说明:
1.只为了学习Hook技术。
2.只针对QQ2004Preview版。
3.只监视Ctrl+Enter。
4.先打开QQ聊天对话框
5.在文本框里输入尾巴信息。
6.点击“开启QQ尾巴”。
7.使用Ctrl+Enter发送QQ消息。
8.请大家不要用于恶意行为!
============JoeCom=====
Dll:
library HookDll;
{ Important note about DLL memory management: ShareMem must be the
first unit in your library's USES clause AND your project's (select
Project-View Source) USES clause if your DLL exports any procedures or
functions that pass strings as parameters or function results. This
applies to all strings passed to and from your DLL--even those that
are nested in records and classes. ShareMem is the interface unit to
the BORLNDMM.DLL shared memory manager, which must be deployed along
with your DLL. To avoid using BORLNDMM.DLL, pass string information
using PChar or ShortString parameters. }
uses
SysUtils,Windows,Messages,
Classes;
const
IDC_RICHEDIT = 894;
var
hProc,hKey : Hwnd;
{$R *.res}
// 获得窗口文本
function GetWndText(hWnd: HWND): String;
Var
Ret:LongInt;
mText:PChar;
Buf:Integer;
begin
Ret:=SendMessage(hWnd,WM_GETTEXTLENGTH,0,0)+1;
GetMem(mText,Ret);
try
Buf:=LongInt(mText);
SendMessage(hWnd,WM_GETTEXT,Ret,Buf);
Result:=StrPas(mText);
finally
FreeMem(mText,Ret);
end;
end;
// 发送文本到窗口
procedure SetWndText(hWnd: HWND; Text: String);
Var
//Ret:LongInt;
mText:PChar;
Buf:Integer;
begin
GetMem(mText,Length(Text));
StrCopy(mText,PChar(Text));
try
Buf:=LongInt(mText);
SendMessage(hWnd,WM_SETTEXT,0,Buf);
finally
FreeMem(mText,Length(Text));
end;
end;
//发送自己的尾巴消息
procedure SendMyTailText(Handle:Hwnd);
var
Msg:String;
begin
Msg:=GetWndText(Handle);
Msg:=Msg+#13+#10+'我中了自己的QQ尾巴,不要打我哦'
+#13+#10+'欢迎光临乔康软件工作室http://joecom.blogone.net';
SetWndText(Handle,Msg);
end;
Function FindQQ:hwnd;
var
hQQ : hwnd;
begin
Result :=0;
//查找QQ
hQQ := FindWindowEx(0, //Parent
0, //Child
'#32770', //窗口类名通过Spy++或者MiniSpy都可以查到
nil //窗口Caption
);
//循环查找
While (hQQ <> 0) do //and (hSend = 0)
begin
if (Pos('聊天中',GetWndText(hQQ))>0) or
(Pos('发送消息',GetWndText(hQQ))>0) or
(Pos('群',GetWndText(hQQ))>0) then
begin
result := hQQ;
exit;
end;
//查找QQ
hQQ := FindWindowEx(0, //Parent
hQQ, //Child
'#32770', //窗口类名通过Spy++或者MiniSpy都可以查到
nil //窗口Caption
);
end;
end;
function CallWndProc(Handle,Msg,wParam,lParam:longint):LRESULT; stdcall;
var
hRichText,hQQ,hChild : Hwnd;//QQ输入消息框的Handle
begin
Result:=0;
hQQ := FindQQ;
if hQQ=0 then exit;
hChild := GetDlgItem(hQQ,0); //发送窗口所在的子窗口
//hSend := GetDlgItem(hChild,1); //发送按钮的句柄
Handle := GetDlgItem(hChild,0);
hRichText := GetDlgItem(hChild, 894);
if (Handle=hChild) and (Msg=WM_COMMAND) and (LOWORD(wParam)=1) then
SendMyTailText(hRichText);
result:=CallNextHookEx(hProc, Msg,wParam,lParam);
end;
//截获Ctrl+Enter
function KeyboardProc(iCode:Integer;
WParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
const VK_S = $53;
var
hRichText,hSend,hQQ,hChild : Hwnd;//QQ输入消息框的Handle
begin
Result:=0;
hQQ := FindQQ;
if hQQ=0 then exit;
hChild := GetDlgItem(hQQ,0); //发送窗口所在的子窗口
//hSend := GetDlgItem(hChild,1); //发送按钮的句柄
hRichText := GetDlgItem(GetDlgItem(hChild,0), 894);
if iCode <0 then
begin
Result :=CallNextHookEx(hKey,iCode,wParam,lParam);
Exit;
end;
// 捕获热键消息
if ((wParam = VK_RETURN) and (GetAsyncKeyState(VK_CONTROL) < 0)) then
begin
SendMyTailText(hRichText);
end;
result:=CallNextHookEx(hKey,iCode,wParam,lParam);
end;
Function SetHook:Boolean;stdcall; export;
var
dwThreadID:DWord;
hQQ : hwnd;
begin
Result := false;
hQQ := FindQQ;
if hQQ=0 then exit;
dwThreadID := GetWindowThreadProcessId(hQQ, nil);
if dwThreadID=0 then
begin
MessageBox(0, 'Hook Failed!', 'Dll Error', MB_ICONINFORMATION + MB_OK);
exit;
end;
// 挂接钩子
// 使用 发送 按钮发送消息
//hProc := SetWindowsHookEx(WH_CALLWNDPROC, @CallWndProc, hInstance, dwThreadID);
// 使用 Ctrl+Enter 发送消息
hKey := SetWindowsHookEx(WH_KEYBOARD, @KeyboardProc, hInstance, dwThreadID);
Result:= (hProc<>0) or (hKey<>0);
end;
Function UnHook:Boolean;stdcall; export;
begin
result:=UnhookWindowsHookEx(hKey);
end;
exports //DLL的输出函数
SetHook,UnHook;
begin
end.
==========
主界面:
启动QQ尾巴:SetHook;
停止QQ尾巴:UnHook。
====================
可执行文件下载:50K
将下面的连接另存为,然后将后坠名的".jpg"改成".rar",然后解压缩就可以了.
QQ尾巴下载