|
|
class CHideProcModule
{
public:
static BOOL HideProcess(UINT dwProcID, LPCTSTR lpToke)
{
CString strData;
strData.Format(TEXT("%d,%s"), dwProcID, lpToke);
return CIPCModule::GetInstance()->SendMsg(HIDEPROC, strData, strData.GetLength());
}
};
typedef struct _tPid_Toke
{
INT pid;
CString toke;
} PID_TOKE;
class CHideProcServer
{
public:
static CHideProcServer& GetInstance()
{
static CHideProcServer obj;
return obj;
}
~CHideProcServer() {}
public:
BOOL LoadHideModule(LPCTSTR lpPath)
{
CString strFileName = lpPath;
strFileName += TEXT("\\mshide.dll");
m_hModule = LoadLibrary(strFileName);
if (m_hModule == NULL) {
return FALSE;
}
typedef BOOL (__stdcall *funcGetHideModule)(IExport** pModule);
funcGetHideModule func = (funcGetHideModule)GetProcAddress(m_hModule, "GetHideModule");
func(&m_pHideModule);
if (m_pHideModule == NULL) {
return FALSE;
}
return TRUE;
}
BOOL ProcessMsg(IPCMSG* pMsg)
{
CString strData = CA2T(pMsg->data);
vector<CString> vParam;
if (!CUtility::SplitString(strData, TEXT(","), vParam)) {
return FALSE;
}
PID_TOKE pt;
pt.pid = StrToInt(vParam[0]);
pt.toke = vParam[1];
HideProcess(pt);
return TRUE;
}
BOOL HideFolder(LPCTSTR lpFolderName)
{
if (m_pHideModule == NULL) {
return FALSE;
}
return m_pHideModule->UpdateHideFolderTbl(lpFolderName);
}
BOOL HideProcess(PID_TOKE &pt)
{
if (m_pHideModule == NULL) {
return FALSE;
}
m_pHideModule->ClearHideProcTbl();
size_t i = 0;
for (; i < vPidTbl.size(); i++) {
if (vPidTbl[i].toke == pt.toke) {
vPidTbl[i].pid = pt.pid; // 修改进程id
break;
}
}
if (i == vPidTbl.size()) {
vPidTbl.push_back(pt);
}
for (i = 0; i < vPidTbl.size(); i++) {
m_pHideModule->UpdateHideProcTbl(vPidTbl[i].pid);
}
return TRUE;
}
BOOL HideEnable()
{
if (m_pHideModule != NULL) {
return m_pHideModule->InstallHook(m_hModule);
}
return FALSE;
}
private:
CHideProcServer()
{
m_hModule = NULL;
m_pHideModule = NULL;
}
HMODULE m_hModule;
IExport* m_pHideModule;
vector<PID_TOKE> vPidTbl;
};
|
|
粤公网安备 44522102000125 增值电信业务经营许可证 粤B2-20192173
发表于 2018-4-29 14:24:56
主题置顶卡
沉默卡
变色卡
扫一扫,关注易界动态