Detours : how to hook QT applications ?
-
Hello, with Detours, one can hook any api call. In the sample "wrotei.cpp", COM interfaces can be hooked : " CreateStreamOnHGlobal(NULL, TRUE, &pStream); //... RealIStreamWrite = pStream->lpVtbl->Write; //... " But is it possible to hook QT ? Because in QT source code, there is no interfaces, just classes for example, could it be possible to hook QPushButton::event() ? : bool QPushButton::event(QEvent *e) { // code return QAbstractButton::event(e); } Thanks.
-
Hello, with Detours, one can hook any api call. In the sample "wrotei.cpp", COM interfaces can be hooked : " CreateStreamOnHGlobal(NULL, TRUE, &pStream); //... RealIStreamWrite = pStream->lpVtbl->Write; //... " But is it possible to hook QT ? Because in QT source code, there is no interfaces, just classes for example, could it be possible to hook QPushButton::event() ? : bool QPushButton::event(QEvent *e) { // code return QAbstractButton::event(e); } Thanks.
I haven't used Detours in a few years, but offhand I can think of a few problems with hooking Qt class methods. The first problem is the ABI (Application Binary Interface) used by Qt. This differs from the ABI used by Windows APIs or by COM objects, and in fact can (and does) vary between compiler implementations. The second problem is the C++ name mangling - there is no standard way of mangling names. You would have research the exported name (which might be something like QPushButton$event$QEventP$bool and might be something totally different), and do this for every function that you wish to intercept. Again, this depends on the compiler used to compile Qt. Can you give us some idea of the problem you are trying to solve? Perhaps there is a better way to do this.
-
I haven't used Detours in a few years, but offhand I can think of a few problems with hooking Qt class methods. The first problem is the ABI (Application Binary Interface) used by Qt. This differs from the ABI used by Windows APIs or by COM objects, and in fact can (and does) vary between compiler implementations. The second problem is the C++ name mangling - there is no standard way of mangling names. You would have research the exported name (which might be something like QPushButton$event$QEventP$bool and might be something totally different), and do this for every function that you wish to intercept. Again, this depends on the compiler used to compile Qt. Can you give us some idea of the problem you are trying to solve? Perhaps there is a better way to do this.
The functions are correctly exported from QtGui4.dll : bool QPushButton::event(class QEvent *) Tools like "Auto Debug Pro" can hook them. So it is certainly possible to hook them with Detours. (there is no other way to do what I'm trying to do (interact with Qt pseudo-buttons, drawn by Qt with memory instructions, from its source code))
-
The functions are correctly exported from QtGui4.dll : bool QPushButton::event(class QEvent *) Tools like "Auto Debug Pro" can hook them. So it is certainly possible to hook them with Detours. (there is no other way to do what I'm trying to do (interact with Qt pseudo-buttons, drawn by Qt with memory instructions, from its source code))
I stand by the points that I made in my first reply. You must either statically link with the Qt DLL (and can then extract a pointer to the method) or dynamically load the Qt DLL (and use GetProcAddress() with the mangled method name). IIRC, the source code for Qt is available for download. An examination of the make file would give you the compiler and compiler options used, which would give you the calling convention and the mangled name for the C++ method. You may then write a class that uses the same calling conventions, and contains a method with the same signature as the method that you wish to intercept. This should get you close enough to working code that debugging would be feasible. For example:
class QT_API MyQPushButton
{
public:
bool event( void* data )
{
// your code goes here
}
}; -
I stand by the points that I made in my first reply. You must either statically link with the Qt DLL (and can then extract a pointer to the method) or dynamically load the Qt DLL (and use GetProcAddress() with the mangled method name). IIRC, the source code for Qt is available for download. An examination of the make file would give you the compiler and compiler options used, which would give you the calling convention and the mangled name for the C++ method. You may then write a class that uses the same calling conventions, and contains a method with the same signature as the method that you wish to intercept. This should get you close enough to working code that debugging would be feasible. For example:
class QT_API MyQPushButton
{
public:
bool event( void* data )
{
// your code goes here
}
};Finally, I was wrong : I found an easier way. I just create a Qt DLL that I inject in the destination process, then I get the QWidget* from the main hWnd and I can enumerate all children from there and do what I want on any Qt pseudo-control Thanks for answers.
-
Finally, I was wrong : I found an easier way. I just create a Qt DLL that I inject in the destination process, then I get the QWidget* from the main hWnd and I can enumerate all children from there and do what I want on any Qt pseudo-control Thanks for answers.