12

我是一个 C++ 初学者(3-4 个月),我正在尝试对 windows hooking 做精益求精。我有一个我试图注入的 DLL 的错误,过了一会儿我意识到我的 DllMain 没有被调用!我几乎查看了 StackOverflow 上的每个线程,但无法弄清楚我的问题。我通过将变量初始化为 5,在 DllMain 中将其更改为 1 并在函数中输出变量来发现这一点。变量永远不会改变。这是代码:

int i = 5;

BOOL APIENTRY DllMain( HANDLE hModule, DWORD  ul_reason_for_call, LPVOID lpReserved  )
{
    i=1;
    switch (ul_reason_for_call)
    {
    case DLL_PROCESS_ATTACH:
        hDll  = (HINSTANCE) hModule;

        break;

    case DLL_THREAD_ATTACH:  break;
    case DLL_THREAD_DETACH:  break;
    case DLL_PROCESS_DETACH:  break;

    }

    return TRUE;
}

bool InstallHook(){
    cout << "INSTALLING HOOK... " << endl;
    cout << i << endl;
    hHook = SetWindowsHookEx(WH_CBT, (HOOKPROC) CBTProc, hDll, 0);
    return hHook != NULL;
}

这是我正在加载的 DLL ......

typedef bool (*InstallHook)();
typedef void (*UninstallHook)();
InstallHook ih;
UninstallHook uh;
LRESULT CALLBACK WndProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam)
{
    switch(msg)
    {
        case WM_CLOSE:
            DestroyWindow(hwnd);
        break;
        case WM_DESTROY:
            uh();
            PostQuitMessage(0);
        break;
        default:
            return DefWindowProc(hwnd, msg, wParam, lParam);
    }
    return 0;
}

int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
    LPSTR lpCmdLine, int nCmdShow)
{
    // Bunch of code to initialize a simple window until this: 
    HINSTANCE hDll = LoadLibrary("e:\\projects\\DLL\\ToInject.dll");
    ih = (InstallHook)GetProcAddress(hDll, "InstallHook");
    uh = (UninstallHook)GetProcAddress(hDll, "UninstallHook");
    if (!ih()){
        cout << "SUCCESS" << endl;
    }else{
        cout << "FAILED" << endl;
    }
    // other stuff to create a window
    return Msg.wParam;
}

输出:

INSTALLING HOOK... 
5 // We can see here that the DLL never changed the value of i to 1.
SUCCESS
UNINSTALL HOOK...
4

3 回答 3

9

按照以下步骤制作一个工作示例(这是用于视觉工作室):

  • 创建一个新的控制台应用程序;
  • 检查DLL;
  • 把它放在 dllmain.cpp 中:

dllmain.cpp

// dllmain.cpp : Defines the entry point for the DLL application.

#include "stdafx.h"
#include <string>

std::string test = "not Loaded"; 

BOOL APIENTRY DllMain( HMODULE hModule,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
                     )
{
    test = "loaded"; //You also change on this location the value of a variable
    switch (ul_reason_for_call)
    {
    case DLL_PROCESS_ATTACH:
        MessageBoxA(NULL,"test","test",NULL);
        break;
    case DLL_THREAD_ATTACH:
    case DLL_THREAD_DETACH:
    case DLL_PROCESS_DETACH:
        break;
    }
    return TRUE;
}

extern "C" __declspec (dllexport) bool example()
{
    MessageBoxA(NULL,test.c_str(),"test",NULL);
    return true;
}
  • 编译代码,确保它处于发布模式;
  • 创建一个新的控制台应用程序;
  • 检查空项目;
  • 创建一个名为 main.cpp 的新文件;
  • 将其复制到文件中:

主文件

#include <windows.h>

typedef bool (*testFunction)();

testFunction dllFunction;

int main()
{

    HINSTANCE hDll = LoadLibraryA("example.dll");
    if(hDll)
    {
        dllFunction = (testFunction)GetProcAddress(hDll, "example");
        dllFunction();
    }

    return 0;
}
  • 构建项目,确保它处于发布模式;
  • 从控制台应用程序复制您在发布文件夹中创建的 DLL;
  • 运行程序。

它在这里工作。我得到一个带有测试和 1 次加载的 MessageBox。您可以将此代码与您的代码进行比较。我希望你能找到问题。

于 2013-01-11T07:30:50.343 回答
2

我在同一个程序中看到 aWinMain和 a 。cout请说明您创建的项目类型。

您可以在这里查看一个钩子示例 - http://www.codeproject.com/Articles/5002/Mousey-Roll-Over-and-Park

于 2013-01-11T07:39:35.860 回答
2 
extern "C" BOOL APIENTRY DllMain( HANDLE hModule, DWORD  ul_reason_for_call, LPVOID lpReserved  )

如果你用 C++ 编译它,你必须在 DllMain 函数的前面添加“ extern "C" "

于 2016-12-04T06:51:19.527 回答