Delphi中Hook技术全接触_Delphi程序_学习笔记★闵涛★计算机学习电脑编程软硬件技巧


	转至繁体中文版	\| 网站首页 \| 图文教程 \| 资源下载 \| 站长博客 \| 图片素材 \| 武汉seo \| 武汉网站优化 \|

Delphi中Hook技术全接触

作者：闵涛文章来源：闵涛的学习笔记点击数：1558 更新时间：2009/4/23 18:44:20

看到有的兄弟说Delphi下的Hook不好做,所以在下把每个Hook都在Delphi做了一下,觉得没啥问题,而且处理的方法较新颖,拿来让兄弟们探讨,关于hook问题,有不懂的问我就行,不过有的Hook我只做了个框架,没有具体实用作用,要做的兄弟自已完善就行了,呵呵,代码在下面,自已看啦..........
-------------------------------------------
我的联系方法:
oicq; 10772919
e-mail: njhhack@21cn.com
homepage: hotsky.363.net
--------------------------------------------

----------这是*.dll中的单元---------------
unit HookProc;

interface

uses windows,messages,sysutils;

const
HTName:array[1..13] of pchar=(
''''CALLWNDPROC'''',''''CALLWNDPROCRET'''',''''CBT'''',''''DEBUG'''',''''GETMESSAGE'''',''''JOURNALPLAYBACK'''',
''''JOURNALRECORD'''',''''KEYBOARD'''',''''MOUSE'''',''''MSGFILTER'''',''''SHELL'''',''''SYSMSGFILTER'''',''''FOREGROUNDIDLE''''
);

function CallWndProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
function CallWndRetProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
function CBTProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
function DebugProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
function GetMsgProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
function JournalPlaybackProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
function JournalRecordProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
function KeyboardProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
function MouseProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
function MessageProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
function ShellProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
function SysMsgProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
function ForegroundIdleProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;

implementation

procedure SaveInfo(k:integer;str:string);stdcall;
var
f:textfile;
WorkPath:string;
begin
WorkPath:=ExtractFilePath(ParamStr(0));
assignfile(f,WorkPath+''''Records.txt'''');
if fileexists(WorkPath+''''Records.txt'''')=false then rewrite(f)
else append(f);
//if strcomp(pchar(str),pchar(''''#13#10''''))=0 then writeln(f,'''''''')
//else write(f,str);
writeln(f,HTName[k]+''''----''''+str);
closefile(f);
end;

function CallWndProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
var
pcs:TCWPSTRUCT;
begin
pcs:=TCWPSTRUCT(PCWPSTRUCT(lParam)^);
if nCode>=0 then
begin
if pcs.message=wm_lbuttonup then
SaveInfo(1,format(''''hwnd=%x'''',[pcs.hwnd]));
end;
Result:=CallNextHookEx(0,nCode,wParam,lParam);
end;
//
function CallWndRetProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
begin
Result:=CallNextHookEx(0,nCode,wParam,lParam);
end;
//
function CBTProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
begin
Result:=CallNextHookEx(0,nCode,wParam,lParam);
end;
//
function DebugProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
begin
Result:=CallNextHookEx(0,nCode,wParam,lParam);
end;
//
function GetMsgProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
var
pcs:TMSG;
begin
pcs:=TMSG(PMSG(lParam)^);
if nCode>=0 then
begin
if pcs.message=wm_lbuttonup then
SaveInfo(5,format(''''hwnd=%x'''',[pcs.hwnd]));
end;
Result:=CallNextHookEx(0,nCode,wParam,lParam);
end;
//
function JournalPlaybackProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
begin
Result:=CallNextHookEx(0,nCode,wParam,lParam);
end;
//
function JournalRecordProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
begin
Result:=CallNextHookEx(0,nCode,wParam,lParam);
end;
//
function KeyboardProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
begin
Result:=CallNextHookEx(0,nCode,wParam,lParam);
end;
//
function MouseProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
begin
Result:=CallNextHookEx(0,nCode,wParam,lParam);
end;
//
function MessageProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
begin
Result:=CallNextHookEx(0,nCode,wParam,lParam);
end;
//
function ShellProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
begin
Result:=CallNextHookEx(0,nCode,wParam,lParam);
end;
//
function SysMsgProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
begin
Result:=CallNextHookEx(0,nCode,wParam,lParam);
end;
//
function ForegroundIdleProc(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
begin
Result:=CallNextHookEx(0,nCode,wParam,lParam);
end;

end.

--------这是*.dll主程序------------------
library DemoHook;

uses
windows,messages,sysutils,
HookProc in ''''HookProc.pas'''';

{$r *.res}

const

HookMemFileName=''''DllHookMemFile.DTA'''';
HTName:array[1..13] of pchar=(
''''CALLWNDPROC'''',''''CALLWNDPROCRET'''',''''CBT'''',''''DEBUG'''',''''GETMESSAGE'''',''''JOURNALPLAYBACK'''',
''''JOURNALRECORD'''',''''KEYBOARD'''',''''MOUSE'''',''''MSGFILTER'''',''''SHELL'''',''''SYSMSGFILTER'''',''''FOREGROUNDIDLE''''
);

type
THookProc = function(nCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
PShared=^TShared;
THook = record
HookHand:HHook;
HookType:integer;
HookProc:THookProc;
end;
TShared = record
Hook:array [0..16] of THook;
Father,Self:integer;
Count:integer;
hinst:integer;
end;
TWin = record
Msg:TMsg;
wClass:TWndClass;
hMain:integer;
end;
var
MemFile:THandle;
Shared:PShared;
Win:TWin;
wmhook:integer;

procedure SaveInfo(k:integer;str:string);stdcall;
var
f:textfile;
WorkPath:string;
begin
WorkPath:=ExtractFilePath(ParamStr(0));
assignfile(f,WorkPath+''''Records.txt'''');
if fileexists(WorkPath+''''Records.txt'''')=false then rewrite(f)
else append(f);
//if strcomp(pchar(str),pchar(''''#13#10''''))=0 then writeln(f,'''''''')
//else write(f,str);
writeln(f,HTName[k]+''''----''''+str);
closefile(f);
end;

procedure InitHookData;
var k:integer;
begin
with Shared^ do
begin
for k:=0 to 14 do Hook[k].HookHand:=0;
//
Hook[0].HookType:=WH_CALLWNDPROC;
Hook[0].HookProc:=@CallWndProc;
//
Hook[1].HookType:=WH_CALLWNDPROCRET;
Hook[1].HookProc:=@CallWndRetProc;
//
Hook[2].HookType:=WH_CBT;
Hook[2].HookProc:=@CBTProc;
//
Hook[3].HookType:=WH_DEBUG;
Hook[3].HookProc:=@DebugProc;
//
Hook[4].HookType:=WH_GETMESSAGE;
Hook[4].HookProc:=@GetMsgProc;
//
Hook[5].HookType:=WH_JOURNALPLAYBACK;
Hook[5].HookProc:=@JournalPlaybackProc;
//
Hook[6].HookType:=WH_JOURNALRECORD;
Hook[6].HookProc:=@JournalRecordProc;
//
Hook[7].HookType:=WH_KEYBOARD;
Hook[7].HookProc:=@KeyboardProc;
//
Hook[8].HookType:=WH_MOUSE;
Hook[8].HookProc:=@MouseProc;
//
Hook[9].HookType:=WH_MSGFILTER;
Hook[9].HookProc:=@MessageProc;
//
Hook[10].HookType:=WH_SHELL ;
Hook[10].HookProc:=@ShellProc;
//
Hook[11].HookType:=WH_SYSMSGFILTER;
Hook[11].HookProc:=@SysMsgProc;
//
Hook[12].HookType:=WH_FOREGROUNDIDLE;
Hook[12].HookProc:=@ForegroundIdleProc;

end;
end;

function SetHook(fSet:boolean;HookId:integer):bool;stdcall;
begin
with shared^ do
if fSet=true then
begin
if Hook[HookId].HookHand=0 then
begin
Hook[HookId].HookHand:=SetWindowsHookEx(Hook[HookId].HookType,Hook[HookId].HookProc,hinstance,0);
if Hook[HookId].HookHand<>0 then Result:=true
else Result:=false;
end else Result:=true;
end else
begin
if Hook[HookId].HookHand<>0 then
begin
if UnhookWindowsHookEx(Hook[HookId].HookHand)=true then
begin
Hook[HookId].HookHand:=0;
Result:=true;
end else Result:=false;
end else Re

[1] [2] 下一页

[VB.NET程序]VB.net中HOOK的应用（二） [VB.NET程序]VB.net中HOOK的应用（一）
[Delphi程序]浅谈API HOOK技术（二） [Delphi程序]浅谈API HOOK技术（一）

教程录入：mintao 责任编辑：mintao

上一篇教程： OICQ 远程木马的设计技术

下一篇教程： *****查看技术

【字体：小大】【发表评论】【加入收藏】【告诉好友】【打印此文】【关闭窗口】

注：本站部分文章源于互联网，版权归原作者所有！如有侵权，请原作者与本站联系，本站将立即删除！本站文章除特别注明外均可转载，但需注明出处！ [MinTao学以致用网]

　网友评论：（只显示最新10条。评论内容只代表网友观点，与本站立场无关！）

同类栏目

· C语言系列 · VB.NET程序
· JAVA开发 · Delphi程序
· 脚本语言

热门推荐

没有教程

赞助链接

闵涛博文

500 - 内部服务器错误。

您查找的资源存在问题，因而无法显示。

鄂公网安备 42011102001154号

站长：MinTao ICP备案号：鄂ICP备11006601号-18

闵涛站盟:医药大全-武穴网。A打造B、C、D……