1,486
社区成员
发帖
与我相关
我的任务
分享madCHook.dll 声明的转化 请高手都进来看,不是一般的问题!
以下是函数在c的声明
#include <windows.h>
#include "madCHook.h"
UINT (WINAPI *WinExecNextHook)(LPCSTR lpCmdLine, UINT uCmdShow);//这句是声明指针变量WinExecNextHook
UINT WINAPI WinExecHookProc(LPCSTR lpCmdLine, UINT uCmdShow)//定义一个新的函数代替回调函数就是代替WinExecNextHook保存的地址处的函数
{
if (MessageBox(0, lpCmdLine, "Execute?", MB_YESNO | MB_ICONQUESTION) == IDYES)
return WinExecNextHook(lpCmdLine, uCmdShow);//如果是调用原来的回调函数
else
return ERROR_ACCESS_DENIED;//否返回拒绝访问
}
int WINAPI WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
InitializeMadCHook();//初始化钩子
//用新的回调函数代替原来的,并保存系统原来函数地址
HookAPI("kernel32.dll", "WinExec", WinExecHookProc, (PVOID*) &WinExecNextHook);
WinExec("notepad.exe", SW_SHOWNORMAL);//运行记事本,将会调用新的函数WinExecHookProc
UnhookAPI((PVOID*) &WinExecNextHook);//该回原来的设置
FinalizeMadCHook();//钩子释放处理
return true;//返回系统应该是return 0比较好吧??
}
#include "madCHook.h"
把madCHook.h代码贴上来
头文件太大了,贴不出来,不过与HOOKAPI相关的我找出来贴到下面了:
madCHookApi(BOOL) HookAPI(
LPCSTR pszModule,
LPCSTR pszFuncName,
PVOID pCallbackFunc,
PVOID *pNextHook,
#ifdef __cplusplus
DWORD dwFlags = 0
#else
DWORD dwFlags
#endif
);
以上代码在vb中应该如何声明,和调用呢,请会的高人帮忙转化一下,要带个调用例子的,代码调试成功报酬可商议~~谢谢了startbin#126.com
#include <windows.h>
#include "madCHook.h"
UINT (WINAPI *WinExecNextHook)(LPCSTR lpCmdLine, UINT uCmdShow);//这句是声明指针变量WinExecNextHook
UINT WINAPI WinExecHookProc(LPCSTR lpCmdLine, UINT uCmdShow)//定义一个新的函数代替回调函数就是代替WinExecNextHook保存的地址处的函数
{
if (MessageBox(0, lpCmdLine, "Execute?", MB_YESNO | MB_ICONQUESTION) == IDYES)
return WinExecNextHook(lpCmdLine, uCmdShow);//如果是调用原来的回调函数
else
return ERROR_ACCESS_DENIED;//否返回拒绝访问
}
int WINAPI WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
InitializeMadCHook();//初始化钩子
//用新的回调函数代替原来的,并保存系统原来函数地址
HookAPI("kernel32.dll", "WinExec", WinExecHookProc, (PVOID*) &WinExecNextHook);
WinExec("notepad.exe", SW_SHOWNORMAL);//运行记事本,将会调用新的函数WinExecHookProc
UnhookAPI((PVOID*) &WinExecNextHook);//该回原来的设置
FinalizeMadCHook();//钩子释放处理
return true;//返回系统应该是return 0比较好吧??
}
#include "madCHook.h"
把madCHook.h代码贴上来
头文件太大了,贴不出来,不过与HOOKAPI相关的我找出来贴到下面了:
madCHookApi(BOOL) HookAPI(
LPCSTR pszModule,
LPCSTR pszFuncName,
PVOID pCallbackFunc,
PVOID *pNextHook,
#ifdef __cplusplus
DWORD dwFlags = 0
#else
DWORD dwFlags
#endif
);
以上代码在vb中应该如何声明,和调用呢,请会的高人帮忙转化一下,要带个调用例子的,代码调试成功报酬可商议~~谢谢了startbin#126.com
...全文
请发表友善的回复…
发表回复
嗷嗷叫的老马 2007-06-08
- 打赏
- 举报
Declare Function WinExecNextHook Lib "madCHOOK.dll" (Byval lpCmdLine as string,byval uCmdShow as long) as long
Declare Function HookAPI Lib "madCHOOK.dll" (Byval pszModule as string, _
byval pszFuncName as string, _
byref pCallbackFunc as any, _
byref pNextHook as any, _
byval dwFlags as long) as boolean
好象应该是这样的吧
看你,是想做拦截API?
这里有一个VB6内嵌ASM实现的HOOK API类,是豆子写的:
http://www.m5home.com/bbs/dispbbs.asp?boardID=10&ID=1041&page=1
Declare Function HookAPI Lib "madCHOOK.dll" (Byval pszModule as string, _
byval pszFuncName as string, _
byref pCallbackFunc as any, _
byref pNextHook as any, _
byval dwFlags as long) as boolean
好象应该是这样的吧
看你,是想做拦截API?
这里有一个VB6内嵌ASM实现的HOOK API类,是豆子写的:
http://www.m5home.com/bbs/dispbbs.asp?boardID=10&ID=1041&page=1
嗷嗷叫的老马 2007-06-08
- 打赏
- 举报
//2.获取/修改不了参数(致命问题)
怎么会?
那个类提供了参数获取与修改的功能,你仔细看一下代码.
我已经实现了对TerminateProcess的拦截,并在其参数里判断是否为本进程PID,实现防止被结束进程.....
看这里:
http://www.m5home.com/1/
当然,只是实现了HOOK进程管理器而已.
全局的没试过....
至于效率,这个就不清楚了.
我没有大量使用过此代码.....仅是作为学习的参考.
怎么会?
那个类提供了参数获取与修改的功能,你仔细看一下代码.
我已经实现了对TerminateProcess的拦截,并在其参数里判断是否为本进程PID,实现防止被结束进程.....
看这里:
http://www.m5home.com/1/
当然,只是实现了HOOK进程管理器而已.
全局的没试过....
至于效率,这个就不清楚了.
我没有大量使用过此代码.....仅是作为学习的参考.
startbin 2007-06-08
- 打赏
- 举报
接分~虽然我很穷,也是一点点心意
startbin 2007-06-08
- 打赏
- 举报
嗯~谢谢楼上的热心回答
我现在没办法只能用powerbasic做dll,让vb调用了
这样比较郁闷,多了个dll
我现在没办法只能用powerbasic做dll,让vb调用了
这样比较郁闷,多了个dll
VirtualDesktop 2007-06-08
- 打赏
- 举报
首先 WinExecNextHook 不是一个输出函数,只是一个指向原函数的指针
===================================
那就直接声明成long型变量,然后用 addressof 一个函数地址赋值给它
还有一个问题就是,这个东西即使翻译成vb好像也无法正常工作,我以前也做过,不知道是什么问题,最后我是用C++再包了一层再给vb调用的,很郁闷
======================================================
Public Declare Function GetCurrentSessionId Lib "madCHook.dll" () As Long
Public Declare Function AmUsingInputDesktop Lib "madCHook.dll" () As Long
'CreateIpcQueue( _
LPCSTR pIpc, _
PIPC_CALLBACK_ROUTINE pCallback _
);
Public Declare Function CreateIpcQueue Lib "madCHook.dll" (ByVal pIpc As String, ByVal pCallback As Long) As Long
'InjectLibraryA( _
DWORD dwProcessHandleOrSpecialFlags, _
LPCSTR pLibFileName, _
#ifdef __cplusplus _
DWORD dwTimeOut = 7000 _
#Else _
DWORD dwTimeOut _
#End If _
);
Public Declare Function InjectLibraryAnsi Lib "madCHook.dll" Alias "InjectLibraryA" _
(ByVal dwProcessHandleOrSpecialFlags As Long, _
ByVal pLibFileName As String, _
ByVal dwTimeOut As Long) As Long
Public Declare Function InjectLibraryUnicode Lib "madCHook.dll" Alias "InjectLibraryW" _
(ByVal dwProcessHandleOrSpecialFlags As Long, _
ByVal pLibFileName As String, _
ByVal dwTimeOut As Long) As Long
Public Declare Function UnInjectLibraryAnsi Lib "madCHook.dll" Alias "UninjectLibraryA" _
(ByVal dwProcessHandleOrSpecialFlags As Long, _
ByVal pLibFileName As String, _
ByVal dwTimeOut As Long) As Long
Public Declare Function UnInjectLibraryUnicode Lib "madCHook.dll" Alias "UninjectLibraryW" _
(ByVal dwProcessHandleOrSpecialFlags As Long, _
ByVal pLibFileName As String, _
ByVal dwTimeOut As Long) As Long
'madCHookApi(BOOL) SendIpcMessage( _
LPCSTR pIpc, _
PVOID pMessageBuf, _
DWORD dwMessageLen, _
#ifdef __cplusplus _
PVOID pAnswerBuf = NULL, _
DWORD dwAnswerLen = 0, _
DWORD dwAnswerTimeOut = INFINITE, _
BOOL bHandleMessage = True _
#Else _
PVOID pAnswerBuf, _
DWORD dwAnswerLen, _
DWORD dwAnswerTimeOut, _
BOOL bHandleMessage _
#End If _
);
Public Declare Function SendIpcMessage Lib "madCHook.dll" ( _
ByVal pIpc As String, _
ByRef pMessageBuf As TDllInjectRequest, _
ByVal dwMessageLen As Long, _
ByVal pAnswerBuf As Long, _
ByVal dwAnswerLen As Long, _
ByVal dwAnswerTimeOut As Long, _
ByVal bHandleMessage As Long) As Long
'madCHookApi(BOOL) HookAPI( _
LPCSTR pszModule, _
LPCSTR pszFuncName, _
PVOID pCallbackFunc, _
PVOID *pNextHook, _
#ifdef __cplusplus _
DWORD dwFlags = 0 _
#Else _
DWORD dwFlags _
#End If _
);
Public Declare Function HookAPI Lib "madCHook.dll" ( _
ByVal pszModule As String, _
ByVal pszFuncName As String, _
ByVal pCallbackFunc As Long, _
ByVal pNexthook As Long, _
ByVal dwFlags As Long) As Long
'madCHookApi(BOOL) UnhookAPI ( PVOID *pNextHook );
Public Declare Function UnhookAPI Lib "madCHook.dll" (ByVal pNexthook As Long) As Long
'madCHookApi(VOID) AutoUnhook (HINSTANCE hinstDLL);
Public Declare Sub AutoUnhook Lib "madCHook.dll" (ByVal hinstDLL As Long)
Public Declare Sub SetLastError Lib "kernel32" (ByVal dwErrCode As Long)
Public Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)
'typedef struct
'// this is the information record which we send to our injection service
'TDllInjectRequest { _
BOOL bInject; _
DWORD dwTimeOut; _
DWORD dwSession; _
} *PDllInjectRequest;
Public Type TDllInjectRequest
bInject As Long
dwTimeOut As Long
dwSession As Long
End Type
'typedef struct _
// this is the information record which our dll sends us _
TTerminationRequest { _
BYTE bSystem; _
CHAR szProcess1 [MAX_PATH + 1]; _
CHAR szProcess2 [MAX_PATH + 1]; _
} *PTerminationRequest;
Public Type TTerminationRequest
bSystem As Byte
szProcess1 As String * 261
szProcess2 As String * 261
End Type
Public Const CURRENT_SESSION As Long = &HFFFFFFEC
Public Const SYSTEM_PROCESSES As Long = &H10
Public Const INFINITE As Long = &HFFFFFFFF
Public Const ERROR_ACCESS_DENIED As Long = 5
===================================
那就直接声明成long型变量,然后用 addressof 一个函数地址赋值给它
还有一个问题就是,这个东西即使翻译成vb好像也无法正常工作,我以前也做过,不知道是什么问题,最后我是用C++再包了一层再给vb调用的,很郁闷
======================================================
Public Declare Function GetCurrentSessionId Lib "madCHook.dll" () As Long
Public Declare Function AmUsingInputDesktop Lib "madCHook.dll" () As Long
'CreateIpcQueue( _
LPCSTR pIpc, _
PIPC_CALLBACK_ROUTINE pCallback _
);
Public Declare Function CreateIpcQueue Lib "madCHook.dll" (ByVal pIpc As String, ByVal pCallback As Long) As Long
'InjectLibraryA( _
DWORD dwProcessHandleOrSpecialFlags, _
LPCSTR pLibFileName, _
#ifdef __cplusplus _
DWORD dwTimeOut = 7000 _
#Else _
DWORD dwTimeOut _
#End If _
);
Public Declare Function InjectLibraryAnsi Lib "madCHook.dll" Alias "InjectLibraryA" _
(ByVal dwProcessHandleOrSpecialFlags As Long, _
ByVal pLibFileName As String, _
ByVal dwTimeOut As Long) As Long
Public Declare Function InjectLibraryUnicode Lib "madCHook.dll" Alias "InjectLibraryW" _
(ByVal dwProcessHandleOrSpecialFlags As Long, _
ByVal pLibFileName As String, _
ByVal dwTimeOut As Long) As Long
Public Declare Function UnInjectLibraryAnsi Lib "madCHook.dll" Alias "UninjectLibraryA" _
(ByVal dwProcessHandleOrSpecialFlags As Long, _
ByVal pLibFileName As String, _
ByVal dwTimeOut As Long) As Long
Public Declare Function UnInjectLibraryUnicode Lib "madCHook.dll" Alias "UninjectLibraryW" _
(ByVal dwProcessHandleOrSpecialFlags As Long, _
ByVal pLibFileName As String, _
ByVal dwTimeOut As Long) As Long
'madCHookApi(BOOL) SendIpcMessage( _
LPCSTR pIpc, _
PVOID pMessageBuf, _
DWORD dwMessageLen, _
#ifdef __cplusplus _
PVOID pAnswerBuf = NULL, _
DWORD dwAnswerLen = 0, _
DWORD dwAnswerTimeOut = INFINITE, _
BOOL bHandleMessage = True _
#Else _
PVOID pAnswerBuf, _
DWORD dwAnswerLen, _
DWORD dwAnswerTimeOut, _
BOOL bHandleMessage _
#End If _
);
Public Declare Function SendIpcMessage Lib "madCHook.dll" ( _
ByVal pIpc As String, _
ByRef pMessageBuf As TDllInjectRequest, _
ByVal dwMessageLen As Long, _
ByVal pAnswerBuf As Long, _
ByVal dwAnswerLen As Long, _
ByVal dwAnswerTimeOut As Long, _
ByVal bHandleMessage As Long) As Long
'madCHookApi(BOOL) HookAPI( _
LPCSTR pszModule, _
LPCSTR pszFuncName, _
PVOID pCallbackFunc, _
PVOID *pNextHook, _
#ifdef __cplusplus _
DWORD dwFlags = 0 _
#Else _
DWORD dwFlags _
#End If _
);
Public Declare Function HookAPI Lib "madCHook.dll" ( _
ByVal pszModule As String, _
ByVal pszFuncName As String, _
ByVal pCallbackFunc As Long, _
ByVal pNexthook As Long, _
ByVal dwFlags As Long) As Long
'madCHookApi(BOOL) UnhookAPI ( PVOID *pNextHook );
Public Declare Function UnhookAPI Lib "madCHook.dll" (ByVal pNexthook As Long) As Long
'madCHookApi(VOID) AutoUnhook (HINSTANCE hinstDLL);
Public Declare Sub AutoUnhook Lib "madCHook.dll" (ByVal hinstDLL As Long)
Public Declare Sub SetLastError Lib "kernel32" (ByVal dwErrCode As Long)
Public Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)
'typedef struct
'// this is the information record which we send to our injection service
'TDllInjectRequest { _
BOOL bInject; _
DWORD dwTimeOut; _
DWORD dwSession; _
} *PDllInjectRequest;
Public Type TDllInjectRequest
bInject As Long
dwTimeOut As Long
dwSession As Long
End Type
'typedef struct _
// this is the information record which our dll sends us _
TTerminationRequest { _
BYTE bSystem; _
CHAR szProcess1 [MAX_PATH + 1]; _
CHAR szProcess2 [MAX_PATH + 1]; _
} *PTerminationRequest;
Public Type TTerminationRequest
bSystem As Byte
szProcess1 As String * 261
szProcess2 As String * 261
End Type
Public Const CURRENT_SESSION As Long = &HFFFFFFEC
Public Const SYSTEM_PROCESSES As Long = &H10
Public Const INFINITE As Long = &HFFFFFFFF
Public Const ERROR_ACCESS_DENIED As Long = 5
startbin 2007-06-08
- 打赏
- 举报
谢谢马兄的回复,可惜不对
首先 WinExecNextHook 不是一个输出函数,只是一个指向原函数的指针
还有你那个例子早就有了,缺点太多
1.效率太差
2.获取/修改不了参数(致命问题)
首先 WinExecNextHook 不是一个输出函数,只是一个指向原函数的指针
还有你那个例子早就有了,缺点太多
1.效率太差
2.获取/修改不了参数(致命问题)
startbin 2007-06-07
- 打赏
- 举报
你这也叫翻译,随便贴点东西,郁闷啊,csdn的高手们都隐身了吗
ldq 2007-06-07
- 打赏
- 举报
Declare Function SetWindowsHookEx Lib "user32" Alias "SetWindowsHookExA" _
(ByVal idHook As Long, _
ByVal lpfn As Long, _
ByVal hmod As Long, _
ByVal dwThreadId As Long) As Long
Declare Function CallNextHookEx Lib "user32" Alias "CallNextHookEx" _
(ByVal hHook As Long, _
ByVal ncode As Long, _
ByVal wParam As Long, _
lParam As Any) As Long
Declare Function UnhookWindowsHookEx Lib "user32" Alias "UnhookWindowsHookEx" _
(ByVal hHook As Long) As Long
具体用法到http://www.xuevb.net/modules/news/article.php?storyid=334
给分,, 哈哈!!
(ByVal idHook As Long, _
ByVal lpfn As Long, _
ByVal hmod As Long, _
ByVal dwThreadId As Long) As Long
Declare Function CallNextHookEx Lib "user32" Alias "CallNextHookEx" _
(ByVal hHook As Long, _
ByVal ncode As Long, _
ByVal wParam As Long, _
lParam As Any) As Long
Declare Function UnhookWindowsHookEx Lib "user32" Alias "UnhookWindowsHookEx" _
(ByVal hHook As Long) As Long
具体用法到http://www.xuevb.net/modules/news/article.php?storyid=334
给分,, 哈哈!!
startbin 2007-06-07
- 打赏
- 举报
顶一下,不是吧真 的没高手知道~~~人气真的很.......
