1 BOOL GetProcHookStatus(LPCSTR lpModuleName, LPCSTR lpProcName) 2 { 3 HMODULE hModule = GetModuleHandleA(lpModuleName); 4 if (NULL == hModule) 5 { 6 hModule = LoadLibraryA(lpModuleName); 7 if (NULL == hModule) 8 return -1; 9 } 10 11 FARPROC farProc = GetProcAddress(hModule, lpProcName); 12 if (NULL == farProc) 13 return -1; 14 15 BYTE buffer[5] = {}; 16 if (!ReadProcessMemory(GetCurrentProcess(), farProc, &buffer, 5, NULL)) 17 return -1; 18 19 if (buffer[0] == 0x8B && buffer[1] == 0xFF && buffer[2] == 0x55 && buffer[3] == 0x8B && buffer[4] == 0xEC) 20 return FALSE; 21 if (buffer[0] == 0xEB || buffer[0] == 0xE9 || buffer[0] == 0xEA) 22 return TRUE; 23 24 return -1; 25 }
相关文章: