HHOOK SetWindowsHookEx(--->新建一个HOOK过程添加到HOOK链中,最后添加进去的,在HOOK链最前
int idHook, // hook type---》钩子类型
HOOKPROC lpfn, // hook procedure--》钩子过程指针
HINSTANCE hMod, // handle to application instance ---》如果是当前进程的HOOK过程,则设置为NULL
DWORD dwThreadId // thread identifier---》如果这个为0或者为不同的进程构建的HOOK过程指针,则lpfn为动态链接库中的HOOK过程
);
DWORD GetCurrentThreadId(VOID);--》获得当前线程的ID
VK_0-VK_9 键盘上的0到9
VK_A-VK_Z 键盘上的A-Z
BOOL UnhookWindowsHookEx(
HHOOK hhk // handle to hook procedure
);---》从hook链中删除某个HOOK过程
如何建立键盘HOOK和鼠标hook?
低下只显示需要添加的代码,其他的就不显示了
HHOOK g_hMouse = NULL;
HHOOK g_hKeyboard=NULL;---》定义全局变量
HWND g_hWnd=NULL;
LRESULT CALLBACK MouseProc(
int nCode, // hook code
WPARAM wParam, // message identifier
LPARAM lParam // mouse coordinates
)
{
return 1;----》屏蔽所有鼠标点击事件
}
LRESULT CALLBACK KeyboardProc(
int code, // hook code
WPARAM wParam, // virtual-key code
LPARAM lParam // keystroke-message information
)
{
// if(VK_SPACE==wParam VK_RETURN==wParam)
/* if(VK_F4==wParam && (1==(lParam>>29 & 1)))----》如何屏蔽组合键ALT+F4
return 1;
else
return CallNextHookEx(g_hKeyboard,code,wParam,lParam);*/
if(VK_F2==wParam)
{
::SendMessage(g_hWnd,WM_CLOSE,0,0);
UnhookWindowsHookEx(g_hKeyboard);
UnhookWindowsHookEx(g_hMouse);
}
return 1;
}
BOOL CInnerHookDlg::OnInitDialog()
{
g_hWnd = m_hWnd;---》获取当前句柄
g_hMouse = SetWindowsHookEx(WH_MOUSE,MouseProc,NULL,GetCurrentThreadId());
g_hKeyboard=SetWindowsHookEx(WH_KEYBOARD,KeyboardProc,NULL,GetCurrentThreadId());
return TRUE;
}
如何使用动态链接库来产生一个hook应用?
BOOL SetWindowPos (
const CWnd* pWndInsertAfter,
int x,
int y,
int cx,
int cy,
UINT nFlags );
这里使用自定义模块来实现一个动态链接库,
#include <windows.h>
HHOOK g_hMouse=NULL;
HHOOK g_hKeyboard=NULL;
HWND g_hWnd=NULL;
LRESULT CALLBACK KeyboardProc(
int code, // hook code
WPARAM wParam, // virtual-key code
LPARAM lParam // keystroke-message information
)
{
if(VK_F2==wParam)
{
SendMessage(g_hWnd,WM_CLOSE,0,0);
UnhookWindowsHookEx(g_hMouse);
UnhookWindowsHookEx(g_hKeyboard);
}
return 1;
}
LRESULT CALLBACK MouseProc(
int nCode, // hook code
WPARAM wParam, // message identifier
LPARAM lParam // mouse coordinates
)
{
return 1;
}
void SetHook(HWND hwnd)
{
g_hWnd=hwnd;
g_hMouse=SetWindowsHookEx(WH_MOUSE,MouseProc,GetModuleHandle("Hook"),0);
g_hKeyboard=SetWindowsHookEx(WH_KEYBOARD,KeyboardProc,GetModuleHandle("Hook"),0);
}
在DEF文件中写入:
LIBRARY Hook
EXPORTS
SetHook @2---》@2为序列号,由此设置
而在别处调用的时候是:
_declspec(dllimport) void SetHook(HWND hwnd);
BOOL CHookTestDlg::OnInitDialog()
{
int cxScreen,cyScreen;
cxScreen=GetSystemMetrics(SM_CXSCREEN);
cyScreen=GetSystemMetrics(SM_CYSCREEN);
SetWindowPos(&wndTopMost,0,0,cxScreen,cyScreen,SWP_SHOWWINDOW);
SetHook(m_hWnd);
return TRUE;
}
以上的代码将当前弹出的窗口失去焦点,点击F2,则无法退出页面,那么
如何让多个进程共享这个代码呢?
在命令提示符中 dumbin -headers Hook.dll 查看dll生成的节信息
将上面代码更改为:
#include <windows.h>
HHOOK g_hMouse=NULL;
HHOOK g_hKeyboard=NULL;
#pragma data_seg("MySec")
HWND g_hWnd=NULL;----》注意此处要赋值为NULL,否则在节信息里看不到节信息
#pragma data_seg()
#pragma comment(linker,"/section:MySec,RWS")--》RWS为read write share 的缩写 创建共享
创建共享节还可以再DEF文件里写入
LIBRARY Hook
EXPORTS
SetHook @2
SEGMENTS
MySec READ WRITE SHARED
BOOL WINAPI DllMain(
HINSTANCE hinstDLL, // handle to the DLL module
DWORD fdwReason, // reason for calling function
LPVOID lpvReserved // reserved
)
{
g_hInst=hinstDLL;
}
*/
HC_ACTION
LRESULT CALLBACK KeyboardProc(
int code, // hook code
WPARAM wParam, // virtual-key code
LPARAM lParam // keystroke-message information
)
{
if(VK_F2==wParam)
{
SendMessage(g_hWnd,WM_CLOSE,0,0);
UnhookWindowsHookEx(g_hMouse);
UnhookWindowsHookEx(g_hKeyboard);
}
return 1;
}
LRESULT CALLBACK MouseProc(
int nCode, // hook code
WPARAM wParam, // message identifier
LPARAM lParam // mouse coordinates
)
{
return 1;
}
void SetHook(HWND hwnd)
{
g_hWnd=hwnd;
g_hMouse=SetWindowsHookEx(WH_MOUSE,MouseProc,GetModuleHandle("Hook"),0);
g_hKeyboard=SetWindowsHookEx(WH_KEYBOARD,KeyboardProc,GetModuleHandle("Hook"),0);
}
这样即使生成的窗口失去焦点,则按F2键,则依然会将生成的窗口退出,这样就建立了多个进程共享此代码事件
如何获取动态链接库的句柄?
1.BOOL WINAPI DllMain(
HINSTANCE hinstDLL, // handle to the DLL module
DWORD fdwReason, // reason for calling function
LPVOID lpvReserved // reserved
);中包含了实例句柄,则定义一个全局变量,
HINSTANCE g_hInst;
应用如下:
BOOL WINAPI DllMain(
HINSTANCE hinstDLL, // handle to the DLL module
DWORD fdwReason, // reason for calling function
LPVOID lpvReserved // reserved
)
{
g_hInst=hinstDLL;
}
2.
HMODULE GetModuleHandle(
LPCTSTR lpModuleName // module name
);
应用如下:
GetModuleHandle("HOOK");
钩子的应用
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.