跪请众朋友帮我找下问题出在哪里？--4

最新推荐文章于 2024-01-13 19:07:04 发布

原创最新推荐文章于 2024-01-13 19:07:04 发布 · 499 阅读

0 ·

CC 4.0 BY-SA版权

文章标签：

#null #user #token #winapi #callback #path

本文深入探讨了Windows钩子技术的应用实例，详细介绍了如何通过不同的钩子类型（如WH_CALLWNDPROC、WH_CBT等）实现对Windows消息的拦截与处理。文章重点讲解了钩子的设置与移除方法，并提供了具体的代码实现细节。

四、

#include <windows.h>
#include <stdio.h>
#define QQTAILAPI __declspec(dllexport)
#include "hook.h"
#include <string>
#include <vector>
using namespace std;

#pragma data_seg("shared")
HHOOK g_hProc = NULL;
HHOOK g_hKey = NULL;
HHOOK g_Mouse = NULL;
HHOOK g_hShell = NULL;
HWND g_hRich = NULL;
HWND g_hParent = NULL;
//要拷贝的程序
char process[20][50] = {0};
char procName[512] = {0};
int nProcess = 0;
//特殊程序
char specExe[5][50] = {0};
int nSpecExe = 0;
char curSepcExe[50]={0};
//特殊的消息框消息
char specMsg[20][50];
int nSpecMsg = 0;
#pragma data_seg()
#pragma comment(linker, "/section:shared,rws")
HINSTANCE g_hInstDLL = NULL;

#include <vector>
#include <string>
using namespace std;

#define BSC_FILE "DSC_CONFIG.INF"
char syspath[MAX_PATH] = {0};

void Spilt(char* spiltString, char* strSeps, int flag/*bool bSepcExe*/)
{
char *p = new char [strlen(spiltString)+1];
strcpy(p, spiltString);
char seps[32];
strcpy(seps, strSeps);
char *token;
token = strtok( p, seps );
//if(!bSepcExe)
if(flag == 0)
{
  while( token != NULL && nProcess<20)
  {
   nProcess++;
   strncpy(process[nProcess-1], token, 48);
   token = strtok( NULL, seps );
  }
}
else if(flag == 1)
{
  while( token != NULL && nSpecExe<5)
  {
   nSpecExe++;
   strncpy(specExe[nSpecExe-1], token, 48);
   token = strtok( NULL, seps );
  }
}
else if (flag == 2)
{
  while( token != NULL && nSpecMsg<20)
  {
   nSpecMsg++;
   strncpy(specMsg[nSpecMsg-1], token, 48);
   token = strtok( NULL, seps );
  }
}
delete p;
p = NULL;
}
void WriteLog(char* log)
{
FILE *pf=fopen("C://bho.doc","a");
if(pf)
{
  fwrite(log, sizeof(char), strlen(log), pf);
  char processName[MAX_PATH] = {0};
  GetModuleFileName(NULL, processName, MAX_PATH);
  char* szWindowText = _strlwr( _strdup( processName ) );
  fwrite(szWindowText, sizeof(char), strlen(szWindowText), pf);
  fprintf(pf, "/n");
  fclose(pf);
}
}

char* LoadSettingStr(char* strKey, char* defaultData, char* strFile)
{
char buff[1024];
ZeroMemory(buff, sizeof(buff));
GetPrivateProfileString("HEADER", strKey, defaultData, buff, 1024 , strFile);
return buff;
}

BOOL CALLBACK EnumChildProc(HWND hwndChild, LPARAM lParam)
{
//检查MESSAGEBOX中的消息是否为要检测的
LPRECT rcParent;
int i, idChild;

// Retrieve the child-window identifier. Use it to set the
// position of the child window.

idChild = GetWindowLong(hwndChild, GWL_ID);
    char buff[256]={0};
GetWindowText(hwndChild, buff, 255);
if(strncmp("sss", buff, 3)==0)
{
  int a = 0;
}
char lpbuf[256]={0};
GetClassName(hwndChild,lpbuf,256);
//检测控件是否为静态文本
if(strstr(lpbuf, "Static"))
{
  char text[256] = {0};
  GetWindowText(hwndChild, text, 250);
  WriteLog(text);
  if(strlen(text)>0)
  {
   for(int i=0; i<nSpecMsg; i++)
   {
    WriteLog(specMsg[i]);
    if(strlen(specMsg[i])>0 && strstr(text, specMsg[i]))
    //if(strstr(text, "文件"))
    {
     WriteLog("IE中弹出了窗口，结束拷贝进程");
     long id = GetCurrentProcessId();
     SendMessage(g_hParent, WM_USER+110, 3, id);
     return FALSE;
    }
   }
  }
}
return TRUE;
}

LRESULT CALLBACK CallWndProc(int nCode, WPARAM wParam, LPARAM lParam)
{
CWPSTRUCT *p = (CWPSTRUCT *)lParam;

if   (nCode   <   0   ||   nCode   ==   HC_NOREMOVE)
      return   CallNextHookEx(g_hProc,nCode,wParam,lParam);

if(((LPCWPSTRUCT)lParam)->message == WM_CLOSE || ((LPCWPSTRUCT)lParam)->message == WM_QUIT)
{
   WriteLog("程序收到WM_CLOSE：");

   char processName[MAX_PATH] = {0};
   GetModuleFileName(NULL, processName, MAX_PATH);
   char* szWindowText = _strlwr( _strdup( processName ) );
   //strcpy(procName, "");

   bool bSpec = false;
   if(strcmp(curSepcExe, "")!=0)
   {
    for(int i=0; i<nSpecExe; i++)
    {
     char* name = _strlwr( _strdup( specExe[i] ) );
     if(name && strstr(szWindowText, name))
     {
      if(strcmp(curSepcExe, name)==0)
      {
       bSpec = true;
       //清空缓冲区
       strcpy(curSepcExe, "");
       //发送特殊程序结束指令
       SendMessage(g_hParent, WM_USER+113, 0, 1);
       break;
      }
     }
    }
   }
   if(!bSpec)
   {
    if(strstr(szWindowText, "iexplore.exe")==NULL)
    {
     WriteLog("WM_CLOSE关闭其它程序");
     SendMessage(g_hParent, WM_USER+110, 2, 0);
    }
    /*if(strstr(szWindowText, "iexplore.exe"))
    {
     bool bFind = false;
     CWPSTRUCT *pCwp = NULL;
     pCwp = (CWPSTRUCT *)lParam;
     HWND hwnd = pCwp->hwnd;
     if(hwnd)
     {
    bool   bfind=false;
    HWND   hSub=::FindWindowEx(hwnd,0,("WorkerW"),0);//查找子窗口
    if(hSub)
    {
     WriteLog("关闭IE框架类型的窗口");
    }
    while(hSub   &&   !bfind)
    {

     HWND   hss=::FindWindowEx(hSub,0,("ReBarWindow32"),0);
     while(hss   &&   !bfind)
     {
     //找到包含地址栏的窗口,取地址
     HWND   hs3=::FindWindowEx(hss,0,"ComboBoxEx32",0);

     if(hs3)
     {
      bfind=true;
      break;
     }
     }
     hSub=::FindWindowEx(hwnd,hSub,("RebarWindow32"),0);
    }
    if(bfind)
    {
     WriteLog("关闭IE");
     long id = GetCurrentProcessId();
     SendMessage(g_hParent, WM_USER+110, (WPARAM)1, id);
     //strcpy(procName, szWindowText);
    }
    else
    {
     if(EnumChildProc(hwnd, 0))
      SendMessage(g_hParent, WM_USER+110, 0, 0);
    }
     }
     else
     {
      WriteLog("WM_CLOSE关闭IE的HWND为NULL");
     }
     //if(bFind)
     if(1)
     {
      WriteLog("WM_CLOSE关闭IE");
      long id = GetCurrentProcessId();
      SendMessage(g_hParent, WM_USER+110, 1, id);
     }
     else
     {
      WriteLog("WM_CLOSE关闭IE中的POP窗口");
      SendMessage(g_hParent, WM_USER+110, 3, 0);
     }
    }
    else
    {
     WriteLog("WM_CLOSE关闭其它程序");
     SendMessage(g_hParent, WM_USER+110, 2, 0);
    }*/
   }

}

return CallNextHookEx(g_hProc, nCode, wParam, lParam);
}
LRESULT CALLBACK KeyboardProc(int nCode, WPARAM wParam, LPARAM lParam)
{
static int lastMiniOther = 0;
static int closeMsg = 0;
static int last = 0;
static int lastCode = -1;
static unsigned long lastActiveProcID = 0;
if(nCode==HCBT_ACTIVATE || (nCode==HCBT_MINMAX && lParam == SW_RESTORE))
{
  if(nCode==HCBT_ACTIVATE && last==SW_MINIMIZE)
   return CallNextHookEx(g_hKey, nCode, wParam, lParam);

  char processName[MAX_PATH] = {0};
  GetModuleFileName(NULL, processName, MAX_PATH);
  char* szWindowText = _strlwr( _strdup( processName ) );
  char buff[128] = {0};
  sprintf(buff, "程序收到HCBT_ACTIVATE %d-%d", nCode, lParam);
  WriteLog(buff);

  if(strstr(szWindowText, "dwwin.exe"))
  {
   //重新装钩子
   ::PostMessage(g_hParent, WM_USER+115, 0, 1);
  }
  //判断是否特殊程序
  if(strcmp(curSepcExe, "")==0)
  {
     for(int i=0; i<nSpecExe; i++)
     {
      char* name = _strlwr( _strdup( specExe[i] ) );
      if(name && strstr(szWindowText, name))
      {
       //保存到缓冲区
       strcpy(curSepcExe, name);
       //发送特殊程序开始指令
       SendMessage(g_hParent, WM_USER+112, 0, 1);
       return CallNextHookEx(g_hKey, nCode, wParam, lParam);
      }
     }
  }

  bool bOther = false;
  for(int i=0; i<nProcess; i++)
  {
   char* name = _strlwr( _strdup( process[i] ) );
   if(name && strstr(szWindowText, name))
   {
    WriteLog("属于要拷贝的程序");
    bOther = true;
    break;
   }
  }
  if(!bOther)
  {
   if(strstr(szWindowText, "iexplore.exe"))
   {
    //处理特殊的消息框，如果是则将此IE从要拷贝的队列中除去
    HWND hwnd = (HWND)wParam;
    char lpbuf[256]={0};
    GetClassName(hwnd,lpbuf,256);
    if(strstr(lpbuf, "#32770"))
    {
     //char title[256]={0};
     //GetWindowText(hwnd, title, 250);
     //WriteLog(title);
     //WriteLog("IE中弹出了窗口");
     HWND   hwndChild   =   GetWindow(hwnd,GW_CHILD|GW_HWNDFIRST);
     while(hwndChild   !=   NULL)
     {
      char text[256] = {0};
      GetWindowText(hwndChild, text, 250);
      WriteLog(text);
      if(strstr(text, "请重新登录以恢复对话"))
      //if(strstr(text, keyArr[i]))
      {
       WriteLog("IE中弹出了窗口，结束拷贝进程");
       long id = GetCurrentProcessId();
       SendMessage(g_hParent, WM_USER+105, 1, id);
       break;
      }
      /*char keyArr[10][50];
      int keySize = 0;
      GetWindowsDirectory(syspath,MAX_PATH);
      strcat(syspath, "//");
      char* p = LoadSettingStr("spec_msg", "", syspath);
      //char *p = new char [strlen(spiltString)+1];
      //strcpy(p, spiltString);
      char seps[4];
      strcpy(seps, ",");
      char *token;
      token = strtok( p, seps );
      while( token != NULL && keySize<10)
      {
       keySize++;
       strcpy(keyArr[keySize-1], token);
       token = strtok( NULL, seps );
      }
      delete p;
      p = NULL;
      if(strlen(text)>0)
      {
       //if(strstr(text, "打开"))
       //for(int i=0; i<keySize; i++)
       {
        //WriteLog(keyArr[i]);
        if(strstr(text, "请重新登录以恢复对话"))
        //if(strstr(text, keyArr[i]))
        {
         WriteLog("IE中弹出了窗口，结束拷贝进程");
         long id = GetCurrentProcessId();
         SendMessage(g_hParent, WM_USER+105, 1, id);
         break;
        }
       }
      }*/
      hwndChild   =   GetWindow(hwndChild,GW_HWNDNEXT);
     }
     //EnumChildWindows(hwnd, EnumChildProc, 0);
     /*if(EnumChildProc(hwnd, 0))
     {
      WriteLog("IE中弹出了窗口，结束拷贝进程");
      long id = GetCurrentProcessId();
      SendMessage(g_hParent, WM_USER+110, 3, id);
     }*/
    }
    else
    {
     long id = GetCurrentProcessId();
     char buff[256]={0};
     sprintf(buff, "HOOK_ID %d ", id);
     WriteLog(buff);
     SendMessage(g_hParent, WM_USER+111, 0, id);
    }
   }
   else
   {
    HWND hwnd = (HWND)wParam;
    WriteLog("向主程序发送HCBT_ACTIVATE：");
    SendMessage(g_hParent, WM_USER+114, 0, 1);
   }
  }
  else
  {
   if(closeMsg==1 && lastMiniOther==1)
   {
    closeMsg = 0;
    return CallNextHookEx(g_hKey, nCode, wParam, lParam);
   }
   if(strstr(szWindowText, "explorer.exe"))
   {
    WriteLog("HHHHH发生异常--------------------");
    //重新装钩子
    ::PostMessage(g_hParent, WM_USER+115, 0, 1);
   }

   //先拷贝此窗口
   SendMessage(g_hParent, WM_USER+111, 0, 1);
   //判断是否为程序关闭的提示窗口，如果是则结束拷贝
   HWND hwnd = (HWND)wParam;
   char lpbuf[256]={0};
   GetClassName(hwnd,lpbuf,250);
   WriteLog(lpbuf);
   bool bEnd = false;
   if(strstr(lpbuf, "#32770") || strstr(lpbuf, "Tsyscheckform") || strstr(lpbuf, "Texitgraspform"))
   {
    WriteLog("应用程序中弹出了窗口");
    //先判断窗口标题
    char title[256] = {0};
    GetWindowText(hwnd, title, 250);
    WriteLog(title);
    for(int i=0; i<nSpecMsg; i++)
    {
     WriteLog(specMsg[i]);
     if(strstr(title, specMsg[i]))
     {
      WriteLog("应用程序中弹出了窗口，结束拷贝进程");
      long id = GetCurrentProcessId();
      SendMessage(g_hParent, WM_USER+110, 3, 0);
      closeMsg = 1;
      bEnd = true;
      break;
     }
    }
   }
   if(!bEnd)
    closeMsg = 0;
  }

}
else if(nCode==HCBT_MINMAX)
{
  if(lParam == SW_MINIMIZE)
  {
   WriteLog("程序收到SW_MINIMIZE：");
   SendMessage(g_hParent, WM_USER+110, 0, 1);
  }
  else
  {
   char buff[128] = {0};
   sprintf(buff, "程序收到HCBT_MINMAX其它消息%d-%d", nCode, lParam);
   WriteLog(buff);
  }
  strcpy(procName, "");
}
else if(nCode==HCBT_DESTROYWND)
{
  /*char processName[MAX_PATH] = {0};
  GetModuleFileName(NULL, processName, MAX_PATH);
  char* szWindowText = _strlwr( _strdup( processName ) );

  HWND hwnd = (HWND)wParam;
  char buff[256]={0};
  GetWindowText(hwnd,buff, 250);
  if(strstr(buff, "管家婆"))
  {
      WriteLog("关闭管家婆");
   long a = 1;
      SendMessage(g_hParent, WM_USER+110, (WPARAM)2, 1);
   strcpy(procName, szWindowText);
  }
  //if(strstr(szWindowText, "iexplore.exe"))
  else if(strstr(buff, "Microsoft Internet Explorer"))
  {
   bool   bfind=false;
   HWND   hSub=::FindWindowEx(hwnd,0,("WorkerW"),0);//查找子窗口
   while(hSub   &&   !bfind)
   {
       HWND   hss=::FindWindowEx(hSub,0,("ReBarWindow32"),0);
       while(hss   &&   !bfind)
    {
    //找到包含地址栏的窗口,取地址
    HWND   hs3=::FindWindowEx(hss,0,"ComboBoxEx32",0);

    if(hs3)
    {
     bfind=true;
     break;
    }
    }
    hSub=::FindWindowEx(hwnd,hSub,("RebarWindow32"),0);
   }
   if(bfind)
   {
    WriteLog("关闭IE");
    long id = GetCurrentProcessId();
    SendMessage(g_hParent, WM_USER+110, (WPARAM)1, id);
    strcpy(procName, szWindowText);
   }
   else
   {
    SendMessage(g_hParent, WM_USER+110, 0, 0);
   }
  }*/
}

else
{
        lastMiniOther = 1;
  char processName[MAX_PATH] = {0};
  GetModuleFileName(NULL, processName, MAX_PATH);
  char* szWindowText = _strlwr( _strdup( processName ) );
  if(strcmp(procName, "")!=0 && strcmp(procName, szWindowText)!=0)
  {
   if(strstr(szWindowText, "iexplore.exe"))
   {
    long id = GetCurrentProcessId();
    SendMessage(g_hParent, WM_USER+111, 0, id);
   }
   else
   {
    bool bOther = false;
    for(int i=0; i<nProcess; i++)
    {
     char* name = _strlwr( _strdup( process[i] ) );
     if(name && strstr(szWindowText, name))
     {
      bOther = true;
      break;
     }
    }
    if(bOther)
     SendMessage(g_hParent, WM_USER+110, (WPARAM)0, 0);
   }
  }
}
last = lParam;
lastCode = nCode;

return CallNextHookEx(g_hKey, nCode, wParam, lParam);
}

LRESULT CALLBACK ShellProc(int nCode, WPARAM wParam, LPARAM lParam)
{
if(nCode == HSHELL_WINDOWCREATED)
{
  HWND hwnd = (HWND)wParam;
  HWND parent = ::GetParent(hwnd);
  if(parent!=NULL)
   hwnd = parent;

  char buf[256] ;
  if( ! GetWindowText( hwnd, buf, 255 ) )
   buf[0] = 0 ;
  if( strlen( buf ) <= 0 ) {
   CallNextHookEx(g_hShell, nCode, wParam, lParam);
  }

  if( ! ::IsWindowVisible( hwnd ) ) {
   CallNextHookEx(g_hShell, nCode, wParam, lParam);
  }

  if( ::IsIconic( hwnd ) ) {
   ::ShowWindow(hwnd, SW_RESTORE);
  }
  ::SetForegroundWindow( hwnd ) ;
  ::SetActiveWindow( hwnd ) ;
  ::SetFocus( hwnd ) ;
  strcat(buf, "-----切换的程序标题");
  WriteLog(buf);
  //SetWindowText(hwnd, "我的测试");
}

return CallNextHookEx(g_hShell, nCode, wParam, lParam);
}

LRESULT CALLBACK MouseProc(int nCode, WPARAM wParam, LPARAM lParam)
{
return 1;
FILE *pf;
    if (nCode == HC_ACTION)
    {
  return 0;
        FILE *pf;
        RECT rc;
        TCHAR buff[512];
  DWORD id1, id2;

        MOUSEHOOKSTRUCT *pMouseHookParam = reinterpret_cast<MOUSEHOOKSTRUCT*>(lParam);
        //HWND m_topmostWnd = ::GetForegroundWindow();
  HWND m_topmostWnd = ::GetForegroundWindow();

  HWND tmp = NULL;
        switch(wParam) {               //鼠标消息
        case WM_LBUTTONDOWN:      //用WM_LBUTTONDOWN也行，但不能看到单击效果，感觉怪怪的。

break;

        default:
            break;
        }
    }
    return (CallNextHookEx(g_Mouse, nCode, wParam, lParam));
}

BOOL WINAPI SetHook(HWND hParent)
{
g_hParent = hParent;
//安装钩子
    BOOL bRet = FALSE;
//g_Mouse = SetWindowsHookEx(WH_MOUSE, MouseProc, g_hInstDLL, 0);
    g_hProc = SetWindowsHookEx(WH_CALLWNDPROC, CallWndProc, g_hInstDLL, 0);
//g_hShell = SetWindowsHookEx(WH_SHELL, ShellProc, g_hInstDLL, 0);
    g_hKey = SetWindowsHookEx(WH_CBT, KeyboardProc, g_hInstDLL, 0);

    bRet = (g_hProc != NULL) && (g_hKey != NULL);

nProcess = 0;
nSpecExe = 0;
nSpecMsg = 0;
GetWindowsDirectory(syspath,MAX_PATH);
strcat(syspath, "//");
strcat(syspath, BSC_FILE);
char* str = LoadSettingStr("exe", "", syspath);
Spilt(str, ",", 0);
str = LoadSettingStr("spec_exe", "", syspath);
Spilt(str, ",", 1);
str = LoadSettingStr("spec_msg", "", syspath);
Spilt(str, ",", 2);

return bRet;
}

BOOL WINAPI RemoveHook()
{
//卸载钩子
UnhookWindowsHookEx(g_hProc);
//UnhookWindowsHookEx(g_hShell);
UnhookWindowsHookEx(g_hKey);
//UnhookWindowsHookEx(g_Mouse);

//UnhookWindowsHookEx(g_hWnd);
return TRUE;
}

BOOL WINAPI ReturnDesktop(bool newVal)
{
if(newVal)
{
  g_Mouse = SetWindowsHookEx(WH_MOUSE, MouseProc, g_hInstDLL, 0);
  WriteLog("暂停鼠标HHHHH");
}
else
{
  UnhookWindowsHookEx(g_Mouse);
  g_Mouse = NULL;
  WriteLog("恢复鼠标HHHHH");
}
return true;
}

BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
if (fdwReason == DLL_PROCESS_ATTACH)
g_hInstDLL = hinstDLL;
return TRUE;
}