问一个难与不难之间的问题，DLL直接远程注入hook 按键（非按键消息注入）

19900603 · 发表于 2012-10-27 18:35:53

Option Explicit

Public Type EVENTMSG
vKey          As Long
sKey          As Long
Flag          As Long
time          As Long
End Type
Public MyMsg       As EVENTMSG
Public Const WH_KEYBOARD_LL = 13
Public Const WM_KEYDOWN = &H100
Public Const HIDE_WINDOW = 0
Public Const SW_SHOWNORMAL = 1
Public Const SW_SHOWNOACTIVATE = 4
Private Declare Function MessageBox Lib "user32" Alias "MessageBoxA" (ByVal hwnd As Long, ByVal lpText As String, ByVal lpCaption As String, ByVal wType As Long) As Long
Dim hHookID       As Long, HookIng As Boolean
Public Declare Function SetWindowsHookEx Lib "user32" Alias "SetWindowsHookExA" (ByVal idHook As Long, ByVal lpfn As Long, ByVal hmod As Long, ByVal dwThreadId As Long) As Long
Public Declare Function CallNextHookEx Lib "user32" (ByVal hHook As Long, ByVal nCode As Long, ByVal wParam As Long, lParam As Long) As Long
Public Declare Function ShowWindow Lib "user32" (ByVal hwnd As Long, ByVal nCmdShow As Long) As Long

Public Function HookProc(ByVal nCode As Long, ByVal wParam As Long, ByVal lParam As Long) As Long
If nCode >= 0 Then
      If wParam = WM_KEYDOWN Then
         CopyMemory MyMsg, ByVal lParam, Len(MyMsg)
         If MyMsg.sKey = 82 Then
            If HookIng Then
                  '隐藏窗口
                  Call ShowWindow(FrmMain.hwnd, SW_SHOWNORMAL)
            Else
                  '显示窗口
                  Call ShowWindow(FrmMain.hwnd, HIDE_WINDOW)
            End If
            HookIng = Not HookIng
         End If
      End If
End If
HookProc = CallNextHookEx(hHookID, nCode, wParam, lParam)
End Function

Public Sub RunThread(ByVal lpParam As Long)
Dim hWndForm As Long
'创建全局键盘Hook
hHookID = SetWindowsHookEx(WH_KEYBOARD_LL, AddressOf HookProc, lpParam, 0)
'加载窗体
FrmMain.Show
Do
      DoEvents
      Sleep 1
Loop
End Sub

'///Dll入口模块
Public Function DLLMain(ByVal hinstDLL As Long, ByVal fdwReason As Long, ByVal lpvReserved As Long) As Long
If fdwReason = DLL_PROCESS_ATTACH Then                                     'dll加载
      DLLMain = 1
      '初始化
      InitVbDll
      ' 创建线程
      CreateThread AddressOf RunThread, ByVal hinstDLL
ElseIf fdwReason = DLL_PROCESS_DETACH Then                               'dll卸载
      AuxMem.FreeLibraryAndExitThread hinstDLL, 0
End If
End Function

Sub Main()
'XXOO
End Sub

19900603 · 发表于 2012-10-27 18:36:19

本帖最后由 19900603 于 2012-10-27 18:42 编辑

注意窗体点X不能关闭
Private Sub Form_QueryUnload(Cancel As Integer, UnloadMode As Integer)
Call ShowWindow(Me.hwnd, HIDE_WINDOW)
Cancel = 1
End Sub

qq275158045 · 发表于 2012-10-27 21:24:58

19900603 发表于 2012-10-27 18:36
注意窗体点X不能关闭
Private Sub Form_QueryUnload(Cancel As Integer, UnloadMode As Integer)
...

非常感谢您的帮助我先消化一下代码先！

19900603 · 发表于 2012-11-1 17:29:47

qq275158045 发表于 2012-10-27 21:24
非常感谢您的帮助我先消化一下代码先！

先获取窗口句柄然后再用 SETWINDOWLONG 子类试试
不知道在Dll中能行不

qq275158045 · 发表于 2012-11-1 17:59:04

19900603 发表于 2012-11-1 17:29
先获取窗口句柄然后再用 SETWINDOWLONG 子类试试
不知道在Dll中能行不

我把最后一个参数 0改为线程ID 貌似没无效！奇怪了！难道一定要返回给其他进程？

qq275158045 · 发表于 2012-11-1 19:28:00

@19900603 SetWindowsHookEx(WH_KEYBOARD_LL, AddressOf HookProc, lpParam, 0)
把这个0改为窗口线程ID 然后注入没反应！

e2d941 · 发表于 2015-4-21 22:13:42

菜鸟学飞发表于 2012-10-27 12:46
步骤:把dll注入目标进程,dllmain事件里面创建一个线程,在线程里面创建一个窗体并隐藏,在窗体的load事件里面 ...

跪了

找了n天终于找到组织了

		自动登录	找回密码
密码			立即注册

VBGood网站全文搜索

[求助] 问一个难与不难之间的问题，DLL直接远程注入hook 按键（非按键消息注入）

点评

本帖子中包含更多资源

点评

点评