全部
我已经实现了一个全局 Windows 挂钩来挂钩 API MessageBox(),挂钩是在 dll 中实现的,当我在 win32 控制台应用程序(加载了 dll)中设置 Windows 挂钩并调用MessageBox()时,API 被成功挂钩。为简洁起见,我将此 win32 应用程序命名为 EXE1。
由于我设置了一个全局挂钩,我还希望MessageBox()其他应用程序的调用也被挂钩。因此,我运行另一个win32控制台应用程序——EXE2(与EXE1同时运行),调用MessageBox()了3次。但是,第一个呼叫没有被挂断。我不知道为什么。(代码为ansi格式。)代码如下:
------------------------------------dll------------- ------------------
#pragma once
#ifndef _WIN32_WINNT // Allow use of features specific to Windows XP or later.
#define _WIN32_WINNT 0x0501 // Change this to the appropriate value to target other versions of Windows.
#endif
//for the getaddrinfo test
#include <WS2tcpip.h>
#pragma comment(lib, "ws2_32")
#include <windows.h>
#include <stdio.h>
#include "mhook.h"
//=========================================================================
// Define _MessageBox so we can dynamically bind to the function
typedef int (WINAPI* _MessageBox) (HWND, LPCTSTR, LPCTSTR, UINT);
//=========================================================================
// Get the current (original) address to the functions to be hooked
//
_MessageBox TrueMessageBox = (_MessageBox)GetProcAddress(GetModuleHandle(L"user32"), "MessageBoxW");
//=========================================================================
// This is the function that will replace MessageBox once the hook
// is in place
MMRESULT WINAPI HookMessageBoxW(HWND hWnd, LPCTSTR lpText, LPCTSTR lpCaption, UINT uType){
printf("***** Call to MessageBox\n");
lpText = L"hooked MessageBox";
// Call the original waveInOpen function
MMRESULT nResult = TrueMessageBox(hWnd, lpText, lpCaption, uType);
return nResult;
}
///////////////////////////////////////////////////////////////////////////
#pragma comment(linker, "/SECTION:YCIShared,RWS")
#pragma data_seg("YCIShared")
HHOOK g_hHook = NULL;
#pragma data_seg()
HMODULE hInstance = 0;
static LRESULT WINAPI GetMsgProc(int code, WPARAM wParam, LPARAM lParam)
{ printf("=======\n");
//Mhook_SetHook((PVOID*)&TrueMessageBox, HookMessageBoxW);
return ::CallNextHookEx(g_hHook, code, wParam, lParam);
}
BOOL WINAPI SetSysHook(BOOL bInstall, DWORD dwThreadId)
{
BOOL bOk;
if(bInstall)
{
g_hHook = ::SetWindowsHookEx(WH_GETMESSAGE, GetMsgProc,
hInstance, dwThreadId);
bOk = (g_hHook != NULL);
}
else
{
bOk = ::UnhookWindowsHookEx(g_hHook);
g_hHook = NULL;
}
return bOk;
}
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
hInstance = (HINSTANCE) hModule;
printf("dll loaded!============================\n");
if(Mhook_SetHook((PVOID*)&TrueMessageBox, HookMessageBoxW)) //hook
printf("MessageBox Hook Succeeded!\n");
else
printf("MessageBox Hook Failed");
break;
case DLL_PROCESS_DETACH:
Mhook_Unhook((PVOID*)&TrueMessageBox);
break;
}
return TRUE;
}
-------------------------------------------dll结束---- ----------------------------- 您无法构建此 dll,因为它调用了一个自实现的函数Mhook_SetHook()and Mhook_Unhook(),它们来自mhook。DLL 文件名为mhook-2.3-dll.dll。
------------------------------EXE1-------------------- --------------------------------
#pragma once
#ifndef _WIN32_WINNT // Allow use of features specific to Windows XP or later.
#define _WIN32_WINNT 0x0501 // Change this to the appropriate value to target other versions of Windows.
#endif
#include <windows.h>
#include <stdio.h>
#pragma comment(lib, "mhook-2.3-dll.lib")
extern "C" _declspec(dllimport) BOOL WINAPI SetSysHook(BOOL bInstall, DWORD dwThreadId);
int wmain(int argc, WCHAR* argv[])
{
//HMODULE hModule = ::LoadLibrary(L"mhook-2.3-dll.dll");
SetSysHook(TRUE, 0);
MessageBoxW(NULL, (LPCTSTR)L"MessageBox", NULL, MB_OK); //hooked
SetSysHook(FALSE, 0);
return 0;
}
-------------------------------- EXE1结束--------------- --------------------------
--------------------------------EXE2----------------- ------------------------------- #include #include
int main(){
MessageBox(NULL, (LPCTSTR)L"MessageBox1", NULL, MB_OK); //not hooked
MessageBox(NULL, (LPCTSTR)L"MessageBox2", NULL, MB_OK); //hooked
MessageBox(NULL, (LPCTSTR)L"MessageBox3", NULL, MB_OK); //hooked
return 0;
}
-------------------------------------------EXE2结束---- --------------------------