Features and advantages特点和优势 1. 1。Can hook function that starts with jump instructions.可不可以帮我开始,随着跳指示功能。 Most other simple API/code hook technic can not hook functions that first several instructions include jump instructions such like jmp, jcc (jump if condition is met), call, jecxz, etc.大多数其他简单的API /代码不能钩钩技术功能指令前几个指令包括跳,jcc如jmp(跳若病情是碰到过的)、电话、jecxz等。 CodeHook can rewrite those instructions in a safe way and continue hooking.CodeHook能够改写这些指令在一个安全的方式,继续挂钩。 The only instructions that can prevent CodeHook from hooking are ret and iret, which indicate the function end is met and the function is too short to hook.唯一可以阻止CodeHook指令的海运和iret从挂钩是结束,提示功能就会和功能太短,钩上。
2. 2。Very easy to use.非常容易使用。 CodeHook not only supports raw mode code hooking, it also supports advanced hooking.CodeHook不仅支持原始模式代码挂钩、它也支持先进挂钩。 CodeHook can generate "bridge code" that connects your hook code to the target code.CodeHook代码可以产生“桥”连接你的钩子代码到目标代码。 Thus you only need to writer hook code in a unique form (unique prototype functions) rather than writting different hook code for different target.这样,你只需要作家钩子代码以一种独特的形式(功能)而不是独特的原型写作不同钩子代码为不同的目标。 The typical hook prototype is,原型是典型的钩, Delphi syntax: function HookCallback(AHandle: TCodeHookHandle; AParams: PCodeHookParamAccessor): Cardinal; CallingConvertion;HookCallback德尔福句法:AHandle:TCodeHookHandle功能;(AParams:PCodeHookParamAccessor CallingConvertion):基数;; C++ syntax: DWORD CallingConvertion HookCallback(TCodeHookHandle AHandle, PDWORD AParams);c++语法HookCallback(TCodeHookHandle DWORD CallingConvertion:AHandle AParams,PDWORD); This feature makes it possible to use one hook function to hook multiple functions. 这个特点使得它可以用一只钩函数钩等多种功能。See the Delphi sample code. 看到德尔菲示例代码。And this is how I do in the new Denomo package.这就是我如何做,在新的Denomo包裹。 And even better, both of the hook and target functions can have various calling conventions. 甚至更好,两个钩和目标函数可以有各种各样的调用约定。The calling conventions now supported are stdcall (used by Windows APIs), cdecl (used by C), and register call (used by Delphi).现在支持是调用约定使用stdcall窗户(api),cdecl(C),以及所使用的电话(用Delphi登记)。
3. 3。Very flexible.高度的灵活性。 CodeHook separates your hook function from the target function. 你CodeHook分离钩函数从目标函数。Your hook function can fully replace the target function, or call old target function in the hook function in any time you want.你可以完全取代钩函数的目标函数,或称为大目标函数在钩子函数在任何时候你想。 And even more flexible, you can easily modify the parameters before passing them to the old target function.甚至更加灵活,你能简单地修改这个参数之前,通过他们的旧的目标函数。
4. 4。Can be used by any program language which can use a DLL.可以使用任何语言编程技术,使得他们可以充分利用一个DLL。 Though CodeHook is written in Delphi, the CHook.dll can be used by any other languages such like C++. 虽然CodeHook被写在德尔菲,CHook.dll都可以用别的语言如C + +。In fact CodeHook has sample code that written in Delphi and C++. 事实上CodeHook示例代码,写在了德尔菲法和c++。The sample C++ code can be compiled by VC6 and Borland C++ 5.5 or C++ Builder (BCB).样品的c++代码可以座上客,宝兰了卡巴有时候也出现了c++ 5.5或C + + Builder(经验)。
5. 5。Free and open source.免费的,也是开源的。 The license is MPL.是MPL的许可证。
6. 6。More feature will come soon.更多的功能将会来临。 CodeHook was made to use in Denomo (a memory leak detection tool), so it now only supports in-process hooking. CodeHook被使用在Denomo(一个内存泄漏检测工具),所以现在只支持过程挂钩。But inter-process hooking and DLL injection will be added in the near future versions.但进程间挂钩和DLL注入将补充说:在不久的将来的版本。
CodeHook itself has been verified that it can be compiled by Delphi 7 and Delphi 2007. CodeHook本身就已经证实可以写成采用德尔7和德尔菲2007年。It should but not must be able to be compiled by Delphi 6, Delphi 2005, and Delphi 2006.它应该做的,但不是必须在6、德尔菲德尔菲座上客,2005年,和德尔菲2006年。 CHook.dll can be used by any language that supports DLL, pointer, and data structure.CHook.dll可以使用任何语言,它支持DLL,指针,和数据结构。
