如何从全局挂钩中排除线程
[英]How to exclude a thread from global hook
问题描述
We are hooking T extOut() , ExtTextOut() and DrawText() methods GLOBALLY . 
我们在extOut()上钩住T extOut() , ExtTextOut()和DrawText()方法。
ie 即
hhook = SetWindowsHookEx(WH_CBT, function_address, module_handle, 0);
But we want to exclude our application (which we are using to install/uninstall hook) from being hooked. 但是我们想从钩子中排除我们的应用程序(用于安装/卸载钩子)。 If the last argument to SetWindowsHookEx() is 0(zero) it will hook all the existing threads.How to check here if the current thread is "OurApplication.exe" and then exclude it from hooking or immediately unhook it. 如果SetWindowsHookEx()的最后一个参数为0(零),它将钩住所有现有线程。如何在此处检查当前线程是否为“ OurApplication.exe”,然后将其从钩子中排除,或立即将其脱钩。 Please provide help. 请提供帮助。
3 个解决方案
解决方案1
0 2010-01-25 09:39:50
I don't think it's possible. 我认为这是不可能的。 You either hook to everything or to a specific thread. 您可以钩住所有内容或特定线程。 Why don't you just filter out your application in whatever code yout have at function_address? 您为什么不只用function_address上的任何代码过滤应用程序? Most, if not all, CBT hook callbacks provide window handle at either wParam or lParam argument. 大多数(如果不是全部)CBT挂钩回调在wParam或lParam参数处提供窗口句柄。 You can then get process id from that handle and compare it to your application pid. 然后,您可以从该句柄获取进程ID,并将其与您的应用程序pid进行比较。
解决方案2
0 2010-01-25 09:57:06
Off the top of my head: 从我的头顶上:
Pass the hook dll the PID of the process you want to ignore when you install the hook. 在安装钩子时,将要忽略的进程的PID传递给钩子dll。 Make sure that PID is stored in a shared section so all hook instances see the same value. 确保PID存储在共享部分中,以便所有钩子实例看到相同的值。
In your hook function, check to see if the current process PID matches the one passed in. If it does, don't do your hooky stuff, just pass to CallNextHookEx. 在您的hook函数中,检查当前进程的PID是否与传入的进程PID匹配。如果匹配,则不要做任何麻烦的事情,只需传递给CallNextHookEx。
I don't like this because it adds to work done in the hook function, which is always bad. 我不喜欢这样,因为它增加了在hook函数中完成的工作,这总是很糟糕的。 But it seems like it should work in principle. 但似乎应该在原则上起作用。
解决方案3
0 2010-01-25 13:24:06
Thank you experts for replying to our question. 谢谢专家回答我们的问题。 We found the way to do that. 我们找到了方法。 Now we added the following block of code in the entry point of the injecting dll.And it is working fine. 现在我们在注入dll的入口处添加了以下代码块,并且工作正常。
BOOL APIENTRY DllMain(HINSTANCE hModule, DWORD dwReason, PVOID lpReserved)
{
switch (dwReason)
{
case DLL_PROCESS_ATTACH:
IsDebuggerPresent();
// Exclude the "someapplication.exe" from hooking
GetModuleFileName( GetModuleHandle( NULL ),Work,sizeof(Work) );
PathStripPath(Work );
if ( _stricmp( Work, "someapplication.exe" ) != 0 )
{
InstallWindowHooks();
}
break;
case DLL_PROCESS_DETACH:
hWindowReceiver = NULL;
CleanUp();
break;
}
return TRUE;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.