Hook Windows消息事件,以及如何调试dll
程序员文章站
2022-07-13 16:17:39
...
首先附上代码main函数
#include <stdio.h>
#include <conio.h>
#include <windows.h>
#define DEF_DLL_NAME "hookdll.dll"
#define DEF_DLL_HOOKSTART "HookStart"
#define DEF_DLL_HOOKStop "HookStop"
typedef void(*PFN_HOOKSTART)();
typedef void(*PFN_HOOKSTOP)();
int main()
{
HMODULE hdll;
PFN_HOOKSTART hookstart;
PFN_HOOKSTOP hookstop;
hdll = LoadLibrary(DEF_DLL_NAME);
if (!hdll)
return 0;
hookstart = (PFN_HOOKSTART)GetProcAddress(hdll, DEF_DLL_HOOKSTART);
hookstop = (PFN_HOOKSTOP)GetProcAddress(hdll, DEF_DLL_HOOKStop);
hookstart();
printf("press 'q' to quit\n");
while (_getch() != 'q');//当输入不是'q'的时候就一直在等待输入,然后hookstart() 函数一直在运行 ,一直在监听程序的消息事件
hookstop();
FreeLibrary(hdll);
return 1;
}
然后附上代码hookdll函数
// dllmain.cpp : 定义 DLL 应用程序的入口点。
#include "pch.h"
#include "windows.h"
#include <stdio.h>
#define DEF_PROCESS_NAME "notepad.exe"
HINSTANCE g_hinstance;
HHOOK g_hook;
HWND g_hwnd;
BOOL APIENTRY DllMain(HINSTANCE hinstDLL,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
g_hinstance = hinstDLL;
break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
LRESULT CALLBACK keyboardproc(int code,WPARAM wParam,LPARAM lParam)
{
char szpath[MAX_PATH] = { 0, };
char* p = NULL;
if (code >= 0)
{
if (!(lParam &0x80000000))
{
GetModuleFileNameA(NULL, szpath, MAX_PATH);
p = strrchr(szpath, '\\');
if (!_stricmp(p+1,DEF_PROCESS_NAME))
{
return 1;
}
}
}
return CallNextHookEx(g_hook, code, wParam, lParam);
}
#ifdef __cplusplus
extern "C" {
#endif // __cplusplus
__declspec(dllexport) void HookStart()
{
g_hook = SetWindowsHookEx(WH_KEYBOARD, keyboardproc, g_hinstance, 0);
}
__declspec(dllexport) void HookStop()
{
if (g_hook)
{
UnhookWindowsHookEx(g_hook);
g_hook = NULL;
}
}
#ifdef __cplusplus
}
#endif
在创建的hookdll的项目中,绑定到main工程生成的exe.
设置如下所示:
然后f5运行main函数,就可以进行调试了,加载loadlibrary 的时候就可以自动跳到dll中.
上一篇: unity特性
下一篇: Linux中的管道与连接符号