I'm a C# programmer who's doing some reverse-engineering work and I'm having some trouble.
What I'm trying to do is to hook a library function in a remote process and log some data.
I've used API Monitor with some custom type and function definitions for an unknown library (libcef.dll) and I am able to intercept the functions that are defined.
I want to write my own application that hooks those functions. I've opted to use EasyHook in C++ as it seems simpler than having to marshal so much in C# using the managed EasyHook library.
EasyHook requires I define the function I want to hook with the correct function calling convention, identifier and parameters.
However, with the limited knowledge of C++ that I have, I'm able to convert the type definitions that I have for API Monitor (in an XML file) to C++ code which I can then use when defining the function I want to hook (which is cef_parse_url).
So the question is: How do I convert the below API Monitor type definitions (XML) to C++ code?
<ApiMonitor>
<Include Filename="Headers\common.h.xml" />
<Module Name="libcef.dll" CallingConvention="CDECL" OnlineHelp="Google">
<Variable Name="cef_string_t" Type="Struct">
<Field Type="wchar_t*" Name="str" />
<Field Type="size_t" Name="length" />
<Field Type="void*" Name="dtor" />
</Variable>
<Variable Name="const cef_string_t" Type="Alias" Base="cef_string_t" />
<Variable Name="cef_string_t*" Type="Pointer" Base="cef_string_t" />
<Variable Name="const cef_string_t*" Type="Pointer" Base="const cef_string_t" />
<Variable Name="cef_urlparts_t" Type="Struct">
<Field Type="cef_string_t" Name="spec" />
<Field Type="cef_string_t" Name="scheme" />
<Field Type="cef_string_t" Name="username" />
<Field Type="cef_string_t" Name="password" />
<Field Type="cef_string_t" Name="host" />
<Field Type="cef_string_t" Name="port" />
<Field Type="cef_string_t" Name="origin" />
<Field Type="cef_string_t" Name="path" />
<Field Type="cef_string_t" Name="query" />
</Variable>
<Variable Name="const cef_urlparts_t" Type="Alias" Base="cef_urlparts_t" />
<Variable Name="cef_urlparts_t*" Type="Pointer" Base="cef_urlparts_t" />
<Variable Name="const cef_urlparts_t*" Type="Pointer" Base="const cef_urlparts_t" />
<!-- Parse funcs -->
<Api Name="cef_parse_url">
<Param Type="const cef_string_t*" Name="url" />
<Param Type="cef_urlparts_t*" Name="parts" />
<Return Type="int" />
</Api>
</Module>
If someone could help me it would mean the world to me. I believe for someone who's intermediate in C++ would be able to easily be able to help me.
Thanks in advance!
Alright never mind.
The answer was actually quite easy. The extra definitions which made it look so complex aren't important I found.
typedef struct _cef_string_t {
wchar_t* str;
size_t length;
void(*dtor)(wchar_t* str);
} cef_string_t;
typedef struct _cef_urlparts_t {
cef_string_t spec;
cef_string_t scheme;
cef_string_t username;
cef_string_t password;
cef_string_t host;
cef_string_t port;
cef_string_t path;
cef_string_t query;
} cef_urlparts_t;
int _cdecl cef_parse_url(const cef_string_t* url, _cef_urlparts_t* parts);