摘要
文中介绍了API函数截获技术的原理,重点讨论了所涉及到的若干关键技术,剖析了PE文件的引入函数表格式,给出了利用钩子打破进程边界的方法,并对截获过程中存在的不稳定、效率低等问题提出了自己的解决方法。应用文中所介绍的方法,作者在某矿务系统的软件改造项目中成功地实现了基于API截获技术的实时数据采集,完成了对已有软件系统的功能升级。实践证明,API截获技术及其思想具有很强的实用性,可以解决一些常规的方法不能解决的问题,能很好地使用在诸如实时数据采集等场合。
The principle of API interception is presented with emphasis on the key techniques involved in this paper.The format of the PE file's IAT is taken apart.The technique to break process wall using hook technology is introduced.The solution to the unstability and unefficiency in interception is given.With the methods presented in this paper,the real time data collection based on API interception is realized in an upgrade software project of a mineral bureau. As proved in the practice,the API interception technology is really practical and can be used to solve some difficult problems such as real time data collection.
出处
《微机发展》
2004年第8期58-60,共3页
Microcomputer Development
关键词
截获
钩子
PE文件格式
稳定性
效率
interception
hook
PE file format
stability
efficiency
