ChangMinYang Posted December 29, 2008 Share Posted December 29, 2008 (edited) expandcollapse popup; Add the hook and save the "handle" to the hook, we need this to change the hook later on global $regptr = DllCallbackRegister( "_ApiHookLog" , "int" , "ptr" ) global $hook = _ApiHookAdd( "Shell32.dll" , "ShellExecuteExW" , $regptr ) ;; Lets try ShellExecute something ShellExecute( FileOpenDialog( "All files", "" , "All files (*.*)" ) ) ; Change back to the original ShellExecute _ApiHookDel( $hook ) Func _ApiHookLog( $ptr ) ; SHELLEXECUTEINFO struct Local $SHELLEXECUTEINFO = DllStructCreate( "dword;ulong;hwnd;ptr;ptr;ptr;ptr;int;ptr;ptr;ptr;ptr;dword;ptr;ptr;" , $ptr ) Local $wstring = DllStructCreate( "wchar[255]" , DllStructGetData( $SHELLEXECUTEINFO , 5 ) ) Local $confirm = MsgBox( 0x1 , "Shellexecute hook" , "AutoIt tried to shellexecute: " & DllStructGetData( $wstring , 1 ) & @CRLF & "Allow this?" ) If $confirm Then ;Referred <= Dim $return[4] = [ $itd , $callBackReg , $orig , $NewProcAddress ] DllStructSetData( $hook[0] , 1 , $hook[2] ) DllCallbackFree( $regptr ) $regptr = DllCallbackRegister( "_ApiHookLog" , "int" , "ptr" ) $hook[1] = $regptr DllStructSetData( $hook[0] , 1 , $hook[3] ) EndIf $wstring = 0 $SHELLEXECUTEINFO = 0 Return 0 EndFunc How to allow/continue 'stopped Api call by hook'? "DllStructSetData( $hook[0] , 1 , $hook[2] )" nothing happened ... Edited December 29, 2008 by GoodMan Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now