2,641
社区成员
发帖
与我相关
我的任务
分享
// Hooklib.cpp : 定义 DLL 应用程序的导出函数。
//
#include "cmnhdr.h"
#define CLIPBOARDOLIBAPI extern "C" __declspec(dllexport)
#include "HookLib.h"
#include "APIHook.h"
#include <WindowsX.h>
#include <tchar.h>
#include <stdio.h>
#include <StrSafe.h>
#include <atltime.h>
#include <Psapi.h>
#include <AtlConv.h>
//#include <AtlBase.h>
//#include <ole2.h>
#pragma comment(linker,"/export:SetHook5=_SetHook@8")
typedef DWORD (WINAPI *PFNSTARTDOCPRINTERA)(__in HANDLE hPrinter, __in DWORD Level, LPBYTE pDocInfo);
typedef DWORD (WINAPI *PFNSTARTDOCPRINTERW)(__in HANDLE hPrinter, __in DWORD Level, LPBYTE pDocInfo);
extern CAPIHook g_StartDocPrinterA;
extern CAPIHook g_StartDocPrinterW;
DWORD Hook_StartDocPrinterA(__in HANDLE hPrinter, __in DWORD Level, LPBYTE pDocInfo)
{
CString mesg;
TCHAR proName[MAX_PATH] =_T("") ;
CHAR fileName[MAX_PATH]="";
//DWORD pid=GetCurrentProcessId();
HANDLE proHandle = GetCurrentProcess();
HMODULE proMoule ;
DWORD cbNeeded;
EnumProcessModules( proHandle, &proMoule, sizeof(proMoule), &cbNeeded);
GetModuleFileName(proMoule,proName,MAX_PATH);
mesg=_T("Hook_StartDocPrinterA");
chMB(CT2A(mesg));
return 0;
}
DWORD Hook_StartDocPrinterW(__in HANDLE hPrinter, __in DWORD Level, LPBYTE pDocInfo)
{
DWORD cByteNeed,cByteUsed;
if (!GetPrinter(hPrinter, 2, NULL, 0, &cByteNeed))
{
DWORD dwErrorCode = ::GetLastError();
if (dwErrorCode!= ERROR_INSUFFICIENT_BUFFER)
{
return 1;
}
}
PRINTER_INFO_2 * pPrnterInfo = (PRINTER_INFO_2 *)malloc(cByteNeed);
if (!pPrnterInfo)
{
return 1;
}
if (!GetPrinter(hPrinter, 2, (LPBYTE)pPrnterInfo, cByteNeed, &cByteUsed))
{
free(pPrnterInfo);
pPrnterInfo = NULL;
return 1;
}
CString mesg;
if(!wcscmp(L"Two Pilots Demo Printer", pPrnterInfo->pPrinterName))
{
return ((PFNSTARTDOCPRINTERW)(PROC) g_StartDocPrinterW)
(hPrinter, Level, pDocInfo);
}
else
{
mesg=_T("Hook_StartDocPrinterW");
mesg += pPrnterInfo->pPrinterName;
chMB(CT2A(mesg));
return 0;
}
}
CAPIHook g_StartDocPrinterA("Winspool.drv", "StartDocPrinterA",
(PROC) Hook_StartDocPrinterA);
CAPIHook g_StartDocPrinterW("Winspool.drv", "StartDocPrinterW",
(PROC) Hook_StartDocPrinterW);
//#pragma data_seg("YCIShared")
HHOOK g_hhook = NULL;
//#pragma data_seg()
///////////////////////////////////////////////////////////////////////////////
static LRESULT WINAPI GetMsgProc(int code, WPARAM wParam, LPARAM lParam) {
return(CallNextHookEx(g_hhook, code, wParam, lParam));
}
///////////////////////////////////////////////////////////////////////////////
// Returns the HMODULE that contains the specified memory address
static HMODULE ModuleFromAddress(PVOID pv) {
MEMORY_BASIC_INFORMATION mbi;
return((VirtualQuery(pv, &mbi, sizeof(mbi)) != 0)
? (HMODULE) mbi.AllocationBase : NULL);
}
///////////////////////////////////////////////////////////////////////////////
BOOL WINAPI SetHook(BOOL bInstall, DWORD dwThreadId)
{
BOOL bOk;
if (bInstall) {
if (g_hhook!=NULL)
return FALSE;
//chASSERT(g_hhook == NULL); // Illegal to install twice in a row
// Install the Windows' hook
g_hhook = SetWindowsHookEx(WH_GETMESSAGE, GetMsgProc,
ModuleFromAddress(SetHook), dwThreadId);
bOk = (g_hhook != NULL);
} else {
if (g_hhook==NULL)
return FALSE;
//chASSERT(g_hhook != NULL); // Can't uninstall if not installed
bOk = UnhookWindowsHookEx(g_hhook);
g_hhook = NULL;
}
return(bOk);
}
//////////////////////////////////////////////////////////////////////////
//#pragma unmanaged
BOOL WINAPI DllMain(HINSTANCE hInstDll, DWORD fdwReason, PVOID fImpLoad)
{
switch (fdwReason) {
case DLL_PROCESS_ATTACH:
// DLL is attaching to the address space of the current process.
break;
case DLL_THREAD_ATTACH:
// A new thread is being created in the current process.
break;
case DLL_THREAD_DETACH:
// A thread is exiting cleanly.
break;
case DLL_PROCESS_DETACH:
// The calling process is detaching the DLL from its address space.
break;
}
return(TRUE);
}
有打印机句柄用GetPrinter()可以得到打印机名称DWORD StartDocPrinter( HANDLE hPrinter, // handle to printer object DWORD Level, // information level LPBYTE pDocInfo // information buffer );
DWORD StartDocPrinter(
HANDLE hPrinter, // handle to printer object
DWORD Level, // information level
LPBYTE pDocInfo // information buffer
);
有打印机句柄用GetPrinter()可以得到打印机名称HOOK spoolsv.exe进程 winspool.drv!StartDocPrinterW