/* IAT Hooking by h1web. */
/* Thanks to Ashkbiz Danehkar. */
BOOL HookIAT(char* szModule, char* szFunc, DWORD dwOwn, DWORD dwOrg)
{
    DWORD dwBase = (DWORD)GetModuleHandle(NULL);
    PIMAGE_DOS_HEADER pDosHdr = (PIMAGE_DOS_HEADER)dwBase;
    PIMAGE_NT_HEADERS pNTHdr = (PIMAGE_NT_HEADERS)(dwBase + pDosHdr->e_lfanew);
    DWORD ImportData = (DWORD)pNTHdr->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress;
    PIMAGE_IMPORT_DESCRIPTOR pImportD = (PIMAGE_IMPORT_DESCRIPTOR)(dwBase + ImportData);
    while(pImportD->Name != 0)
    {
        if(!strcmp((char*)(dwBase + pImportD->Name), szModule))
            break;
        pImportD++;
    }
    if(pImportD->Name == 0) return FALSE;
    PIMAGE_THUNK_DATA pThunk = (PIMAGE_THUNK_DATA)(dwBase + pImportD->FirstThunk);
    DWORD OrgFunc = (DWORD)GetProcAddress(GetModuleHandle(szModule), szFunc);
    while(pThunk->u1.Function != 0)
    {
        if(pThunk->u1.Function == OrgFunc)
        {
            dwOrg = OrgFunc;
            DWORD dwOldProt = 0;
            VirtualProtect((void*)&pThunk->u1.Function, 4, PAGE_EXECUTE_READWRITE, &dwOldProt);
            pThunk->u1.Function = dwOwn;
            VirtualProtect((void*)&pThunk->u1.Function, 4, dwOldProt, &dwOldProt);
            if(pThunk->u1.Function == dwOwn)
                return TRUE;
            else
                return FALSE;
        }
        pThunk++;
    }
    return FALSE;
}