1,486
社区成员
发帖
与我相关
我的任务
分享菜鸟问题,希望高手给予解答
现在一些病毒是利用全局钩子进行作怪的。所以想遍历全局钩子。这样或许可以找出病毒所在的DLLO,可是怎么遍历全局的钩子啊。
如果这种想法有问题或还有想法的大虾的话,小弟不胜感激。
如果这种想法有问题或还有想法的大虾的话,小弟不胜感激。
...全文
请发表友善的回复…
发表回复
limitworld 2004-09-26
- 打赏
- 举报
感谢各位
留下些什么 2004-09-16
- 打赏
- 举报
顶
loverpyh 2004-09-16
- 打赏
- 举报
up
a_cer 2004-09-16
- 打赏
- 举报
钩子程序就有一个键盘的,看看有点参考价值没有
Option Explicit
Declare Function SetWindowsHookEx Lib "user32" Alias "SetWindowsHookExA" (ByVal idHook As Long, ByVal lpfn As Long, ByVal hmod As Long, ByVal dwThreadId As Long) As Long
Declare Function UnhookWindowsHookEx Lib "user32" (ByVal hHook As Long) As Long
Declare Function CallNextHookEx Lib "user32" (ByVal hHook As Long, ByVal ncode As Long, ByVal wParam As Long, lParam As Any) As Long
Public hnexthookproc As Long
Public Const HC_ACTION = 0
Public Const WH_KEYBOARD = 2
Public Sub UnHookKBD()
If hnexthookproc <> 0 Then
UnhookWindowsHookEx hnexthookproc
hnexthookproc = 0
End If
End Sub
Public Function EnableKBDHook()
If hnexthookproc <> 0 Then
Exit Function
End If
hnexthookproc = SetWindowsHookEx(WH_KEYBOARD, AddressOf _
MyKBHFunc, App.hInstance, 0)
If hnexthookproc <> 0 Then
EnableKBDHook = hnexthookproc
End If
End Function
Public Function MyKBHFunc(ByVal iCode As Long, ByVal wParam As Long, ByVal lParam As Long) As Long
'这三个参数是固定的,不能动,而MyKBHFunc这个名称只要和
'SetWindowsHookex()中 AddressOf後的名称一样便可,不一定叫什麽
'wParam 是传入按了哪个key的virtual-key code
'如果您将以下的两行unmark则所有键盘的输入皆没有作用
'MyKBHFunc = 1 '吃掉信息
'Exit Function
MyKBHFunc = 0 '信息要处理
If iCode < 0 Then
MyKBHFunc = CallNextHookEx(hnexthookproc, iCode, wParam, lParam)
Exit Function
End If
If wParam = vbKeySnapshot Then '侦测 有没有按到PrintScreen键
MyKBHFunc = 1 '在这个Hook便吃掉这个信息
Debug.Print "haha"
Else
Call CallNextHookEx(hnexthookproc, iCode, wParam, lParam)
End If
Debug.Print Chr(wParam) & " " & wParam
End Function
Option Explicit
Declare Function SetWindowsHookEx Lib "user32" Alias "SetWindowsHookExA" (ByVal idHook As Long, ByVal lpfn As Long, ByVal hmod As Long, ByVal dwThreadId As Long) As Long
Declare Function UnhookWindowsHookEx Lib "user32" (ByVal hHook As Long) As Long
Declare Function CallNextHookEx Lib "user32" (ByVal hHook As Long, ByVal ncode As Long, ByVal wParam As Long, lParam As Any) As Long
Public hnexthookproc As Long
Public Const HC_ACTION = 0
Public Const WH_KEYBOARD = 2
Public Sub UnHookKBD()
If hnexthookproc <> 0 Then
UnhookWindowsHookEx hnexthookproc
hnexthookproc = 0
End If
End Sub
Public Function EnableKBDHook()
If hnexthookproc <> 0 Then
Exit Function
End If
hnexthookproc = SetWindowsHookEx(WH_KEYBOARD, AddressOf _
MyKBHFunc, App.hInstance, 0)
If hnexthookproc <> 0 Then
EnableKBDHook = hnexthookproc
End If
End Function
Public Function MyKBHFunc(ByVal iCode As Long, ByVal wParam As Long, ByVal lParam As Long) As Long
'这三个参数是固定的,不能动,而MyKBHFunc这个名称只要和
'SetWindowsHookex()中 AddressOf後的名称一样便可,不一定叫什麽
'wParam 是传入按了哪个key的virtual-key code
'如果您将以下的两行unmark则所有键盘的输入皆没有作用
'MyKBHFunc = 1 '吃掉信息
'Exit Function
MyKBHFunc = 0 '信息要处理
If iCode < 0 Then
MyKBHFunc = CallNextHookEx(hnexthookproc, iCode, wParam, lParam)
Exit Function
End If
If wParam = vbKeySnapshot Then '侦测 有没有按到PrintScreen键
MyKBHFunc = 1 '在这个Hook便吃掉这个信息
Debug.Print "haha"
Else
Call CallNextHookEx(hnexthookproc, iCode, wParam, lParam)
End If
Debug.Print Chr(wParam) & " " & wParam
End Function
haohaohappy 2004-09-16
- 打赏
- 举报
关注学习吧,呵呵
lili1 2004-09-16
- 打赏
- 举报
啊,我想是不行的吧。
要是有 ListAllHook也爽呀。
要是有 ListAllHook也爽呀。
碧海情天-赵亮 2004-09-16
- 打赏
- 举报
只能UP了
yelang771 2004-09-15
- 打赏
- 举报
up
tztz520 2004-09-15
- 打赏
- 举报
有NEXTHOOK就爽了
supergreenbean 2004-09-15
- 打赏
- 举报
一时想不起来……
难道hook setnextwindowshook....
难道hook setnextwindowshook....
