"MessageBoxW");
~~~~ReplaceIATEntryInAllMods("user32.dll",~pfnOrig,~(PROC)Hook_MessageBoxW);
~~~~MessageBox(NULL,~_T("Hook~is~failed"),~_T("Test"),~MB_OK);
~~~~return~0;
}