00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013 #ifndef CATInjectionPropagate_H_
00014 #define CATInjectionPropagate_H_
00015
00016 #include "CATIntercept.h"
00017 #ifdef CAT_CONFIG_WIN32
00018
00019 #include "CATString.h"
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034 class CATInjectionPropagate : public CATIntercept
00035 {
00036 public:
00037 CATInjectionPropagate(const CATString& dllPath);
00038 virtual ~CATInjectionPropagate();
00039
00040
00041
00042
00043 CATResult HookFunctions();
00044
00045
00046 protected:
00047
00048 static void OnCreateProcessW( CATHOOK* hookInst,
00049 LPCWSTR lpApplicationName,
00050 LPWSTR lpCommandLine,
00051 LPSECURITY_ATTRIBUTES lpProcessAttributes,
00052 LPSECURITY_ATTRIBUTES lpThreadAttributes,
00053 BOOL bInheritHandles,
00054 DWORD dwCreationFlags,
00055 LPVOID lpEnvironment,
00056 LPCWSTR lpCurrentDirectory,
00057 LPSTARTUPINFO lpStartupInfo,
00058 LPPROCESS_INFORMATION lpProcessInformation);
00059
00060
00061
00062 static void ProcessFix(CATHOOK* hookInst,
00063 LPPROCESS_INFORMATION procInf);
00064
00065 static CATINTERCEPT_DLL_TABLE_ENTRY kKernel32Funcs[];
00066
00067 protected:
00068 HMODULE fKernelDLL;
00069 CATString fDLLPath;
00070 };
00071
00072 #endif // CAT_CONFIG_WIN32
00073 #endif // CATExecutionIntercept_H_