I had little success so far. The hook doesn't seem to fire at all in 32bit applications and crash with access violation in 64bit applications.
I'm probably retrieving the method address or using HookCode incorrectly.
This is the code for Show method of FileOpenDialog interface:
Code: Select all
HRESULT __stdcall FileOpenDialogShowCallback(LPVOID This, HWND hwndOwner)
{
return (E_ACCESSDENIED);
return (
FileOpenDialogShowNext(This, hwndOwner)
);
}
#define GETINTERFACEMETHOD(pInterface, uIndex) ((PVOID) ((DWORD *) *((DWORD * ) (pInterface)))[uIndex])
HRESULT
CoCreateInstanceCallback(REFCLSID rclsid,
LPUNKNOWN pUnkOuter,
DWORD dwClsContext,
REFIID riid,
LPVOID *ppv)
{
HRESULT ret;
ret = CoCreateInstanceNext(rclsid, pUnkOuter, dwClsContext, riid, ppv);
if (ret == S_OK && rclsid == CLSID_FileOpenDialog) {
LPVOID funcPointer = (LPVOID) (((LPVOID *) (*ppv)) + 3);
HookCode(funcPointer /* GETINTERFACEMETHOD((*ppv), 3) */, FileOpenDialogShowCallback,
(PVOID *) &FileOpenDialogShowNext);
}
return (ret);
}
BOOL WINAPI
DllMain(HANDLE hModule, DWORD fdwReason, LPVOID lpReserved)
{
if (fdwReason == DLL_PROCESS_ATTACH) {
InitializeMadCHook();
HookAPI("Ole32.dll", "CoCreateInstance",
CoCreateInstanceCallback, (PVOID *) &CoCreateInstanceNext);
} else if (fdwReason == DLL_PROCESS_DETACH) {
FinalizeMadCHook();
}
return (TRUE);
}