I'd like to implement hook in windows shutdown when my system is running. The idea is block shutdown, log off, power off.
I'm using madCodeHook 3.1.9 commercial version.
Please, see below my code.
**************************************************************************************************************************************************************************************************************************
Code: Select all
library hShutdown;
{$IMAGEBASE $42800000}
uses
Windows,
SysUtils,
madCodeHook,
madStrings;
{$R *.res}
var
ExitWindowsExNext : function (uFlags, Reserved: dword):bool; stdcall;
InitiateSystemShutdownNextA : function (lpMachineName:LPSTR;lpMessage:LPSTR;dwTimeout:DWORD;bForceAppsClosed,bRebootAfterShutdown:bool):bool; stdcall;
InitiateSystemShutdownNextW : function (lpMachineName:LPWSTR;lpMessage:LPWSTR;dwTimeout:DWORD;bForceAppsClosed,bRebootAfterShutdown:bool):bool; stdcall;
InitiateSystemShutdownExNext : function (lpMachineName:LPSTR;lpMessage:LPSTR;dwTimeout:DWORD;bForceAppsClosed,bRebootAfterShutdown:bool;dwReason:DWORD):bool; stdcall;
function ExitWindowsExCallback(flags, reserved: dword): bool; stdcall;
begin
result := false;
SetLastError(ERROR_ACCESS_DENIED);
end;
function InitiateSystemShutdownExCallback(lpMachineName:LPSTR; lpMessage:LPSTR;dwTimeout:DWORD; bForceAppsClosed, bRebootAfterShutdown:bool; dwReason:DWORD): bool; stdcall;
begin
result := false;
SetLastError(ERROR_ACCESS_DENIED);
end;
function InitiateSystemShutdownACallback(lpMachineName:LPSTR; lpMessage:LPSTR;dwTimeout:DWORD; bForceAppsClosed, bRebootAfterShutdown:bool; dwReason:DWORD): bool; stdcall;
begin
result := false;
SetLastError(ERROR_ACCESS_DENIED);
end;
function InitiateSystemShutdownWCallback(lpMachineName:LPWSTR; lpMessage:LPWSTR;dwTimeout:DWORD; bForceAppsClosed, bRebootAfterShutdown:bool; dwReason:DWORD): bool; stdcall;
begin
result := false;
SetLastError(ERROR_ACCESS_DENIED);
end;
procedure DLLEntryPoint(Rson: dword);
begin
Try
CollectHooks;
HookAPI(user32, 'ExitWindowsEx', @ExitWindowsExCallback, @ExitWindowsExNext);
HookAPI(advapi32, 'InitiateSystemShutdownA', @InitiateSystemShutdownACallback, @InitiateSystemShutdownNextA);
HookAPI(advapi32, 'InitiateSystemShutdownW', @InitiateSystemShutdownWCallback, @InitiateSystemShutdownNextW);
HookAPI(advapi32, 'InitiateSystemShutdownEx', @InitiateSystemShutdownExCallback, @InitiateSystemShutdownExNext);
FlushHooks;
Except
On E: Exception do;
end;
end;
begin
if not Assigned(DllProc) then
begin
DLLProc := @DLLEntryPoint;
DLLEntryPoint(DLL_PROCESS_ATTACH);
end;
end.
I don't have any problem with madshi driver! The driver loaded perfectly and injection DLL as well, but the hook doesn't work at all.
what's wrong in my code?
See below my code to Loading driver to block shutdown
**********************************************************************************************************************************
Code: Select all
Program Load
.......
.......
.......
.......
procedure TForm10.Button1Click(Sender: TObject);
begin
if LoadInjectionDriver('hShutdown', 'shutdown_x86.sys', 'shutdown_x64.sys') then
begin
InjectLibrary('hShutdown', 'hshutdown.dll', [b]ALL_SESSIONS[/b], true);
end
else
begin
Showmessage('Error while loading the driver....');
close;
end;
Showmessage('Shutdown blocked....');
end;
//Unload driver and unlock shutdown
procedure TForm10.Button2Click(Sender: TObject);
begin
UninjectLibrary('hShutdown', 'hshutdown.dll', ALL_SESSIONS, true);
StopInjectionDriver('hShutdown');
Showmessage('Shutdown unlocked....');
close;
end;
..........
*******************************************************************************************************************
Who of you have any idea about of the problem? Might help-me please?
Thank you .
Kind regards,
Eli