home *** CD-ROM | disk | FTP | other *** search
/ Reverse Code Engineering RCE CD +sandman 2000 / ReverseCodeEngineeringRceCdsandman2000.iso / RCE / Tools / Win95 Secrets / SETUP.Z / APISPY32.C < prev    next >
Encoding:
C/C++ Source or Header  |  1995-07-19  |  2.1 KB  |  97 lines
  1. //==================================
  2. // APISPY32 - Matt Pietrek 1995
  3. // FILE: APISPY32.C
  4. //==================================
  5. #include <windows.h>
  6. #pragma hdrstop
  7. #include "intrcpt.h"
  8. #include "loadapis.h"
  9. #include "log.h"
  10. #include "return.h"
  11. #include "w32ssupp.h"
  12.  
  13. BOOL InitializeAPISpy32(void);
  14. BOOL ShutDownAPISpy32(void);
  15.  
  16. HINSTANCE HInstance;
  17. BOOL FChicago = FALSE;
  18.  
  19. #if defined(__BORLANDC__)
  20. #define DllMain DllEntryPoint
  21. #endif
  22.  
  23. INT WINAPI DllMain
  24. (
  25.     HANDLE hInst,
  26.     ULONG ul_reason_being_called,
  27.     LPVOID lpReserved
  28. )
  29. {
  30.     // OutputDebugString("In APISPY32.C\r\n");
  31.     
  32.     switch (ul_reason_being_called)
  33.     {
  34.         case DLL_PROCESS_ATTACH:
  35.             HInstance = hInst;
  36.             FChicago = (BOOL)((GetVersion() & 0xC0000000) == 0xC0000000);
  37.  
  38.             if ( InitializeAPISpy32() == FALSE )
  39.                 return 0;
  40.             if ( InitThreadReturnStack() == FALSE )
  41.                 return 0;
  42.             break;
  43.  
  44.         case DLL_THREAD_ATTACH:
  45.             if ( InitThreadReturnStack() == FALSE )
  46.                 return 0;
  47.             break;
  48.  
  49.         case DLL_THREAD_DETACH:
  50.             if ( ShutdownThreadReturnStack() == FALSE )
  51.                 return 0;
  52.             break;
  53.  
  54.         case DLL_PROCESS_DETACH:
  55.             ShutDownAPISpy32();
  56.             
  57.             if ( ShutdownThreadReturnStack() == FALSE )
  58.                 return 0;
  59.             break;
  60.     }
  61.  
  62.     return 1;
  63. }
  64.  
  65. BOOL InitializeAPISpy32(void)
  66. {
  67.     HMODULE hModExe;
  68.     DWORD moduleBase;
  69.  
  70.     if ( LoadAPIConfigFile() == FALSE )
  71.         return FALSE;
  72.  
  73.     if ( OpenLogFile() == FALSE )
  74.         return FALSE;
  75.     
  76.     hModExe = GetModuleHandle(0);
  77.     if ( !hModExe )
  78.         return FALSE;
  79.     
  80.     if ( (GetVersion() & 0xC0000000) == 0x80000000 )    // Win32s???
  81.         moduleBase = GetModuleBaseFromWin32sHMod(hModExe);
  82.     else
  83.         moduleBase = (DWORD)hModExe;
  84.             
  85.     if ( !moduleBase )
  86.         return FALSE;
  87.     
  88.     return InterceptFunctionsInModule( (HMODULE)moduleBase );
  89. }
  90.  
  91. BOOL ShutDownAPISpy32(void)
  92. {
  93.     CloseLogFile();
  94.     
  95.     return TRUE;
  96. }
  97.