如何拦截一个指定程序的所有消息?

ruanjunhe 2008-01-29 08:29:30
如何用DELPHI编定程拦截一个指定程序的所有消息?
或者有没有这样现成的拦截软件啊?
...全文
287 11 打赏 收藏 转发到动态 举报
写回复
用AI写文章
11 条回复
切换为时间正序
请发表友善的回复…
发表回复
resonic 2008-03-01
  • 打赏
  • 举报
回复
要现成的?
winsight就行
无条件为你 2008-03-01
  • 打赏
  • 举报
回复
你给50分,马上给你写出代码。非常简单。
20分太没有诚意。
wensoft80 2008-02-29
  • 打赏
  • 举报
回复
从木马程序看网络安全,交流学习木马程序,我的QQ:958659964
zhaoyu_me 2008-02-16
  • 打赏
  • 举报
回复
我还有一种想法,但是没有去实践过,就是先将自身注入到目标进程,然后SetWindowlong,修改目标的WndProc到我们的新WndProc,这样就可以搞定目标的全部消息了
lake_cx 2008-02-02
  • 打赏
  • 举报
回复
查MSDN中的SetHookEx楼主会有收获的。
这是dll
library Project2;

{ Important note about DLL memory management: ShareMem must be the
first unit in your library's USES clause AND your project's (select
Project-View Source) USES clause if your DLL exports any procedures or
functions that pass strings as parameters or function results. This
applies to all strings passed to and from your DLL--even those that
are nested in records and classes. ShareMem is the interface unit to
the BORLNDMM.DLL shared memory manager, which must be deployed along
with your DLL. To avoid using BORLNDMM.DLL, pass string information
using PChar or ShortString parameters. }

uses
Windows, Messages;

var
hHook: Cardinal = 0;
hFileMapping: Cardinal = 0;
hWnd: Cardinal = 0;

{$R *.res}
const
WM_MOUSEHOOK = WM_USER + 1;
MappingFileName = 'HookHandleFile';

function HookProc(code: Integer; wparam: WPARAM; lparam: LPARAM): LRESULT; stdcall;
var
P: ^Cardinal;
ptParam: Longint;
begin
if hWnd = 0 then
begin
hFileMapping := OpenFileMapping(FILE_MAP_READ, False, MappingFileName);
P := MapViewOfFile(hFileMapping, FILE_MAP_READ, 0, 0, 0);
hWnd := P^;
end;
if hWnd <> 0 then
begin
ptParam := PMouseHookStruct(lparam).pt.X + PMouseHookStruct(lparam).pt.Y * $10000;
SendMessage(hWnd, WM_MOUSEHOOK, wparam, ptParam);
end;
Result := CallNextHookEx(hHook, code, wparam, lparam);
end;

function SetHook: Boolean; stdcall;
begin
Result := False;
if hHook = 0 then
begin
//这个钩子类型,楼主看着办,可以试试WH_MSGFILTER
hHook := SetWindowsHookEx(WH_MOUSE, HookProc, HInstance, 0);
Result := hHook <> 0;
end;
end;

function UnHook: Boolean; stdcall;
begin
Result := UnhookWindowsHookEx(hHook);
end;

exports
SetHook,
UnHook;

begin
end.


这是exe
unit Unit1;

interface

uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, RzTray, ImgList, TB2Item, TBSkinPlus, Menus, Clipbrd, Unit2;

const
MappingFileName = 'HookHandleFile';
WM_MOUSEHOOK = WM_USER + 1;

type
TForm1 = class(TForm)
RzTrayIcon1: TRzTrayIcon;
TBPopupMenu1: TTBPopupMenu;
TBSkin1: TTBSkin;
TBItem1: TTBItem;
TBImageList1: TTBImageList;
procedure FormCreate(Sender: TObject);
procedure FormDestroy(Sender: TObject);
procedure TBItem1Click(Sender: TObject);
procedure FormShow(Sender: TObject);
private
FScreenCanvas: TCanvas;
FBitmap: TBitmap;
FClipboard: TClipboard;
FEnable: Boolean;
FHFileMapping: Cardinal;
FHotKeyID1: Integer;
FHotKeyID2: Integer;
FPtStart: TPoint;
FPtEnd: TPoint;
FMouseDown: Boolean;
procedure WMHotKey(var Msg: TMessage); message WM_HOTKEY;
procedure WMMouseHook(var Msg: TMessage); message WM_MOUSEHOOK;
procedure EraseBkGnd(var Msg: TMessage); message WM_ERASEBKGND;
procedure DrawRect(pStart, pEnd: TPoint);
procedure CopyBitmap(pStart, pEnd: TPoint);
procedure DrawCurrsor;
public
end;

var
Form1: TForm1;

implementation

{$R *.dfm}

function SetHook: Boolean; stdcall; external 'Project2.dll';

function UnHook: Boolean; stdcall; external 'Project2.dll';

procedure TForm1.FormCreate(Sender: TObject);
var
P: ^Cardinal;
begin
FMouseDown := False;
FEnable := False;
FBitmap := TBitmap.Create;
FClipboard := TClipboard.Create;
FScreenCanvas := TCanvas.Create;
FHotKeyID1 := GlobalAddAtom('F1');
FHotKeyID2 := GlobalAddAtom('F2');
if not RegisterHotKey(Handle, FHotKeyID1, MOD_CONTROL, VK_TAB) then
MessageBox(Handle, PChar('热键注册失败'), PChar('提示'), MB_OK);
if not RegisterHotKey(Handle, FHotKeyID2, MOD_CONTROL, Word('Q')) then
MessageBox(Handle, PChar('热键注册失败'), PChar('提示'), MB_OK);
FHFileMapping := CreateFileMapping(0, nil, PAGE_READWRITE, 0, SizeOf(Integer), MappingFileName);
P := MapViewOfFile(FHFileMapping, FILE_SHARE_WRITE, 0, 0, 0);
P^ := Handle;
if not SetHook then
MessageBox(Handle, PChar('安装钩子失败'), PChar('提示'), MB_OK);
end;

procedure TForm1.FormDestroy(Sender: TObject);
begin
GlobalDeleteAtom(FHotKeyID1);
GlobalDeleteAtom(FHotKeyID2);
CloseHandle(FHFileMapping);
UnHook;
FScreenCanvas.Free;
FClipboard.Free;
FBitmap.Free;
end;

procedure TForm1.FormShow(Sender: TObject);
begin
ShowWindow(Application.Handle, SW_HIDE);
end;

procedure TForm1.EraseBkGnd(var Msg: TMessage);
begin
;
end;

procedure TForm1.WMHotKey(var Msg: TMessage);
begin
case Msg.LParamHi of
VK_TAB:
begin
//DrawCurrsor;
FEnable := True;
Visible := True;
end;
Word('Q'): Close;
end;
end;

procedure TForm1.TBItem1Click(Sender: TObject);
begin
Close;
end;

procedure TForm1.WMMouseHook(var Msg: TMessage);
begin
if not FEnable then Exit;
case Msg.WParam of
WM_LBUTTONDOWN:
begin
FMouseDown := True;
FPtStart.X := Msg.LParamLo;
FPtStart.Y := Msg.LParamHi;
FPtEnd.X := Msg.LParamLo;
FPtEnd.Y := Msg.LParamHi;
end;
WM_LBUTTONUP:
begin
FMouseDown := False;
DrawRect(FPtStart, FPtEnd);
CopyBitmap(FPtStart, FPtEnd);
FEnable := False;
Visible := False;
end;
WM_MOUSEMOVE:
begin
if FMouseDown then
begin
if (FPtStart.X <> FPtEnd.X) and (FPtStart.Y <> FPtEnd.Y) then
DrawRect(FPtStart, FPtEnd);
FPtEnd.X := Msg.LParamLo;
FPtEnd.Y := Msg.LParamHi;
if (FPtStart.X <> FPtEnd.X) and (FPtStart.Y <> FPtEnd.Y) then
DrawRect(FPtStart, FPtEnd);
end;
end;
end;
end;

procedure TForm1.DrawRect(pStart, pEnd: TPoint);
var
ARect: TRect;
begin
if pStart.X < pEnd.X then
begin
ARect.Left := pStart.X;
ARect.Right := pEnd.X;
end else
begin
ARect.Left := pEnd.X;
ARect.Right := pStart.X;
end;
if pStart.Y < pEnd.Y then
begin
ARect.Top := pStart.Y;
ARect.Bottom := pEnd.Y;
end else
begin
ARect.Top := pEnd.Y;
ARect.Bottom := pStart.Y;
end;
FScreenCanvas.Handle := GetDC(0);
FScreenCanvas.DrawFocusRect(ARect);
ReleaseDC(0, FScreenCanvas.Handle);
end;

procedure TForm1.CopyBitmap(pStart, pEnd: TPoint);
var
ARect: TRect;
begin
if pStart.X < pEnd.X then
begin
ARect.Left := pStart.X;
ARect.Right := pEnd.X;
end else
begin
ARect.Left := pEnd.X;
ARect.Right := pStart.X;
end;
if pStart.Y < pEnd.Y then
begin
ARect.Top := pStart.Y;
ARect.Bottom := pEnd.Y;
end else
begin
ARect.Top := pEnd.Y;
ARect.Bottom := pStart.Y;
end;
FBitmap.FreeImage;
FBitmap.Width := ARect.Right - ARect.Left;
FBitmap.Height := ARect.Bottom - ARect.Top;
FScreenCanvas.Handle := GetDC(0);
FBitmap.Canvas.CopyRect(Rect(0, 0, FBitmap.Width, FBitmap.Height), FScreenCanvas, ARect);
ReleaseDC(0, FScreenCanvas.Handle);
FClipboard.Assign(FBitmap)
end;

procedure TForm1.DrawCurrsor;
var
pt: TPoint;
ico: TIcon;
begin
if not GetCursorPos(pt) then Exit;
Application.ProcessMessages;
ico := TIcon.Create;
ico.Handle:= GetCursor;
FScreenCanvas.Draw(pt.X, pt.Y, ico);
ico.Free;
end;

end.
左眼看成爱 2008-02-02
  • 打赏
  • 举报
回复
楼猪是说要拦截掉所有的消息,我没发觉有此功能,也许是我不知道吧,但据我看来,此话有些不现实,全部拦截不如直接TerminateProcess
左眼看成爱 2008-02-02
  • 打赏
  • 举报
回复
我天天用SPY++,那个是记录此句柄的消息的吧,
jadeluo 2008-02-01
  • 打赏
  • 举报
回复
“只能查看系统程序的标题,窗口句柄等玩意的”,这个还能算是Spy++?

在Spy++里,选择任何一下句柄,右击,选择[Messages]执行一下,试试再说。
左眼看成爱 2008-02-01
  • 打赏
  • 举报
回复
SPY++是查看系统程序的标题,窗口句柄等玩意的,不一定能拦截消息,自已写个全局消息钩子,
wxsan 2008-01-31
  • 打赏
  • 举报
回复
up
jadeluo 2008-01-29
  • 打赏
  • 举报
回复
Spy++

1,183

社区成员

发帖
与我相关
我的任务
社区描述
Delphi Windows SDK/API
社区管理员
  • Windows SDK/API社区
加入社区
  • 近7日
  • 近30日
  • 至今
社区公告
暂无公告

试试用AI创作助手写篇文章吧