說明:
1.只爲了學習Hook技術。
2.只針對QQ2004Preview版。
3.只監視Ctrl+Enter。
4.先打開QQ聊天對話框
5.在文本框裏輸入尾巴信息。
6.點擊“開啓QQ尾巴”。
7.使用Ctrl+Enter發送QQ消息。
8.請大家不要用於惡意行爲!
============JoeCom=====
Dll:
library HookDll;
{ Important note about DLL memory management: ShareMem must be the
first unit in your library's USES clause AND your project's (select
Project-View Source) USES clause if your DLL exports any procedures or
functions that pass strings as parameters or function results. This
applies to all strings passed to and from your DLL--even those that
are nested in records and classes. ShareMem is the interface unit to
the BORLNDMM.DLL shared memory manager, which must be deployed along
with your DLL. To avoid using BORLNDMM.DLL, pass string information
using PChar or ShortString parameters. }
uses
SysUtils,Windows,Messages,
Classes;
const
IDC_RICHEDIT = 894;
var
hProc,hKey : Hwnd;
{$R *.res}
// 獲得窗口文本
function GetWndText(hWnd: HWND): String;
Var
Ret:LongInt;
mText:PChar;
Buf:Integer;
begin
Ret:=SendMessage(hWnd,WM_GETTEXTLENGTH,0,0)+1;
GetMem(mText,Ret);
try
Buf:=LongInt(mText);
SendMessage(hWnd,WM_GETTEXT,Ret,Buf);
Result:=StrPas(mText);
finally
FreeMem(mText,Ret);
end;
end;
// 發送文本到窗口
procedure SetWndText(hWnd: HWND; Text: String);
Var
//Ret:LongInt;
mText:PChar;
Buf:Integer;
begin
GetMem(mText,Length(Text));
StrCopy(mText,PChar(Text));
try
Buf:=LongInt(mText);
SendMessage(hWnd,WM_SETTEXT,0,Buf);
finally
FreeMem(mText,Length(Text));
end;
end;
//發送自己的尾巴消息
procedure SendMyTailText(Handle:Hwnd);
var
Msg:String;
begin
Msg:=GetWndText(Handle);
Msg:=Msg+#13+#10+'我中了自己的QQ尾巴,不要打我哦'
+#13+#10+'歡迎光臨喬康軟件工作室http://joecom.blogone.net';
SetWndText(Handle,Msg);
end;
Function FindQQ:hwnd;
var
hQQ : hwnd;
begin
Result :=0;
//查找QQ
hQQ := FindWindowEx(0, //Parent
0, //Child
'#32770', //窗口類名通過Spy++或者MiniSpy都可以查到
nil //窗口Caption
);
//循環查找
While (hQQ <> 0) do //and (hSend = 0)
begin
if (Pos('聊天中',GetWndText(hQQ))>0) or
(Pos('發送消息',GetWndText(hQQ))>0) or
(Pos('羣',GetWndText(hQQ))>0) then
begin
result := hQQ;
exit;
end;
//查找QQ
hQQ := FindWindowEx(0, //Parent
hQQ, //Child
'#32770', //窗口類名通過Spy++或者MiniSpy都可以查到
nil //窗口Caption
);
end;
end;
function CallWndProc(Handle,Msg,wParam,lParam:longint):LRESULT; stdcall;
var
hRichText,hQQ,hChild : Hwnd;//QQ輸入消息框的Handle
begin
Result:=0;
hQQ := FindQQ;
if hQQ=0 then exit;
hChild := GetDlgItem(hQQ,0); //發送窗口所在的子窗口
//hSend := GetDlgItem(hChild,1); //發送按鈕的句柄
Handle := GetDlgItem(hChild,0);
hRichText := GetDlgItem(hChild, 894);
if (Handle=hChild) and (Msg=WM_COMMAND) and (LOWORD(wParam)=1) then
SendMyTailText(hRichText);
result:=CallNextHookEx(hProc, Msg,wParam,lParam);
end;
//截獲Ctrl+Enter
function KeyboardProc(iCode:Integer;
WParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
const VK_S = $53;
var
hRichText,hSend,hQQ,hChild : Hwnd;//QQ輸入消息框的Handle
begin
Result:=0;
hQQ := FindQQ;
if hQQ=0 then exit;
hChild := GetDlgItem(hQQ,0); //發送窗口所在的子窗口
//hSend := GetDlgItem(hChild,1); //發送按鈕的句柄
hRichText := GetDlgItem(GetDlgItem(hChild,0), 894);
if iCode <0 then
begin
Result :=CallNextHookEx(hKey,iCode,wParam,lParam);
Exit;
end;
// 捕獲熱鍵消息
if ((wParam = VK_RETURN) and (GetAsyncKeyState(VK_CONTROL) < 0)) then
begin
SendMyTailText(hRichText);
end;
result:=CallNextHookEx(hKey,iCode,wParam,lParam);
end;
Function SetHook:Boolean;stdcall; export;
var
dwThreadID:DWord;
hQQ : hwnd;
begin
Result := false;
hQQ := FindQQ;
if hQQ=0 then exit;
dwThreadID := GetWindowThreadProcessId(hQQ, nil);
if dwThreadID=0 then
begin
MessageBox(0, 'Hook Failed!', 'Dll Error', MB_ICONINFORMATION + MB_OK);
exit;
end;
// 掛接鉤子
// 使用 發送 按鈕發送消息
//hProc := SetWindowsHookEx(WH_CALLWNDPROC, @CallWndProc, hInstance, dwThreadID);
// 使用 Ctrl+Enter 發送消息
hKey := SetWindowsHookEx(WH_KEYBOARD, @KeyboardProc, hInstance, dwThreadID);
Result:= (hProc<>0) or (hKey<>0);
end;
Function UnHook:Boolean;stdcall; export;
begin
result:=UnhookWindowsHookEx(hKey);
end;
exports //DLL的輸出函數
SetHook,UnHook;
begin
end.
==========
主界面:
啓動QQ尾巴:SetHook;
停止QQ尾巴:UnHook。
====================
可執行文件下載:50K
將下面的連接另存爲,然後將後墜名的".jpg"改成".rar",然後解壓縮就可以了.
QQ尾巴下載
