Hi Guys,
Totally new to C++ and thought i'd throw myself in at the deep end with Detours.
I'm looking to hook GetVolumeInformation and return a different filesystem name. Although i can get it to return TEST to my own simple call program, when i load it into any other it crashes!
I would be so appreciative if someone could point out my completely incorrect way of doing this
Thanks SO much!Code:#include <fstream> #include <string> #include <windows.h> #include <detours.h> #include <fcntl.h> #include <stdio.h> #include <io.h> #include <tchar.h> #pragma comment(lib,"detours.lib") HMODULE hLib = GetModuleHandle(L"Kernel32.dll"); typedef BOOL(WINAPI *HWIDPtr)(LPCTSTR lpRootPathName, LPTSTR lpVolumeNameBuffer, DWORD nVolumeNameSize, LPDWORD lpVolumeSerialNumber, LPDWORD lpMaximumComponentLength, LPDWORD lpFileSystemFlags, LPTSTR lpFileSystemNameBuffer, DWORD nFileSystemNameSize); HWIDPtr orig = (HWIDPtr)GetProcAddress(hLib, "GetVolumeInformationW"); BOOL WINAPI modif(LPCTSTR lpRootPathName, LPTSTR lpVolumeNameBuffer, DWORD nVolumeNameSize, LPDWORD lpVolumeSerialNumber, LPDWORD lpMaximumComponentLength, LPDWORD lpFileSystemFlags, LPTSTR lpFileSystemNameBuffer, DWORD nFileSystemNameSize) { BOOL retval = orig(lpRootPathName, lpVolumeNameBuffer, nVolumeNameSize, lpVolumeSerialNumber, lpMaximumComponentLength, lpFileSystemFlags, lpFileSystemNameBuffer, nFileSystemNameSize); lpFileSystemNameBuffer[0] = 'T'; lpFileSystemNameBuffer[1] = 'E'; lpFileSystemNameBuffer[2] = 'S'; lpFileSystemNameBuffer[3] = 'T'; OutputDebugString(lpFileSystemNameBuffer); return retval; } BOOL WINAPI DllMain(HINSTANCE hinst, DWORD dwReason, LPVOID reserved) { if (DetourIsHelperProcess()) { return TRUE; } if (dwReason == DLL_PROCESS_ATTACH) { DetourRestoreAfterWith(); DetourTransactionBegin(); DetourUpdateThread(GetCurrentThread()); DetourAttach(&(PVOID&)orig, modif); if (DetourTransactionCommit() == NO_ERROR) OutputDebugString(L"HOOKED"); } else if (dwReason == DLL_PROCESS_DETACH) { DetourTransactionBegin(); DetourUpdateThread(GetCurrentThread()); DetourDetach(&(PVOID&)orig, modif); DetourTransactionCommit(); } return TRUE; }
