├── ClearTempFile.bat
├── Inject3.dpr
├── Inject3.dproj
├── InjectDllRemote.groupproj
├── README-English.md
├── README.md
├── RemoteInjectDll.dpr
├── RemoteInjectDll.dproj
├── TestExe.dpr
├── TestExe.dproj
├── hookMsgDll.dpr
├── hookMsgDll.dproj
├── ufrmHookMsg.dfm
├── ufrmHookMsg.pas
├── ufrmTest.dfm
├── ufrmTest.pas
└── unitHook.pas
/ClearTempFile.bat:
--------------------------------------------------------------------------------
1 | del *.stat;*.drc;*.identcache;*.skincfg;*.res;*.local;*.map;*.~*;*.dcu;*.bak;*.scc;*.ddp;*.#*;*.rsm /s
--------------------------------------------------------------------------------
/Inject3.dpr:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/pzx521521/DllHookInject/bfa6d6f7a0d2b5bb320852d2f61f201bf2041a88/Inject3.dpr
--------------------------------------------------------------------------------
/Inject3.dproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | {BF5A4F77-1334-4E59-9BF4-687417BA405F}
4 | Inject3.dpr
5 | 18.4
6 | True
7 | Release
8 | Console
9 | None
10 | DCC32
11 | Win32
12 | 1
13 | Win32
14 |
15 |
16 | true
17 |
18 |
19 | true
20 | Base
21 | true
22 |
23 |
24 | true
25 | Base
26 | true
27 |
28 |
29 | true
30 | Cfg_2
31 | true
32 | true
33 |
34 |
35 | false
36 | false
37 | .\$(Config)\$(Platform)
38 | .\$(Config)\$(Platform)
39 | false
40 | false
41 | 00400000
42 | false
43 | Inject3
44 | 2052
45 | CompanyName=;FileDescription=;FileVersion=1.0.0.0;InternalName=;LegalCopyright=;LegalTrademarks=;OriginalFilename=;ProductName=;ProductVersion=1.0.0.0;Comments=
46 | System;Xml;Data;Datasnap;Web;Soap;Winapi;$(DCC_Namespace)
47 | $(BDS)\bin\delphi_PROJECTICON.ico
48 | $(BDS)\bin\delphi_PROJECTICNS.icns
49 |
50 |
51 | .\
52 | 3
53 | DEBUG;EUREKALOG;EUREKALOG_VER6;$(DCC_Define)
54 | false
55 | true
56 |
57 |
58 | RELEASE;$(DCC_Define)
59 | 0
60 | false
61 | 0
62 |
63 |
64 | false
65 |
66 |
67 |
68 | MainSource
69 |
70 |
71 | Cfg_2
72 | Base
73 |
74 |
75 | Base
76 |
77 |
78 | Cfg_1
79 | Base
80 |
81 |
82 |
83 |
84 |
85 | Delphi.Personality.12
86 |
87 |
88 |
89 |
90 | False
91 | False
92 | 1
93 | 0
94 | 0
95 | 0
96 | False
97 | False
98 | False
99 | False
100 | False
101 | 2052
102 | 936
103 |
104 |
105 |
106 |
107 | 1.0.0.0
108 |
109 |
110 |
111 |
112 |
113 | 1.0.0.0
114 |
115 |
116 |
117 | Inject3.dpr
118 |
119 |
120 | TestExe.exe E:\Meine_Project\1delphi\Hook\hookMsgDll.dll
121 |
122 |
123 |
124 | False
125 | True
126 |
127 |
128 | 12
129 |
130 |
131 |
132 |
616 |
--------------------------------------------------------------------------------
/InjectDllRemote.groupproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | {A1C71CA7-A8D6-4D8A-8A53-85F7B42668C5}
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 | Default.Personality.12
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
--------------------------------------------------------------------------------
/README-English.md:
--------------------------------------------------------------------------------
1 | # Dll Inject Example
2 |
3 | ### Outline
4 |
5 | + 1. There is just someting copy form blog or others website....
6 |
7 | + 2. There are 2 funciton for injecting dll to exe
8 |
9 | + 2.1 NtCreateThreadExProc(Inject3.dpr)
10 | + 2.2 CreateRemoteThread(RemoteInjectDll.dpr)
11 |
12 | + 3. Inject3.dpr only working in Debug... windows' Permission
13 |
14 | + 4. InjectDllRemote.dpr working good without Debug
15 |
16 | + 5. hookMsgDll.dpr is the injected dll, Blocking some functions inside:
17 |
18 | ```
19 | Hook[0] := TNtHookClass.Create('user32.dll', 'MessageBoxA', @NewMessageBoxA);
20 | Hook[1] := TNtHookClass.Create('user32.dll', 'MessageBeep', @NewMessageBeep);
21 | Hook[2] := TNtHookClass.Create('user32.dll', 'MessageBoxW', @NewMessageBoxW);
22 | Hook[3] := TNtHookClass.Create('kernel32.dll', 'OpenProcess', @NewOpenProcess);
23 | Hook[4] := TNtHookClass.Create('kernel32.dll', 'GetLocalTime', @NewGetLocalTime);
24 | ```
25 |
26 | + 5.1 delphi'fucntion Showmessage&MessageDlg will not uses the windows' MessageBoxW/MessageBoxA, Must pay attention here!!!
27 | + 5.2 pay attention -> all Blocked funciton must have the mark: stdcall
28 |
29 | + 6. TestExe.dpr is the test program, it vertify 5
30 |
31 | ### How to test it
32 |
33 | + 1. Writen all function you wana blocked , make the dll(hookMsgDll.dpr)
34 | + 2. make the TestExe be Injected (TestExe.dpr)
35 | + 3. Choose a Inject Mathod:(Inject3.dpr/InjectDllRemote.dpr) 2 by 1, build The the program, and inject hookMsgDll to TestExe for blocking
36 | + 4. click the button in TestExe to vertify whether the TestExe is blocked
37 |
38 | ### About Debug
39 |
40 | + you can put the dll&TestExe in a group, then in dllRun->load process->process input the path of TestExe
41 | + and then uses:(Inject3.dpr/InjectDllRemote.dpr) for injecting
42 |
43 |
44 | 
45 | 
46 | 
47 |
48 |
49 |
50 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Dll 注入示例
2 |
3 | #### 兼容xe10
4 | ### 说明
5 |
6 | + 1. 网上的较乱, 这里只是整理了一下
7 |
8 | + 2. 采用了2中注入方式
9 |
10 | + 2.1 NtCreateThreadExProc(Inject3.dpr)
11 | + 2.2 CreateRemoteThread(RemoteInjectDll.dpr)
12 |
13 | + 3. Inject3.dpr 仅在debug下有效, 权限问题, 暂时未解决
14 |
15 | + 4. InjectDllRemote.dpr 不会出现该权限问题
16 |
17 | + 5. hookMsgDll.dpr 为要注入的dll, 里面拦截了几个函数:
18 |
19 | ```
20 | Hook[0] := TNtHookClass.Create('user32.dll', 'MessageBoxA', @NewMessageBoxA);
21 | Hook[1] := TNtHookClass.Create('user32.dll', 'MessageBeep', @NewMessageBeep);
22 | Hook[2] := TNtHookClass.Create('user32.dll', 'MessageBoxW', @NewMessageBoxW);
23 | Hook[3] := TNtHookClass.Create('kernel32.dll', 'OpenProcess', @NewOpenProcess);
24 | Hook[4] := TNtHookClass.Create('kernel32.dll', 'GetLocalTime', @NewGetLocalTime);
25 | ```
26 |
27 | + 5.1 delphi的Showmessage和MessageDlg 都是不会调用windows的MessageBoxW/MessageBoxA的, 这里困扰我很长时间
28 | + 5.2 注意拦截的函数必须声明 stdcall
29 |
30 | + 6. TestExe.dpr 为测试工程, 里面验证了 5
31 |
32 | ### 打开顺序
33 |
34 | + 1. 写好拦截的函数, 编译dll(hookMsgDll.dpr)
35 | + 2. 写好验证的Exe, 用于被注入(TestExe.dpr)
36 | + 3. 选择注入方式:(Inject3.dpr/InjectDllRemote.dpr)二选一, 编译并把 hookMsgDll 注入到 TestExe 中 实现拦截
37 | + 4. 点击TestExe中的按钮进行验证
38 |
39 | ### 关于调试
40 |
41 | + 可以把dll和TestExe 放在一起为一个group, 同时打开, 然后在dll中Run->load process->process中输入TestExe的路径
42 | + 然后使用:(Inject3.dpr/InjectDllRemote.dpr)注入即可
43 |
44 |
45 | 
46 | 
47 | 
48 |
49 |
50 |
--------------------------------------------------------------------------------
/RemoteInjectDll.dpr:
--------------------------------------------------------------------------------
1 | program RemoteInjectDll;
2 |
3 | uses
4 | Forms,
5 | ufrmHookMsg in 'ufrmHookMsg.pas' {frmHookMsg},
6 | unitHook in 'unitHook.pas';
7 |
8 | {$R *.res}
9 |
10 | begin
11 | Application.Initialize;
12 | Application.MainFormOnTaskbar := True;
13 | Application.CreateForm(TfrmHookMsg, frmHookMsg);
14 | Application.Run;
15 | end.
16 |
--------------------------------------------------------------------------------
/RemoteInjectDll.dproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | {A8B6C943-D1A3-45AA-8570-4672DC5E0F6B}
4 | RemoteInjectDll.dpr
5 | 18.4
6 | True
7 | Release
8 | Application
9 | VCL
10 | DCC32
11 | Win32
12 | 1
13 | Win32
14 |
15 |
16 | true
17 |
18 |
19 | true
20 | Base
21 | true
22 |
23 |
24 | true
25 | Base
26 | true
27 |
28 |
29 | true
30 | Cfg_2
31 | true
32 | true
33 |
34 |
35 | false
36 | false
37 | .\$(Config)\$(Platform)
38 | .\$(Config)\$(Platform)
39 | false
40 | false
41 | 00400000
42 | false
43 | RemoteInjectDll
44 | Vcl;Vcl.Imaging;Vcl.Touch;Vcl.Samples;Vcl.Shell;System;Xml;Data;Datasnap;Web;Soap;Winapi;$(DCC_Namespace)
45 | 2052
46 | CompanyName=;FileDescription=;FileVersion=1.0.0.0;InternalName=;LegalCopyright=;LegalTrademarks=;OriginalFilename=;ProductName=;ProductVersion=1.0.0.0;Comments=
47 |
48 |
49 | 3
50 | .\
51 | DEBUG;EUREKALOG;EUREKALOG_VER6;$(DCC_Define)
52 | true
53 | false
54 |
55 |
56 | RELEASE;$(DCC_Define)
57 | 0
58 | false
59 | 0
60 |
61 |
62 | false
63 |
64 |
65 |
66 | MainSource
67 |
68 |
69 |
70 |
71 |
72 |
73 | Cfg_2
74 | Base
75 |
76 |
77 | Base
78 |
79 |
80 | Cfg_1
81 | Base
82 |
83 |
84 |
85 |
86 |
87 | Delphi.Personality.12
88 |
89 |
90 |
91 |
92 | True
93 | False
94 | 1
95 | 0
96 | 0
97 | 0
98 | False
99 | False
100 | False
101 | False
102 | False
103 | 2052
104 | 936
105 |
106 |
107 |
108 |
109 | 1.0.0.0
110 |
111 |
112 |
113 |
114 |
115 | 1.0.0.0
116 |
117 |
118 |
119 | RemoteInjectDll.dpr
120 |
121 |
122 | TestExe.exe E:\Meine_Project\1delphi\Hook\hookMsgDll.dll
123 |
124 |
125 | Microsoft Office 2000 Sample Automation Server Wrapper Components
126 | Microsoft Office XP Sample Automation Server Wrapper Components
127 |
128 |
129 |
130 | False
131 | True
132 |
133 |
134 |
135 | 12
136 |
137 |
138 |
139 |
623 |
--------------------------------------------------------------------------------
/TestExe.dpr:
--------------------------------------------------------------------------------
1 | program TestExe;
2 |
3 | uses
4 | Forms,
5 | ufrmTest in 'ufrmTest.pas' {frmTest};
6 |
7 | {$R *.res}
8 |
9 | begin
10 | Application.Initialize;
11 | Application.MainFormOnTaskbar := True;
12 | Application.CreateForm(TfrmTest, frmTest);
13 | Application.Run;
14 | end.
15 |
--------------------------------------------------------------------------------
/TestExe.dproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | {F643F4C8-8D3D-4D28-8289-593C93E43B69}
4 | TestExe.dpr
5 | 18.4
6 | True
7 | Release
8 | Application
9 | VCL
10 | DCC32
11 | Win32
12 | 1
13 | Win32
14 |
15 |
16 | true
17 |
18 |
19 | true
20 | Base
21 | true
22 |
23 |
24 | true
25 | Base
26 | true
27 |
28 |
29 | true
30 | Cfg_2
31 | true
32 | true
33 |
34 |
35 | false
36 | false
37 | .\$(Config)\$(Platform)
38 | .\$(Config)\$(Platform)
39 | false
40 | false
41 | 00400000
42 | false
43 | TestExe
44 | Vcl;Vcl.Imaging;Vcl.Touch;Vcl.Samples;Vcl.Shell;System;Xml;Data;Datasnap;Web;Soap;Winapi;$(DCC_Namespace)
45 | 2052
46 | CompanyName=;FileDescription=;FileVersion=1.0.0.0;InternalName=;LegalCopyright=;LegalTrademarks=;OriginalFilename=;ProductName=;ProductVersion=1.0.0.0;Comments=
47 |
48 |
49 | true
50 | DEBUG;$(DCC_Define)
51 | .\
52 | 3
53 | false
54 | true
55 |
56 |
57 | RELEASE;$(DCC_Define)
58 | 0
59 | false
60 | 0
61 |
62 |
63 | false
64 |
65 |
66 |
67 | MainSource
68 |
69 |
70 |
71 |
72 |
73 | Cfg_2
74 | Base
75 |
76 |
77 | Base
78 |
79 |
80 | Cfg_1
81 | Base
82 |
83 |
84 |
85 |
86 |
87 | Delphi.Personality.12
88 |
89 |
90 |
91 |
92 | True
93 | False
94 | 1
95 | 0
96 | 0
97 | 0
98 | False
99 | False
100 | False
101 | False
102 | False
103 | 2052
104 | 936
105 |
106 |
107 |
108 |
109 | 1.0.0.0
110 |
111 |
112 |
113 |
114 |
115 | 1.0.0.0
116 |
117 |
118 |
119 | TestExe.dpr
120 |
121 |
122 |
123 | False
124 | True
125 |
126 |
127 | 12
128 |
129 |
130 |
131 |
615 |
--------------------------------------------------------------------------------
/hookMsgDll.dpr:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/pzx521521/DllHookInject/bfa6d6f7a0d2b5bb320852d2f61f201bf2041a88/hookMsgDll.dpr
--------------------------------------------------------------------------------
/hookMsgDll.dproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | {7D98697A-3AAA-4856-9585-DE85B25D76B0}
4 | hookMsgDll.dpr
5 | 18.4
6 | True
7 | Release
8 | Library
9 | None
10 | DCC32
11 | Win32
12 | 1
13 | Win32
14 |
15 |
16 | true
17 |
18 |
19 | true
20 | Base
21 | true
22 |
23 |
24 | true
25 | Base
26 | true
27 |
28 |
29 | true
30 | Cfg_2
31 | true
32 | true
33 |
34 |
35 | false
36 | false
37 | .\$(Config)\$(Platform)
38 | .\$(Config)\$(Platform)
39 | false
40 | false
41 | true
42 | 00400000
43 | false
44 | hookMsgDll
45 | 2052
46 | System;Xml;Data;Datasnap;Web;Soap;Winapi;$(DCC_Namespace)
47 | CompanyName=;FileDescription=;FileVersion=1.0.0.0;InternalName=;LegalCopyright=;LegalTrademarks=;OriginalFilename=;ProductName=;ProductVersion=1.0.0.0;Comments=
48 |
49 |
50 | DEBUG;$(DCC_Define)
51 | .\
52 | 3
53 | false
54 | true
55 |
56 |
57 | RELEASE;$(DCC_Define)
58 | 0
59 | false
60 | 0
61 |
62 |
63 | false
64 |
65 |
66 |
67 | MainSource
68 |
69 |
70 |
71 | Cfg_2
72 | Base
73 |
74 |
75 | Base
76 |
77 |
78 | Cfg_1
79 | Base
80 |
81 |
82 |
83 |
84 |
85 | Delphi.Personality.12
86 |
87 |
88 |
89 |
90 | True
91 | False
92 | 1
93 | 0
94 | 0
95 | 0
96 | False
97 | False
98 | False
99 | False
100 | False
101 | 2052
102 | 936
103 |
104 |
105 |
106 |
107 | 1.0.0.0
108 |
109 |
110 |
111 |
112 |
113 | 1.0.0.0
114 |
115 |
116 |
117 | hookMsgDll.dpr
118 |
119 |
120 |
121 | False
122 | True
123 |
124 |
125 | 12
126 |
127 |
128 |
129 |
613 |
--------------------------------------------------------------------------------
/ufrmHookMsg.dfm:
--------------------------------------------------------------------------------
1 | object frmHookMsg: TfrmHookMsg
2 | Left = 0
3 | Top = 0
4 | Caption = 'frmHookMsg'
5 | ClientHeight = 134
6 | ClientWidth = 227
7 | Color = clBtnFace
8 | Font.Charset = DEFAULT_CHARSET
9 | Font.Color = clWindowText
10 | Font.Height = -11
11 | Font.Name = 'Tahoma'
12 | Font.Style = []
13 | OldCreateOrder = False
14 | PixelsPerInch = 96
15 | TextHeight = 13
16 | object Label1: TLabel
17 | Left = 16
18 | Top = 8
19 | Width = 48
20 | Height = 13
21 | Caption = #36827#31243#21517#23383
22 | end
23 | object Label2: TLabel
24 | Left = 16
25 | Top = 48
26 | Width = 15
27 | Height = 13
28 | Caption = 'Dll:'
29 | end
30 | object EditName: TEdit
31 | Left = 88
32 | Top = 5
33 | Width = 121
34 | Height = 21
35 | TabOrder = 0
36 | Text = 'TestExe.exe'
37 | end
38 | object EditDll: TEdit
39 | Left = 88
40 | Top = 45
41 | Width = 121
42 | Height = 21
43 | TabOrder = 1
44 | Text = 'hookMsgDll.dll'
45 | end
46 | object Inject: TButton
47 | Left = 16
48 | Top = 93
49 | Width = 193
50 | Height = 25
51 | Caption = 'Inject'
52 | TabOrder = 2
53 | OnClick = InjectClick
54 | end
55 | end
56 |
--------------------------------------------------------------------------------
/ufrmHookMsg.pas:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/pzx521521/DllHookInject/bfa6d6f7a0d2b5bb320852d2f61f201bf2041a88/ufrmHookMsg.pas
--------------------------------------------------------------------------------
/ufrmTest.dfm:
--------------------------------------------------------------------------------
1 | object frmTest: TfrmTest
2 | Left = 0
3 | Top = 0
4 | Caption = 'frmTest'
5 | ClientHeight = 299
6 | ClientWidth = 635
7 | Color = clBtnFace
8 | Font.Charset = DEFAULT_CHARSET
9 | Font.Color = clWindowText
10 | Font.Height = -11
11 | Font.Name = 'Tahoma'
12 | Font.Style = []
13 | OldCreateOrder = False
14 | PixelsPerInch = 96
15 | TextHeight = 13
16 | object btnShowmessage: TButton
17 | Left = 152
18 | Top = 104
19 | Width = 113
20 | Height = 25
21 | Caption = 'btnShowmessage'
22 | TabOrder = 0
23 | OnClick = btnShowmessageClick
24 | end
25 | object btnMessageDlg: TButton
26 | Left = 336
27 | Top = 104
28 | Width = 137
29 | Height = 25
30 | Caption = 'btnMessageDlg'
31 | TabOrder = 1
32 | OnClick = btnMessageDlgClick
33 | end
34 | object Button1: TButton
35 | Left = 336
36 | Top = 160
37 | Width = 137
38 | Height = 25
39 | Caption = 'btnMessageDlg'
40 | TabOrder = 2
41 | OnClick = Button1Click
42 | end
43 | object Button2: TButton
44 | Left = 344
45 | Top = 216
46 | Width = 75
47 | Height = 25
48 | Caption = 'Button2'
49 | TabOrder = 3
50 | OnClick = Button2Click
51 | end
52 | end
53 |
--------------------------------------------------------------------------------
/ufrmTest.pas:
--------------------------------------------------------------------------------
1 | unit ufrmTest;
2 |
3 | interface
4 |
5 | uses
6 | Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
7 | Dialogs, StdCtrls;
8 |
9 | type
10 | TfrmTest = class(TForm)
11 | btnShowmessage: TButton;
12 | btnMessageDlg: TButton;
13 | Button1: TButton;
14 | Button2: TButton;
15 | procedure btnMessageDlgClick(Sender: TObject);
16 | procedure btnShowmessageClick(Sender: TObject);
17 | procedure Button1Click(Sender: TObject);
18 | procedure Button2Click(Sender: TObject);
19 | private
20 | { Private declarations }
21 | public
22 | { Public declarations }
23 | end;
24 |
25 | var
26 | frmTest: TfrmTest;
27 |
28 | implementation
29 |
30 | {$R *.dfm}
31 |
32 | procedure TfrmTest.btnMessageDlgClick(Sender: TObject);
33 | begin
34 | MessageDlg('MessageDlgClick', mtWarning, [mbOK], 0);
35 | end;
36 |
37 | procedure TfrmTest.btnShowmessageClick(Sender: TObject);
38 | begin
39 | ShowMessage('ShowmessageClick');
40 |
41 | end;
42 |
43 | procedure TfrmTest.Button1Click(Sender: TObject);
44 | begin
45 | MessageBoxW(Self.Handle, PChar('Text'), PChar('Caption'), MB_OKCANCEL)
46 | end;
47 |
48 | procedure TfrmTest.Button2Click(Sender: TObject);
49 | var
50 | aGetTime: TDateTime;
51 | begin
52 | aGetTime := Now;
53 | ShowMessage(DateTimeToStr(aGetTime))
54 | end;
55 |
56 | end.
57 |
--------------------------------------------------------------------------------
/unitHook.pas:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/pzx521521/DllHookInject/bfa6d6f7a0d2b5bb320852d2f61f201bf2041a88/unitHook.pas
--------------------------------------------------------------------------------