HustDetours

代码仓库地址

https://gitee.com/xy420/hust-detours

编译环境

• Detours库编译：

使用 Microsoft Visual Studio 2022的 x64 Native Tools Command Prompt for VS 2022 。

定位路径到src目录下，然后使用 nmake /f Makefile编译。

编译之后，可以在根目录找到 Detours库相关的bin.X64、lib.X64、include这三个文件夹。

• Detours_Hook_DLL项目编译：

使用 Microsoft Visual Studio 2022打开 Detours_Hook_DLL\Detours_Hook_DLL.sln项目配置文件后编译即可。

• Qt前端项目编译

使用 Qt Creator 9.0.2 (Community) 打开 hust_detours_gui\CMakeLists.txt项目文件后编译即可（注意需要使用支持C++20标准的C++编译器，本项目使用gcc version 13.2.0 (x86_64-posix-seh-rev1, Built by MinGW-Builds project) ）。

教程

1. 下载该仓库

2. 打开 YourPath/hust_detours_gui_portable/hust_detours_gui.exe 程序

3. 点击 chose_dll_path 选择要注入的动态链接库

   ( 默认为 YourPath/Detours_Hook_DLL/x64/Debug/Detours_Hook_DLL.dll )

4. 点击 chose_withdll_exe_path 选择要使用的注入器程序

   ( 默认为 YourPath/bin.X64/withdll.exe)

5. 点击 chose_third_exe_path 选择要被注入的第三方程序

6. 点击 start 按钮

7. 结束

文件结构

• Detours_Hook_DLL 在 Visual Studio 2022环境下动态链接库的工程文件

  • ( 包含了Detours_Hook_DLL/x64/Debug/Detours_Hook_DLL.dll ，HustDetours使用的动态链接库，用于拦截相应Win api )

• HustDetours_test 测试样本文件夹

• hust_detours_gui qt前端工程文件夹

• hust_detours_gui_portable qt前端程序的可移植文件夹

  • ( 包含了 hust_detours_gui.exe ，在hust_detours_gui_portable目录下可直接运行)

• samples 微软官方提供的使用Detours库的开源样例源码

• bin.X64 在samples目录下使用nmake后编译出的可执行文件目录

  • ( 包含了 HustDetours 使用的注射器程序 withdll.exe )

可执行文件压缩包

hust_detours_gui_portable.rar（其中包括了测试样本文件夹HustDetours_test）

Microsoft Research Detours Package

Detours is a software package for monitoring and instrumenting API calls on Windows. Detours has been used by many ISVs and is also used by product teams at Microsoft. Detours is now available under a standard open source license (MIT). This simplifies licensing for programmers using Detours and allows the community to support Detours using open source tools and processes.

Detours is compatible with the Windows NT family of operating systems: Windows NT, Windows XP, Windows Server 2003, Windows 7, Windows 8, and Windows 10. It cannot be used by Windows Store apps because Detours requires APIs not available to those applications. This repo contains the source code for version 4.0.1 of Detours.

For technical documentation on Detours, see the Detours Wiki. For directions on how to build and run samples, see the samples README.txt file.

Contributing

The Detours repository is where development is done. Here are some ways you can participate in the project:

• Answer questions about using Detours.
• Improve the Wiki.
• Submit bugs and help us verify fixes and changes as they are checked in.
• Review source code changes.

Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.

When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Issues, questions, and feedback

• Open an issue on GitHub Issues.

Mailing list for announcements

The detours-announce mailing list is a low-traffic email list for important announcements about the project, such as the availability of new versions of Detours. To join it, send an email to listserv@lists.research.microsoft.com with a message body containing only the text SUBSCRIBE DETOURS-ANNOUNCE. To leave it, send an email to listserv@lists.research.microsoft.com with a message body containing only the text UNSUBSCRIBE DETOURS-ANNOUNCE.

License

Copyright (c) Microsoft Corporation. All rights reserved.

Licensed under the MIT License.