def add_api_hook(self, cb, module='', api_name='', argc=0, call_conv=None, emu=None, enable_wild_cards=True): """ Add an API level hook (e.g. kernel32.CreateFile) here """ contains_wild_cards = False if enable_wild_cards: for wc in ['?', '*', '[', ']']: if wc in api_name: contains_wild_cards = True break if not emu: emu = self hook = common.ApiHook(emu, self.emu_eng, cb, module, api_name, argc, call_conv) _hooks = self.hooks.get(common.HOOK_API) api = (module + '.' + api_name).lower() if not _hooks: if not contains_wild_cards: obj = ({api: hook}, [hook, ]) else: obj = ({}, [hook, ]) self.hooks.update({common.HOOK_API: obj}) else: quick_look, wild_list = _hooks if not contains_wild_cards: quick_look.update({api: hook}) else: wild_list.append(hook)
def add_api_hook(self, cb, module='', api_name='', argc=0, call_conv=None, emu=None): """ Add an API level hook (e.g. kernel32.CreateFile) here """ if not emu: emu = self hook = common.ApiHook(emu, self.emu_eng, cb, module, api_name, argc, call_conv) hl = self.hooks.get(common.HOOK_API) if not hl: self.hooks.update({common.HOOK_API: [hook, ]}) else: hl.append(hook)
def add_api_hook(self, cb, module='', api_name='', argc=0, call_conv=None, emu=None) -> common.ApiHook: """ Add an API level hook (e.g. kernel32.CreateFile) here """ module = module.lower() api_name = api_name.lower() wildcard_module, wildcard_api = False, False for wc in ['?', '*', '[', ']']: if wc in module: wildcard_module = True if wc in api_name: wildcard_api = True if not emu: emu = self hook = common.ApiHook(emu, self.emu_eng, cb, module, api_name, argc, call_conv) _hooks: MODULE_LEVEL = self.hooks.get(common.HOOK_API) api_dictionary = ({api_name: [hook]}, wildcard_api) if not _hooks: # First addition obj = ({module: api_dictionary}, wildcard_module) else: module_dict, previous_wildcard_module = _hooks try: api_dict, previous_wildcard_api = module_dict[module] except KeyError: # The module asked is not present, so we just add the api dictionary module_dict[module] = api_dictionary else: # The module asked is present, so we can just add the hook api_dict.setdefault(api_name, []).append(hook) module_dict[module] = (api_dict, previous_wildcard_api | wildcard_api) obj = (module_dict, previous_wildcard_module | wildcard_module) self.hooks.update({common.HOOK_API: obj}) return hook