Luc*_*ani 5 c# methods hook detours managed
我有一个密封类,在程序集中有一个公共方法,我想添加一个日志系统,但不幸的是我没有源代码。因此,我尝试在特定的日志记录方法上绕过此方法,并在退出时调用原始方法。挂钩工作正常,但我无法获取任何类型的参数,或者至少我得到了完全错误的东西。
我也不能使用任何类型的注入或像 PostSharp 这样的库,所以我想知道这种东西是否可以在运行时以某种方式实现,或者我可以放弃吗?
为了给您提供更多详细信息,我将在下面粘贴一些代码部分:
public Hook(Delegate target, Delegate hook)
{
  this.target = Marshal.GetFunctionPointerForDelegate(target);
  targetDelegate = target;
  this.hook = Marshal.GetFunctionPointerForDelegate(hook);
  originalBytes = new byte[6];
  Marshal.Copy(this.target, originalBytes, 0, 6);
  byte[] hookPointerBytes = BitConverter.GetBytes(this.hook.ToInt32());
  // Jump
  newBytes = new byte[]
  {
    0x68, hookPointerBytes[0], hookPointerBytes[1], hookPointerBytes[2], hookPointerBytes[3], 0xC3
  };
}
public object CallOriginal(params object[] args)
{
  // Remove the patch
  Uninstall();
  // Invoke the original method
  object ret = targetDelegate.DynamicInvoke(args);
  // Re-apply the patch
  Install();
  return ret;
}
public sealed class Foo
{
    public void DoSomething(Int32 value1)
    {
      // and here I am getting value1 = -1919988997
      Console.WriteLine(value1);
    }
}
class Program
{
    [UnmanagedFunctionPointer(CallingConvention.Cdecl)]
    public delegate void DoSomethingDelegate(Int32 value1);
    private static DoSomethingDelegate Original { get; set; }
    private static DoSomethingDelegate Hooked { get; set; }
    private static HookManager _hookManager;
    public static void DoSomething(Int32 value1)
    {
      // This is called as well after foo.DoSomething but value1 is 251934152
      Console.WriteLine("Hooked DoSomething: " + value1) ;
      var hook = _hook["DoSomethingHook"];
      // Call the original Foo.DoSomething
      hook.CallOriginal(value1);
    }
    static void Main(string[] args)
    {
      RuntimeHelpers.PrepareMethod(typeof(Foo).GetMethod("DoSomething").MethodHandle);
      _hookManager = new HookManager();
      var originalPointer = typeof(Foo).GetMethod("DoSomething").MethodHandle.GetFunctionPointer();
      Original = (DoSomethingDelegate)Marshal.GetDelegateForFunctionPointer(originalPointer, typeof(DoSomethingDelegate));
      Hooked = DoSomething;
      _hookManager.Add(Original, Hooked, "DoSomethingHook");
      // Call Hook method, HookManager it is just an extended dictionary...
      _hookManager.InstallAll();
      var foo = new Foo();
      // Calling the original method here with 1
      foo.DoSomething(1);
      Console.ReadLine();
    }
}
已解决,Marshal.GetFunctionPointerForDelegate:我无法使用此方法从函数指针创建委托到另一个托管委托。
  this.target = target.Method.MethodHandle.GetFunctionPointer(); //Marshal.GetFunctionPointerForDelegate(target);
  targetDelegate = target;
  this.hook = hook.Method.MethodHandle.GetFunctionPointer(); //Marshal.GetFunctionPointerForDelegate(hook);
| 归档时间: | 
 | 
| 查看次数: | 7240 次 | 
| 最近记录: |