blob: bff53f891b6db614cd5a9266d2fe1f9a54e54e27 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
#include <Security/RuntimeSecurity.hpp>
#include <UserExperience/UserInterface.hpp>
// Global accessor to security instance.
Security::RuntimeSecurityPtr Protection = std::make_unique<Security::RuntimeSecurity>();
namespace Security
{
decltype(&MessageBoxA) oMessageBox;
int __stdcall Hooked_MessageBox(HWND Window, char *Message, char *Caption, uint32_t Type)
{
// TODO: Replace this with a Syscall so we cannot get hooked.
MEMORY_BASIC_INFORMATION Query;
if(!VirtualQuery(_ReturnAddress(), &Query, sizeof MEMORY_BASIC_INFORMATION))
ExitProcess(0);
HMODULE ReturnModule = (HMODULE)Query.AllocationBase;
if (ReturnModule != GetModuleHandleA(0))
ExitProcess(0);
return oMessageBox(Window, Message, Caption, Type);
}
bool RuntimeSecurity::Start()
{
if(MH_Initialize() != MH_OK)
return false;
MH_CreateHook(&MessageBoxA, Hooked_MessageBox, (void **)&oMessageBox);
MH_EnableHook(&MessageBoxA);
return true;
}
}
|
