[英]Why doesn't this system wide CBT hook work properly?
我正在尝试创建一个系统范围的挂钩来监视进程并终止不需要的进程。 我搜索并发现我需要使用 CBT 钩子,我的第一次尝试失败了,这是第二次,前一个问题可以在这里找到。
以下代码构建得很好,但似乎甚至没有调用钩子,因为我尝试在DllMain()
设置断点,但我从未到达那里。 其他功能似乎可以访问!
以下是代码片段:
dllmain.cpp
// dllmain.cpp : Defines the entry point for the DLL application.
#pragma once
#include "stdafx.h"
#include <iostream>
#include <fstream>
#include <Windows.h>
using namespace std;
HINSTANCE currentProcessHandle;
HOOKPROC hkprcSysMsg;
HHOOK hookID;
BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
std::ofstream outfile("test.txt");
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
currentProcessHandle = hModule;
break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
LRESULT CALLBACK HookProcedure(int nCode, WPARAM wparam, LPARAM lparam)
{
std::ofstream outfile("test.txt");
if (nCode >= 0)
{
switch (nCode)
{
case HCBT_CREATEWND:
outfile << L"Created!~";
cout << "Created!~" << endl;
break;
case HCBT_DESTROYWND:
outfile << L"Destroied!~";
cout << "Destroied!~" << endl;
break;
default:
cout << "sth else" << endl;
break;
}
}
else
{
return CallNextHookEx(hookID, nCode, wparam, lparam);
}
outfile.close();
}
__declspec(dllexport) void InstallHook()
{
hookID = SetWindowsHookEx(WH_CBT, HookProcedure, currentProcessHandle, 0);
}
__declspec(dllexport) void UnistallHook()
{
UnhookWindowsHookEx(hookID);
}
这是消费者应用程序
// Hook Executer.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include "..\Dll\dllmain.cpp"
#include <iostream>
using namespace std;
int _tmain(int argc, _TCHAR* argv[])
{
int num = -1;
cout << "1.Install Hook"<<endl
<< "2.Unistall Hook"<<endl
<< "0.Exit";
do{
cin >> num;
if (num ==1)
{
InstallHook();
}
else
{
UnistallHook();
}
getchar();
system("cls");
cout << "1.Install Hook" << endl
<< "2.Unistall Hook" << endl
<< "0.Exit";
} while (num != 0 && num < 3);
return 0;
}
当我运行程序时,没有错误,甚至没有任何类型的异常,就好像没有 DLL 或我在该 DLL 中没有编码任何东西一样。 它出什么问题了?
在 CPP 文件中实现您的 DLL 代码,而不是标题:
//dllmain.cpp
#include "stdafx.h" // include <Windows.h>
// and other std headers in stdafx.h, if not already done
HINSTANCE currentProcessHandle;
HHOOK hookID;
BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call,
LPVOID lpReserved ) {
if ( ul_reason_for_call == DLL_PROCESS_ATTACH )
currentProcessHandle = hModule;
return TRUE;
}
LRESULT CALLBACK HookProcedure( int nCode, WPARAM wparam, LPARAM lparam ) {
if ( nCode < 0 ) return CallNextHookEx( NULL, nCode, wparam, lparam );
std::ofstream outfile;
outfile.open( "test.txt", // replace with an absolute path
std::fstream::app ); // append mode
if (nCode >= 0) {
switch( nCode ) {
case HCBT_CREATEWND:
outfile << "Created!\n";
break;
case HCBT_DESTROYWND:
outfile << "Destroyed!\n";
break;
default:
break;
}
}
outfile.close();
return 0;
}
void InstallHook( void ) {
hookID = SetWindowsHookEx( WH_CBT, HookProcedure, currentProcessHandle, 0 );
}
void UninstallHook( void ) { // NEW NAME
UnhookWindowsHookEx( hookID );
}
在头文件中声明 DLL API。
// dllapi.h
void InstallHook( void );
void UninstallHook( void ); // NEW NAME
使用DEF文件导出,添加到DLL工程中
; Def file
EXPORTS
InstallHook
UninstallHook
在 EXE 项目中,仅包含 DLL 头文件
#include "..\Dll\dllapi.h"
在EXE工程中,进入properties->Linker->Input->Additional dependencies
,添加构建DLL时生成的lib文件。 另一种方法:在Solution的项目依赖中将DLL设为EXE的依赖,在EXE属性中,为Linker->general->Use Library dependency Inputs
设置Yes
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.