如何挂接到 Windows 中的其他程序? [英] How do I hook into other programs in Windows?

问题描述

谁能解释一个程序如何挂钩并修改 Windows 中其他程序的行为?

Can anyone explain how does one program hook into and modify behavior of other programs in Windows?

这怎么可能?Windows 程序不会保护自己免受其他程序进入其内存等的影响吗?(我不知道内部是如何工作的，所以我只是说进入他们的记忆"——我敢打赌它比那更复杂.)

How is it even possible? Don't windows programs protect themselves from other programs going into their memory, etc? (I don't know the internals how it works so I just said "into their memory" -- I bet it's more complex than that.)

像 Windows 7 这样的现代 Windows 还允许吗?

Also does modern Windows like Windows 7 still allow it?

谢谢，博达·西多

推荐答案

有几种不同的方法可以挂钩和修改其他程序的行为.

There are several different ways to hook into and modify the behavior of other programs.

例如，您可以直接写入另一个程序的内存(WriteProcessMemory)，或者您可以将一个线程注入另一个程序的内存(CreateRemoteThread).这假定您拥有控制该其他程序的某些权利.

For example, you can directly write to another program's memory (WriteProcessMemory) or you can inject a thread into another program's memory (CreateRemoteThread). This presumes you have some rights to control that other program.

你也可以通过 SetWindowsHookEx 注入一个窗口钩子.这假定您在用户会话中以与您要注入的程序相同或更高的完整性级别运行.

You can also inject a window hook via SetWindowsHookEx. This presumes you are running in the user's session at the same or higher integrity level of the program you are injecting into.

出于多种原因，这仍然是允许的.如果没有修改其他程序行为的方法，您将无法实现调试器.Windows 挂钩用于测试程序、辅助功能程序、更改 Windows 外观的程序等.

This is still allowed for several reasons. Without a way to modify behavior of other programs you would not be able to implement a debugger. Windows hooks are used by testing programs, accessibility programs, programs that change the look and feel of Windows, etc.

这篇关于如何挂接到 Windows 中的其他程序?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！