l2cc - это длл голдфинча,
сервер старсэйдж
проверял на других серверах без защиты - работает идеально
Fasm (.exe)
Код:
format pe gui 4.0
entry start
include 'win32a.inc'
section '.data' data readable writeable
Dll_Name db 'Hook.dll',0
msg db 'good',0
section '.code' code readable executable
start:
invoke GetModuleHandleA,Dll_Name
invoke SetWindowsHookExA,WH_KEYBOARD,Hooking,eax,0
invoke MessageBoxA,0,msg,msg,MB_OK
invoke ExitProcess,0
section '.idata' import data readable writeable
library kernel32,'kernel32.dll',\
user32,'user32.dll',\
Hook,'Hook.dll'
import kernel32,\
ExitProcess,'ExitProcess',\
GetModuleHandleA,'GetModuleHandleA',\
CreateThread,'CreateThread'
import user32,\
MessageBoxA,'MessageBoxA',\
SetWindowsHookExA,'SetWindowsHookExA'
import Hook,\
Hooking,'Hooking'
Fasm (.dll)
Код:
format PE GUI 4.0 DLL
entry DllEntryPoint
include 'win32a.inc'
section '.data' data readable writeable
DllName db 'l2cc.dll',0
section '.code' code readable executable
proc DllEntryPoint hinstDLL,fdwReason,lpvReserved
invoke DisableThreadLibraryCalls,[hinstDLL]
invoke LoadLibraryA,DllName
mov eax,1
ret
endp
;=========================================================
proc Hooking
start:
invoke GetModuleHandleA,DllName
ret
endp
;==========================================================
section '.idata' import data readable writeable
library kernel32,'kernel32.dll'
import kernel32,\
GetModuleHandleA,'GetModuleHandleA',\
LoadLibraryA,'LoadLibraryA',\
DisableThreadLibraryCalls,'DisableThreadLibraryCalls'
;==========================================================
section '.edata' export data readable
export 'Hook.DLL',\
Hooking,'Hooking'
dd 0
section '.reloc' fixups data discardable