添加日志输出。

source/hook/WeChats/Injection.cpp

@@ -17,6 +17,10 @@ m_dwPathLen(0)
 	_tcscpy_s(m_szDllPath,lpDynamicLibraryPath);
 	
 	m_hInjectProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, m_dwInjectPID);
+	if ( m_hInjectProcess == NULL)
+	{
+		WriteTextLog(_T("打开WeChat.exe进程失败"));
+	}
 	//m_hInjectProcess = OpenProcess(PROCESS_CREATE_THREAD	| PROCESS_VM_OPERATION | PROCESS_VM_WRITE, FALSE, m_dwInjectPID);
 }
 
@@ -54,10 +58,14 @@ BOOL CInjection::InjectDynamicLibrary()
 	m_dwPathLen = _tcslen(m_szDllPath)*sizeof(TCHAR)+1;
 	m_lpInjectData = VirtualAllocEx(m_hInjectProcess,NULL, m_dwPathLen, MEM_COMMIT, PAGE_READWRITE);
 	if (NULL == m_lpInjectData)
+	{
+		WriteTextLog(_T("创建WeChat.exe进程虚拟内存失败"));
 		return FALSE;
+	}
 
 	if (WriteProcessMemory(m_hInjectProcess, m_lpInjectData, m_szDllPath, m_dwPathLen, NULL) == 0)
 	{
+		// 注意：MEM_RELEASE释放时第三参数一定要为0，请查看MSDN;
 		VirtualFreeEx(m_hInjectProcess, m_lpInjectData, 0, MEM_RELEASE);
 		return FALSE;
 	}
@@ -69,6 +77,7 @@ BOOL CInjection::InjectDynamicLibrary()
 	m_hInjectThread = CreateRemoteThread(m_hInjectProcess, NULL, 0, (LPTHREAD_START_ROUTINE)lpAddr, m_lpInjectData, 0, NULL);
 	if (NULL == m_hInjectThread)
 	{
+		// 注意：MEM_RELEASE释放时第三参数一定要为0，请查看MSDN;
 		VirtualFreeEx(m_hInjectProcess, m_lpInjectData, 0, MEM_RELEASE);
 		return FALSE;
 	}
@@ -88,15 +97,30 @@ BOOL CInjection::InjectDynamicLibrary()
 BOOL CInjection::EjectDynamicLibrary()
 {
 	if(m_hInjectProcess==NULL)
-		return -1;
+		return TRUE;
 
 	// 获取模块句柄;
 	HANDLE hModule = FindModuleEx(m_szDllPath, m_dwInjectPID);
 	if (hModule == NULL )
+	{
+		WriteTextLog(_T("获取WeChat.exe进程模块hook.dll失败"));
 		return FALSE;
+	}
 
 	LPVOID lpAddr = GetProcAddress(GetModuleHandle(_T("kernel32.dll")), "FreeLibraryAndExitThread");//FreeLibraryAndExitThread//FreeLibrary
+	if (lpAddr == NULL )
+	{
+		WriteTextLog(_T("获取kernel32.dll中的FreeLibraryAndExitThread失败"));
+		return FALSE;
+	}
+
 	m_hEjectThread = CreateRemoteThread(m_hInjectProcess, NULL, 0, (LPTHREAD_START_ROUTINE)lpAddr, hModule, 0, NULL);
+	if ( m_hEjectThread == NULL )
+	{
+		WriteTextLog(_T("创建WeChat.exe远程线程（FreeLibraryAndExitThread）失败"));
+		return FALSE;
+	}
+
 	WaitForSingleObject(m_hEjectThread, INFINITE);
 
 	return TRUE;

source/hook/hook/WxGlobal.cpp

@@ -184,7 +184,6 @@ BOOL GetWxInfo(WxInfo &wxInfo)
 	EncodingConverion::DeCode_URLUTF8(szTemp,str);
 	WriteTextLog(_T("微信昵称：%s"), str.c_str());
 
-
 	_stprintf_s(szTemp, _T("%s"), dwWeChatWinAddr + 0x1131C98);
 	WriteTextLog(_T("微信手机：%s"), szTemp);
 
@@ -209,33 +208,3 @@ BOOL GetWxInfo(WxInfo &wxInfo)
 
 	return TRUE;
 }
-
-// 获取本进程的模块地址;
-HMODULE FindModuleEx(LPCTSTR lpModuleName)
-{
-	HMODULE hMods[1024] = {0};
-	DWORD cbNeeded = 0;
-	TCHAR szModName[MAX_PATH];
-	BOOL Wow64Process;
-
-	HANDLE hProcess = ::GetCurrentProcess();
-	IsWow64Process(hProcess, &Wow64Process); //判断是32位还是64位进程
-	if ( EnumProcessModulesEx(hProcess, hMods, sizeof(hMods), &cbNeeded, Wow64Process?LIST_MODULES_32BIT:LIST_MODULES_64BIT) )
-	{
-		for (UINT i = 0; i < (cbNeeded / sizeof(HMODULE)); i++ )
-		{
-			GetModuleFileNameEx(hProcess, hMods[i], szModName, _countof(szModName));
-			
-			WriteTextLog(szModName);
-			if (_tcsicmp(lpModuleName, szModName) == 0)
-			{
-				CloseHandle(hProcess);
-				return hMods[i];
-			}
-		}
-	}
-
-	CloseHandle(hProcess);
-
-	return NULL;
-}

source/hook/hook/WxGlobal.h

@@ -137,6 +137,5 @@ extern HMODULE g_hCurModule;
 extern void WriteTextLog(const TCHAR *format, ...);
 extern void WriteTextLogW(const WCHAR *format, ...);
 extern BOOL GetWxInfo(WxInfo &wxInfo);
-extern HMODULE FindModuleEx(LPCTSTR lpModuleName);
 
 #endif