标签:hook 钩子 mfc
(1)屏蔽本程序的鼠标信息和特定按键信息。设置后门按键F2可退出程序。
HHOOK g_hKeyBoard; HHOOK g_hMouse; LRESULT CALLBACK MouseProc( _In_ int nCode, _In_ WPARAM wParam, _In_ LPARAM lParam ) { return 1; //屏蔽鼠标消息 } LRESULT CALLBACK KeyboardProc( _In_ int code, _In_ WPARAM wParam, _In_ LPARAM lParam ) { if (wParam == VK_SPACE || wParam == VK_RETURN) return 1; //表示已处理案件信息 if (wParam == VK_F4 && (lParam >> 29 & 0x01)) //lParam >> 29 & 0x01 == 1:表示ALT键按下 return 1; if (wParam == VK_F2) { ::SendMessage(AfxGetApp()->m_pMainWnd->GetSafeHwnd(), WM_CLOSE, 0, 0); UnhookWindowsHookEx(g_hKeyBoard);//移除键盘钩子过程 UnhookWindowsHookEx(g_hMouse); //移除鼠标钩子过程 } return CallNextHookEx(g_hKeyBoard,code,wParam,lParam); } BOOL CHookDemoDlg::OnInitDialog() { // TODO: 在此添加额外的初始化代码 if (!(g_hMouse = SetWindowsHookEx(WH_MOUSE, MouseProc, NULL, GetCurrentThreadId()))) { int nErrorCode = GetLastError(); return FALSE; } if (!(g_hKeyBoard = SetWindowsHookEx(WH_KEYBOARD, KeyboardProc, NULL, GetCurrentThreadId()))) { int nErrorCode = GetLastError(); return FALSE; } return TRUE; // 除非将焦点设置到控件,否则返回 TRUE }
(2)屏蔽所有线程的鼠标消息和键盘消息。留下按键F2作为程序退出的后门。
方法:1.使用动态链接库创建全局钩子
//HOOK.cpp #include "stdafx.h" #include <Windows.h> HHOOK g_hMouse = nullptr; HHOOK g_hKeyBoard = nullptr; HWND g_hUseDLL; LRESULT CALLBACK MouseProc( _In_ int nCode, _In_ WPARAM wParam, _In_ LPARAM lParam ) { return 1; } LRESULT CALLBACK KeyboardProc( _In_ int code, _In_ WPARAM wParam, _In_ LPARAM lParam ) { if (wParam == VK_F2) { SendMessage(g_hUseDLL, WM_CLOSE, 0, 0); UnhookWindowsHookEx(g_hMouse); UnhookWindowsHookEx(g_hKeyBoard); } return 1; } void SetHook(HWND hUseDLL) //传入当前调用DLL的窗口句柄,方便设置后门关闭程序,否则程序屏蔽了鼠标和键盘消息,将无法被关闭。 { g_hUseDLL = hUseDLL; g_hMouse = SetWindowsHookEx(WH_MOUSE, MouseProc, GetModuleHandle(L"HOOK"), 0); g_hKeyBoard = SetWindowsHookEx(WH_KEYBOARD, KeyboardProc, GetModuleHandle(L"HOOK"), 0); } //HOOK.def ; HOOK.def : 声明 DLL 的模块参数。 LIBRARY Hook ;指定动态链接库的内部名称 EXPORTS ; 此处可以是显式导出 SetHook @2 ;导出函数,并指定其序号为2
2.创建一个mfc工程用以加载全局钩子动态链接库
_declspec(dllimport) void SetHook(HWND hUseDLL); //函数声明,表明函数SetHook()是从DLL的.lib文件中导出的 BOOL CUseHookDllDlg::OnInitDialog() { SetHook(this->GetSafeHwnd()); return TRUE; // 除非将焦点设置到控件,否则返回 TRUE }
本文出自 “whatever957” 博客,请务必保留此出处http://whatever957.blog.51cto.com/6835003/1592914
标签:hook 钩子 mfc
原文地址:http://whatever957.blog.51cto.com/6835003/1592914