问题描述
嘿伙计们,
我被困住了。出于某种原因,我需要在Windows 8上阻止文件系统的复制功能。直到Windows 7,ShFileOperation& CopyFile用来做技巧。但是,在Windows 8中,由于我可以通过API监视器进行扫描,因此使用了一个新的API:CopyFile2来完成这项工作。所以我需要绕开CopyFile2。
我尝试使用Detour 2.x& 3.x沿着Windows SDK 6.x,7.x和Win8 SDK。以下是代码片段 -
Hey Guys,
I am stuck. For some reason, I need to block Copy feature of the file system on Windows 8. Till Windows 7, ShFileOperation & CopyFile used to do trick. However, with Windows 8, as I could scan through API monitor, a new API: CopyFile2, has been used to do the job. So I need to detour CopyFile2.
I tried doing this using Detour 2.x & 3.x along windows SDK 6.x, 7.x and Win8 SDK. Following is the code snippet -
HRESULT (WINAPI *Trampoline_CopyFile2)(PCWSTR pwszExistingFileName, PCWSTR pwszNewFileName, COPYFILE2_EXTENDED_PARAMETERS *pExtendedParameters) = CopyFile2;
HRESULT WINAPI Detour_CopyFile2(PCWSTR pwszExistingFileName, PCWSTR pwszNewFileName, COPYFILE2_EXTENDED_PARAMETERS *pExtendedParameters)
{
OutputDebugString(L"Inside TrozenCopyFile...");
return Trampoline_CopyFile2(pwszExistingFileName, pwszNewFileName, pExtendedParameters);
}
//Attaching Detour
DetourAttach( &(PVOID&)Trampoline_CopyFile2, (PVOID)Detour_CopyFile2);
DetourAttach返回0(成功),但我没有接到对蹦床功能的调用。我知道我的dll正在加载资源管理器,因为其他API正在绕道而行 - 我也在ProcessExplorer中检查了它。
微软Detour Library是否支持win8 API?如果是的话,我做错了吗?如果不是,我是否应该将此作为错误报告?
帮助我们......对于任何甚至可以暗示我的人来说都是满分......
--------------------------------------- --------------------------------------------------
此外,我创建了一个示例应用程序调用CopyFile2。我的Dll正在加载并且DetourAttach返回0.但是,我仍然无法获得Detour_CopyFile2的痕迹
- Varun
DetourAttach returns 0(Successful), but I do not receive call to my Trampoline function. I know my dll is getting loaded in Explorer because other APIs are getting detoured - and I have checked it in ProcessExplorer too.
Does microsoft Detour Library support win8 APIs? If yes, am I doing anything wrong? If No, shall I report this as a bug?
Help me guys... Full points to anybody who can even hint me...
-----------------------------------------------------------------------------------------
Further more, I create a sample application calls CopyFile2. My Dll is getting loaded and DetourAttach is returning 0. However, I am still unable to get traces to Detour_CopyFile2
-- Varun
推荐答案
HRESULT WINAPI CopyFile2(
_In_ PCWSTR pwszExistingFileName,
_In_ PCWSTR pwszNewFileName,
_In_opt_ COPYFILE2_EXTENDED_PARAMETERS *pExtendedParameters
);
HRESULT (WINAPI *Trampoline_CopyFile2(PCWSTR pwszExistingFileName, PCWSTR pwszNewFileName, COPYFILE2_EXTENDED_PARAMETERS *pExtendedParameters)) = new CopyFile2();
HRESULT WINAPI Detour_CopyFile2(PCWSTR pwszExistingFileName, PCWSTR pwszNewFileName, COPYFILE2_EXTENDED_PARAMETERS *pExtendedParameters)
{
OutputDebugString(L"Inside TrozenCopyFile...");
return Trampoline_CopyFile2(pwszExistingFileName, pwszNewFileName, pExtendedParameters);
}
//Attaching Detour
DetourAttach( &(PVOID&)Trampoline_CopyFile2, (PVOID)Detour_CopyFile2);
这篇关于CopyFile2没有绕道而行的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!