钩子(HOOK)机制的使用
作者:e梦缘
SetwindowsHookEx函数提供15种不同的消息监视类型,也就是15中不同的钩子。
分别用于捕获某一特定类型或某一范围的消息(如:键盘消息,鼠标消息等)。
我们这里仅以鼠标钩子的使用为例,讨论在DELPHI下怎样编写DLL程序和怎样在自己的程序中安装使用鼠标钩子函数。
Windows提供API函数SetwindowsHookEx来建立一个Hook,
通过这个函数可以将一个程序添加到Hook链中监视Windows消息,函数语法为:
SetWindowsHookEx(idHook: Integer; lpfn: TFNHookProc; hmod: HINST; dwThreadId: DWORD)
其中:
参数idHook指定建立的监视函数类型。
参数lpfn指定消息函数,在相应的消息产生后,系统会调用该函数并将消息值传递给该函数供处理。函数的一般形式为:
Hookproc (code: Integer; wparam: WPARAM; lparam: LPARAM): LRESULT stdcall;
其中code为系统指示标记,wParam和lParam为附加参数,根据不同的消息监视类型而不同。只要在程序中建立这样一个函数再通过SetwindowsHookEx函数将它加入到消息监视链中就可以处理消息了。
由于钩子过滤函数必须在独立的模块中,也就是说我们必须首先生成一个DLL框架,然后再在其中加入钩子函数代码以及其他相关函数代码。
一、 钩子编写说明
1、先生成一个DLL框架
2、编写自己的钩子过滤函数
钩子过滤函数必须是回调函数,其函数的形式:
function KeyHookProc(
iCode:Integer;
wParam:WPARAM;
lParam:LPARAM ) : LRESULT; stdcall ;export ;
3、在生成的DLL框架中加入自己钩子的处理函数。
4、用SetWindowsHookEx函数(用法见上)安装HOOK
5、用UnHookWindowsHookEx卸载钩子
}
library mousehook;
uses
SysUtils,
Classes,Windows,messages,shellapi;
type
Tcallbackfun=procedure(info:pchar);
Tmousehook=record
isrun:boolean;
hook:hhook;
callbackfun:Tcallbackfun;
end;
var
mymousehook:Tmousehook;
{$R *.res}
function gethookinfo(code:integer;wp:WPARAM;lp:LPARAM):LResult;stdcall;
var
info:string;
begin
if code<0 then begin
result:= CallNextHookEx(mymousehook.hook,code,wp,lp);
exit;
end;
info:='';
Case wp of
WM_LBUTTONDOWN:begin
info:='WM_LBUTTONDOWN+';
end;
WM_LBUTTONUP:begin
info:='WM_LBUTTONUP+';
end;
WM_LBUTTONDBLCLK:begin
info:='WM_LBUTTONDBLCLK+';
end;
WM_RBUTTONDOWN:begin
info:='WM_RBUTTONDOWN+';
end;
WM_RBUTTONUP:begin
info:='WM_RBUTTONUP+';
end;
WM_RBUTTONDBLCLK:begin
info:='WM_RBUTTONDBLCLK+';
end;
WM_MBUTTONDOWN:begin
info:='WM_MBUTTONDOWN+';
end;
WM_MBUTTONUP:begin
info:='WM_MBUTTONUP+';
end;
WM_MBUTTONDBLCLK:begin
info:='WM_MBUTTONDBLCLK+';
end;
WM_NCMouseMove, WM_MOUSEMOVE:begin
info:='WM_MOUSEMOVE+';
end;
end;
info:=info+'pos('+inttostr(PMouseHookStruct(lp)^.pt.x)+','+inttostr(PMouseHookStruct(lp)^.pt.x)+')' ;
mymousehook.callbackfun(pchar(info));
result:= CallNextHookEx(mymousehook.hook,code,wp,lp);
end;
procedure installmousehook(callbackF:Tcallbackfun); stdcall;
begin
if not mymousehook.isrun then
begin
mymousehook.hook:=setwindowshookex(WH_MOUSE,@gethookinfo,HInstance,getcurrentthreadid());
mymousehook.callbackfun :=callbackf;
mymousehook.isrun:=not mymousehook.isrun;
end;
end;
procedure uninstallmousehook(); stdcall;
begin
if mymousehook.isrun then
begin
UnHookWindowsHookEx(mymousehook.hook);
mymousehook.callbackfun :=nil;
mymousehook.isrun:=not mymousehook.isrun;
end;
end;
Procedure DLLEntryPoint(dwReason:DWord);
begin
Case dwReason of
DLL_PROCESS_ATTACH:begin
mymousehook.isrun:=false;
end;
DLL_PROCESS_DETACH:;
DLL_THREAD_ATTACH:;
DLL_THREAD_DETACH:;
End;
end;
exports
installmousehook,
uninstallmousehook;
begin
DLLProc := @DLLEntryPoint;
DLLEntryPoint(DLL_PROCESS_ATTACH);
end.
{
二、钩子的使用
1、调用钩子的DLL
2、安装钩子
3、一定不要忘了卸装钩子
}
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
Tcallbackfun=procedure(info:pchar);
type
TForm1 = class(TForm)
memo: TMemo;
Button1: TButton;
procedure FormDestroy(Sender: TObject);
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
procedure installmousehook(callbackF:Tcallbackfun); stdcall;external 'mousehook.dll';
procedure uninstallmousehook(); stdcall;external 'mousehook.dll';
{$R *.dfm}
procedure addinfo(info:pchar);
begin
Tform1(application.MainForm ).memo.Lines.Add(info);
end;
//2、安装钩子
procedure TForm1.Button1Click(Sender: TObject);
begin
installmousehook(addinfo);
end;
//3、一定不要忘了卸装钩子
procedure TForm1.FormDestroy(Sender: TObject);
begin
uninstallmousehook();
end;
end.
风花雪月 e梦情缘
网络代号:wnhoo or sos_admin
网名:e梦缘
Mail:wnhoo@163.com
