DLL
因为Windows系统每个进程空间是独立的,因此,我们需要通过动态链接库DLL的方法把我们的钩子注入到系统进程中.
头文件
#pragma once
bool SetGlobalHook();
bool UnSetGlobalHook();源文件:
#include "stdafx.h"
extern HMODULE g_hDllMoudle;
//定义一个可读 可写 可共享的数据区段,将该数据区段注入到其他进程中
#pragma data_reg("mydata)
//定义一个全局钩子
HHOOK g_GlobalHook;
#pragma data_reg()
#pragma comment(linker,"/SECTION:mydata,RWS")
//设置回调函数,该回调函数的返回类型 值和参数是固定的
LRESULT CALLBACK GetMsgProc(int nCode,WPARAM wParam,LPARAM lParam){
return CallNextHookEx(g_GlobalHook, nCode, wParam, lParam);
}
//设置全局钩子
bool SetGlobalHook(){
g_GlobalHook = SetWindowsHookEx(WH_GETMESSAGE, GetMsgProc, g_hDllMoudle, 0);
if (g_GlobalHook == NULL){
return false;
}
return true;
}
//卸载全局钩子
bool UnSetGlobalHook(){
if (g_GlobalHook){
UnhookWindowsHookEx(g_GlobalHook);
}
return true;
}
// dllmain.cpp : 定义 DLL 应用程序的入口点。
#include "stdafx.h"
#include <Windows.h>
HMODULE g_hDllMoudle = NULL;
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
{
g_hDllMoudle = hModule;
break;
}
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
LIBRARY
EXPORTS
SetGlobalHook
UnSetGlobalHookEXE项目
// 3.1全局钩子注入.cpp : 定义控制台应用程序的入口点。
//
#include "stdafx.h"
#include <Windows.h>
#include <iostream>
int _tmain(int argc, _TCHAR* argv[])
{
typedef bool(*typedef_SetGlobalHook)();
typedef bool(*typedef_UnSetGlobalHook)();
typedef_SetGlobalHook SetGlobalHook = NULL;
typedef_UnSetGlobalHook UnSetGlobalHook = NULL;
HMODULE hDll;
bool isSucc;
do
{
hDll = LoadLibrary(L"3.1全局钩子注入DLL.dll");
if (hDll == 0){
std::cout << "LoadLibrary Error" << std::endl;
return 0;
}
SetGlobalHook = (typedef_SetGlobalHook)GetProcAddress(hDll, "SetGlobalHook");
if (SetGlobalHook == NULL){
std::cout << "GetProcAddress Error" << GetLastError()<<std::endl;
return 0;
}
isSucc = SetGlobalHook();
if (isSucc){
std::cout << "SetGlobalHook Success" << std::endl;
}
else{
std::cout << "SetGlobalHook Error" << std::endl;
}
system("pause");
UnSetGlobalHook = (typedef_UnSetGlobalHook)GetProcAddress(hDll, "UnSetGlobalHook");
if (UnSetGlobalHook == NULL){
std::cout << "UnSetGlobalHook Error" << std::endl;
return 0;
}
UnSetGlobalHook();
std::cout << "UnSetGlobalHook Success" << std::endl;
system("pause");
} while (FALSE);
return 0;
}
实现效果
全局钩子注入前:
全局钩子注入后:
全局钩子卸载后:
原文始发于微信公众号(loochSec):注入之全局钩子注入
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论