I tried to hook CreateFileW but when I clicked on button to start the hook. My PC was restarted.
Code: Select all
library HookFileAPIs;
{$IMAGEBASE $59800000}
uses
madCodeHook,
Windows,
Dialogs,
SysUtils,
Registry;
type
TFileRequest = record
fName : Array [0..MAX_PATH] of Char; // file name
Process1 : Array [0..MAX_PATH] of Char; // query process
end; { TFileRequest }
var
StartupFolder : String;
CreateFileWNext : function (lpFileName: PWideChar; dwDesiredAccess, dwShareMode: DWORD; lpSecurityAttributes: PSecurityAttributes; dwCreationDisposition, dwFlagsAndAttributes: DWORD; hTemplateFile: THandle): THandle; stdcall;
function CreateFileWCallback(lpFileName: PWideChar; dwDesiredAccess, dwShareMode: DWORD; lpSecurityAttributes: PSecurityAttributes; dwCreationDisposition, dwFlagsAndAttributes: DWORD; hTemplateFile: THandle): THandle; stdcall;
begin
Result :=CreateFileWNext(lpFileName, dwDesiredAccess, dwShareMode, lpSecurityAttributes, dwCreationDisposition, dwFlagsAndAttributes, hTemplateFile);
end; { CreateFileWCallback }
var
Reg : TRegistry;
begin
Reg :=TRegistry.Create;
Reg.RootKey :=HKEY_CURRENT_USER;
Reg.OpenKey('\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders', True);
StartupFolder :=LowerCase(Reg.ReadString('Startup'));
Reg.CloseKey;
Reg.Free;
HookAPI('kernel32.dll', 'CreateFileW', @CreateFileWCallback, @CreateFileWNext);
end.