不看会后悔的Windows XP之经验谈	简单快捷DIY实用家庭影院

hook API的问题~为什么就是钩不到?高手指点一下,错误到底在哪儿?钩send函数!谢谢

楼主rageliu（天气好了就去长白山看水怪去了，嘿嘿...）2005-08-02 15:46:10 在 VC/MFC / 进程/线程/DLL 提问

// ActiveKey2.cpp : Defines the initialization routines for the DLL.
//

#include "stdafx.h"
#include <afxdllx.h>
#include "activekey.h"
#include "Winsock2.h"//挂接send等函数的头文件

#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif

//Shared data section共享数据段
#pragma data_seg("sharedata")
//CDialog dlg(IDD_DIALOG1);
HINSTANCE hinst = NULL;
HWND hwndDLG = NULL;
HHOOK glhHook=NULL; //钩子句柄
HINSTANCE glhInstance=NULL; //DLL实例句柄
#pragma data_seg()

static AFX_EXTENSION_MODULE ActiveKey2DLL = { NULL, NULL };
int cWSASend(SOCKET s, LPWSABUF lpBuffers, DWORD dwBufferCount,
LPDWORD lpNumberOfBytesSent, DWORD dwFlags,
LPWSAOVERLAPPED lpOverlapped,
LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine);
typedef int (*fnnew)(SOCKET s, LPWSABUF lpBuffers, DWORD dwBufferCount,
LPDWORD lpNumberOfBytesSent, DWORD dwFlags,
LPWSAOVERLAPPED lpOverlapped,
LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine);

extern "C" int APIENTRY
DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID lpReserved)
{
// Remove this if you use lpReserved
UNREFERENCED_PARAMETER(lpReserved);

if (dwReason == DLL_PROCESS_ATTACH)
{
TRACE0("ACTIVEKEY2.DLL Initializing!\n");

// Extension DLL one-time initialization
if (!AfxInitExtensionModule(ActiveKey2DLL, hInstance))
return 0;

// Insert this DLL into the resource chain
// NOTE: If this Extension DLL is being implicitly linked to by
// an MFC Regular DLL (such as an ActiveX Control)
// instead of an MFC application, then you will want to
// remove this line from DllMain and put it in a separate
// function exported from this Extension DLL. The Regular DLL
// that uses this Extension DLL should then explicitly call that
// function to initialize this Extension DLL. Otherwise,
// the CDynLinkLibrary object will not be attached to the
// Regular DLL's resource chain, and serious problems will
// result.

glhInstance = hInstance;
new CDynLinkLibrary(ActiveKey2DLL);
}
else if (dwReason == DLL_PROCESS_DETACH)
{
TRACE0("ACTIVEKEY2.DLL Terminating!\n");
// Terminate the library before destructors are called
AfxTermExtensionModule(ActiveKey2DLL);
}
return 1; // ok
}

CKeyHook::CKeyHook(){glhHook = NULL;}
CKeyHook::~CKeyHook(){}

extern "C" LRESULT WINAPI KeyboardProc(int nCode,WPARAM wParam,LPARAM lParam)
{
BYTE btNewBytes[8] = { 0x0B8, 0x0, 0x0, 0x40, 0x0, 0x0FF, 0x0E0, 0 };
DWORD dwOldBytes[3][2];
DWORD pSend = 0,pRecv = 0,dwSize = 0;
HMODULE hLib = NULL;
hLib = LoadLibrary( "ws2_32.dll" );
pSend = (DWORD)GetProcAddress( hLib, "send" );//取要拦截的api的地址
pRecv = (DWORD)GetProcAddress( hLib, "recv" );

//打开进程句柄
CWnd* pWnd=CWnd::GetActiveWindow();
HWND hwndCurr=pWnd->GetSafeHwnd();
DWORD Pid;
::GetWindowThreadProcessId(hwndCurr,&Pid);
HANDLE hProcess = OpenProcess( PROCESS_QUERY_INFORMATION |PROCESS_VM_READ,FALSE,Pid);
::ReadProcessMemory(hProcess, (void *)pSend, (void *)dwOldBytes[0], sizeof(DWORD)*2, &dwSize );
fnnew fn = cWSASend;
*(DWORD *)( btNewBytes + 1 ) = (DWORD)fn;
::WriteProcessMemory(hProcess, (void *)pSend, (void *)btNewBytes, sizeof(DWORD)*2, &dwSize );
CloseHandle( hProcess );
return CallNextHookEx(glhHook,nCode,wParam,lParam);
}

HHOOK CKeyHook::Start()
{
if(NULL == glhHook)
glhHook = SetWindowsHookEx(WH_GETMESSAGE,KeyboardProc,glhInstance,0);//设置钩子
return glhHook;
}
BOOL CKeyHook::Stop()
{
BOOL mResult = TRUE;
if(glhHook)
mResult = UnhookWindowsHookEx(glhHook);//卸载钩子
return mResult;
}

int cWSASend(SOCKET s, LPWSABUF lpBuffers, DWORD dwBufferCount,
LPDWORD lpNumberOfBytesSent, DWORD dwFlags,
LPWSAOVERLAPPED lpOverlapped,
LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine)
{
char buf[1024];
lstrcpyn(buf,lpBuffers->buf,lpBuffers->len);
AfxMessageBox(_T("Hook拦截到封包发送！"));
return 1;
//API钩子返回之前,对原始的API进行调用
// return oWSASend(s, lpBuffers, dwBufferCount, lpNumberOfBytesSent, dwFlags,
// lpOverlapped, lpCompletionRoutine);
}

有什么错误呀?挂钩后上网一点其他反映都没有~正常上~
给我个hook API的代码也可以~rageliu@sina.com
问题点数：100、回复次数：6Top

1 楼DentistryDoctor（不在无聊中无奈，就在沉默中变态）回复于 2005-08-02 15:47:33 得分 30

WinSock的挂钩最好是用Winsock SPI.Top

2 楼rageliu（天气好了就去长白山看水怪去了，嘿嘿...）回复于 2005-08-02 15:52:34 得分 0

服务提供者接口呀,是直接hook还是安装服务提供者?这方面我也做过~不过就是安装不成功~先给我讲讲 hook API好吗?上面这个程序有什么错误?Top

3 楼dirdirdir3（风）回复于 2005-08-02 16:00:14 得分 30

上网后有调用WSASend没有？编程调用一下wsasend试试钩住没有.Top

4 楼goodboyws（深夜不眠者(VCMVP)）回复于 2005-08-02 16:08:48 得分 20

应该有个下钩的地方，在那儿调用的CKeyHook::Start()？？
Top

5 楼nooning（nooning）回复于 2005-08-02 16:19:31 得分 20

if (dwReason == DLL_PROCESS_ATTACH)
{

.....
(new CKeyHook)->Start();
}Top

6 楼rageliu（天气好了就去长白山看水怪去了，嘿嘿...）回复于 2005-08-02 16:22:45 得分 0

to:goodboyws(深夜不眠者)
我有下钩的test程序~~挂钩是绝对挂上的~我改成键盘钩子试了~
to :dirdirdir3(风)
我会试试你说的~不过挂钩后上网都没问题~上网应该用到了send吧~我会试的~

请大家帮帮忙!郁闷我几天了~~
Top

hook API的问题~为什么就是钩不到?高手指点一下,错误到底在哪儿?钩send函数!谢谢

1 楼DentistryDoctor（不在无聊中无奈，就在沉默中变态）回复于 2005-08-02 15:47:33 得分 30

2 楼rageliu（天气好了就去长白山看水怪去了，嘿嘿...）回复于 2005-08-02 15:52:34 得分 0

3 楼dirdirdir3（风）回复于 2005-08-02 16:00:14 得分 30

4 楼goodboyws（深夜不眠者(VCMVP)）回复于 2005-08-02 16:08:48 得分 20

5 楼nooning（nooning）回复于 2005-08-02 16:19:31 得分 20

6 楼rageliu（天气好了就去长白山看水怪去了，嘿嘿...）回复于 2005-08-02 16:22:45 得分 0

相关问题

关键词

得分解答快速导航

相关链接

广告也精彩

反馈