如何使用SetWindowsHookEx和WH_KEYBOARD钩住外部进程 [英] How to hook external process with SetWindowsHookEx and WH_KEYBOARD
本文介绍了如何使用SetWindowsHookEx和WH_KEYBOARD钩住外部进程的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我试图钩住例如Notepad没有成功。做一个全局的钩子似乎工作正常。
在XP SP2上测试
编辑:
MyDLL代码
#include< windows.h>
#include< iostream>
#include< stdio.h>
HINSTANCE hinst;
#pragma data_seg(。shared)
HHOOK hhk;
#pragma data_seg()
//#pragma comment(链接器,/SECTION:.shared,RWS)VC ++ 2008中的编译器错误express
LRESULT CALLBACK wireKeyboardProc(int代码,WPARAM wParam,LPARAM lParam){
if(code< 0){
return CallNextHookEx(0,code,wParam,lParam);
}
哔声(1000,20);
return CallNextHookEx(hhk,code,wParam,lParam);
}
externC__declspec(dllexport)void install(unsigned long threadID){
hhk = SetWindowsHookEx(WH_KEYBOARD,wireKeyboardProc,hinst,threadID);
}
externC__declspec(dllexport)void uninstall(){
UnhookWindowsHookEx(hhk);
}
BOOL WINAPI DllMain(__ in HINSTANCE hinstDLL,__in DWORD fdwReason,__in LPVOID lpvReserved){
hinst = hinstDLL;
返回TRUE;
}
我的程序
#include< Windows.h>
unsigned long GetTargetThreadIdFromWindow(char * className,char * windowName)
{
HWND targetWnd;
HANDLE hProcess;
unsigned long processID = 0;
targetWnd = FindWindow(className,windowName);
返回GetWindowThreadProcessId(targetWnd,& processID);
}
int _tmain(int argc,_TCHAR * argv []){
unsigned long threadID = GetTargetProcessIdFromWindow(Notepad,Untitled - Notepad);
printf(TID:%i,threadID);
HINSTANCE hinst = LoadLibrary(_T(MyDLL.dll));
if(hinst){
typedef void(* Install)(unsigned long);
typedef void(* Uninstall)();
安装install =(安装)GetProcAddress(hinst,install);
卸载卸载=(卸载)GetProcAddress(hinst,uninstall);
install(threadID);
睡眠(20000);
uninstall();
}
return 0;
}
解决方案
三个问题: >
当您使用线程ID时,您正在使用进程ID。
您的HHOOK需要进入共享记忆:
#pragma data_seg(。shared)
HHOOK hhk = NULL;
#pragma data_seg()
#pragma comment(链接器,/SECTION:.shared,RWS)
您需要将您的 HHOOK 传递给 CallNextHookEx :
return CallNextHookEx(hhk,code,wParam,lParam);
I am trying to hook for example Notepad without sucess. Making a global hook seems to work fine.
Testing on XP SP2.
Edit: Amended code works now.
MyDLL code
#include <windows.h>
#include <iostream>
#include <stdio.h>
HINSTANCE hinst;
#pragma data_seg(".shared")
HHOOK hhk;
#pragma data_seg()
//#pragma comment(linker, "/SECTION:.shared,RWS") compiler error in VC++ 2008 express
LRESULT CALLBACK wireKeyboardProc(int code, WPARAM wParam,LPARAM lParam) {
if (code < 0) {
return CallNextHookEx(0, code, wParam, lParam);
}
Beep(1000, 20);
return CallNextHookEx(hhk, code, wParam, lParam);
}
extern "C" __declspec(dllexport) void install(unsigned long threadID) {
hhk = SetWindowsHookEx(WH_KEYBOARD, wireKeyboardProc, hinst, threadID);
}
extern "C" __declspec(dllexport) void uninstall() {
UnhookWindowsHookEx(hhk);
}
BOOL WINAPI DllMain(__in HINSTANCE hinstDLL, __in DWORD fdwReason, __in LPVOID lpvReserved) {
hinst = hinstDLL;
return TRUE;
}
My program
#include <Windows.h>
unsigned long GetTargetThreadIdFromWindow(char *className, char *windowName)
{
HWND targetWnd;
HANDLE hProcess;
unsigned long processID = 0;
targetWnd = FindWindow(className, windowName);
return GetWindowThreadProcessId(targetWnd, &processID);
}
int _tmain(int argc, _TCHAR* argv[]) {
unsigned long threadID = GetTargetProcessIdFromWindow("Notepad", "Untitled - Notepad");
printf("TID: %i", threadID);
HINSTANCE hinst = LoadLibrary(_T("MyDLL.dll"));
if (hinst) {
typedef void (*Install)(unsigned long);
typedef void (*Uninstall)();
Install install = (Install) GetProcAddress(hinst, "install");
Uninstall uninstall = (Uninstall) GetProcAddress(hinst, "uninstall");
install(threadID);
Sleep(20000);
uninstall();
}
return 0;
}
解决方案
Three problems:
You're using the process ID when you should be using the thread ID.
Your HHOOK needs to go into shared memory:
#pragma data_seg(".shared")
HHOOK hhk = NULL;
#pragma data_seg()
#pragma comment(linker, "/SECTION:.shared,RWS")
You need to pass your HHOOK to CallNextHookEx:
return CallNextHookEx( hhk, code, wParam, lParam);
这篇关于如何使用SetWindowsHookEx和WH_KEYBOARD钩住外部进程的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
