ter): Pointer;
var
Code: PImportCode;
begin
Result:= func;
if func = nil then exit;
try
Code := func;
if (Code.JumpInstruction = $25FF) then begin
Result := Code.AddressOfPointerToFunction^;
end;
except
Result := nil;
end;
end;
这样，只要用我们的函数的地址替代它就可以了。替换函数：
Procedure PermuteFunction(OldFunc:PPOinter; NewFunc:Pointer);
var
written: DWORD;
begin
WriteProcesSMemory(GetCurrentProcess, OldFunc, @NewFunc, 4, written);
end;
你新建一个Unit APIHook，把上面的函数和结构写进去并保存下来。

2.第一个程序
新建一个Application TRY1，主Form 的单元名称不妨叫TRYUnit1。把上面的Unit APIHook 加进来。再新建一个UnitMESS，添加如下代码:
unit mess;
interface
uses
Windows, Messages, SysUtils, Classes, APIHook;
procedure API_Hookup;
procedure Un_API_Hook;
var
FuncMessageboxA, FuncMessageboxW: PImportCode;
implementation
type
TMessageA = function(hwn: hwnd; lptext: pchar; lpcapion: pchar; utype: cardinal):
integer; stdcall;
TMessageW = function(hwn: hwnd; lptext: pwidechar; lpcapion: pwidechar;
utype: cardinal): integer; stdcall;
var
OldMessageBoxA: TMessageA;
OldMessageBoxW: TMessageW;
function MyBoxA(hwn:hwnd;lptext:pchar;lpcapion:pchar;utype:cardinal): integer; stdcall;
begin
result := OldMessageBoxA(hwn, 'Succes Hook A !', lpcapion, utype);
end;
function MyBoxw(hwn:hwnd;lptext:pwidechar;lpcapion:pwidechar;utype:cardinal):
integer; stdcall;
begin
result := OldMessageBoxW(hwn, '成功挂上W!', lpcapion, utype);
end;
p

欢迎访问最专业的网吧论坛,无盘论坛,网吧经营,网咖管理,网吧专业论坛 https://bbs.txwb.com 关注天下网吧微信/下载天下网吧APP/天下网吧小程序，一起来超精彩