您所在位置:主题:这种情况下为何会生成无限个窗口呢……
abcbuzhiming
[专家分:30] 发布于 2008-02-26 14:52:00
本人新手,学习delphi通过远程钩子向目标进程注入dll,dll中封装了一个窗体,注入目标程序成功后,在目标程序上按下END键呼出这个窗体,我这个程序写的非常简单,仅仅是在dll文件里封装了一个窗体,主程序把dll文件注入目标进程后通过热键END把窗口呼出就算成功。
目前我遇到的问题:在注入所有的不涉及到3D渲染方面程序,呼出都成功了;但是,一旦涉及到程序本身会带3D的——我试验了很多3D游戏,魔兽3,CS1.6等等,一按热键只见呼出窗口象发疯一样不断的生成,这是为什么?为什么会这样,难道3D渲染下建立窗口有什么特别之处?
源代码
dll的代码:
工程文件代码
==========
library hook32;
uses
SysUtils,
Forms,
Classes,
myDLl in 'myDLl.pas' {Form1};
{$R *.res}
exports
HookOn,HookOff;
begin
{Application.Initialize;
Application.Run; }
end.
==========
dll主文件代码
==========
unit mydll;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, ExtCtrls , ComCtrls;
type
TForm1 = class(TForm)
Button1: TButton;
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
function HookProc(nCode:Integer;WParam: WPARAM;LParam:LPARAM):LRESULT;stdcall;
function HookOn(lpHwnd:HWND;lpType:Longint):Longint;stdcall;export;
function HookOff:Boolean;stdcall;export;
implementation
var
hHk: HHOOK=0; //钩子的句柄
hThread: Cardinal; //长整形数据,窗口线程的标示符
hmod: Pointer; //进程标示符的指针
{$R *.dfm}
function HookProc(nCode:Integer;WParam: WPARAM;LParam:LPARAM):LRESULT;stdcall;
begin
if (wParam=VK_END) and ((LParam and $40000000) <> 0) then
begin
Form1:=TForm1.Create(Application);
Form1.show;
end;
Result :=0 //CallNextHookEx(hHk,nCode,WParam,LParam);
end;
function HookOn(lpHwnd:HWND;lpType:Longint): Longint;stdcall; export;
begin
hThread :=GetWindowThreadProcessId(lpHwnd,hmod);
//注入开始
hHk :=SetWindowsHookEx(lpType,@HookProc,hInstance,hThread); // WH_KEYBOARD
Result :=hHk
end;
function HookOff:Boolean;stdcall; export;
begin
if hHk <> 0 then
begin
//移除挂钩
UnHookWindowsHookEx(hHk);
hHk :=0;
Result :=true;
end
else
Result :=false;
end;
end.
==========
以下是调用dll的程序的代码
==========
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, ExtCtrls, XPMan;
type
TForm1 = class(TForm)
Button1: TButton;
Button2: TButton;
procedure FormClose(Sender: TObject; var Action: TCloseAction);
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
function HookOn(lpHwnd:HWND;lpType:Longint):Longint;stdcall;external 'Hook32.dll' name 'HookOn';
function HookOff:Boolean;stdcall;external 'Hook32.dll' name 'HookOff';
implementation
{$R *.dfm}
procedure TForm1.FormClose(Sender: TObject; var Action: TCloseAction);
begin
hookoff;
end;
procedure TForm1.Button1Click(Sender: TObject);
var
h1:HWND;
begin
h1:=FindWindow(NIL,'counter-strike');//这是窗口的句柄,要自己找到后,填写入。
if h1=0 then showmessage('没找到进程!');
if h1> 0 then showmessage('找到进程!');
sleep(200);
HookOn(h1,WH_KEYBOARD);
end;
procedure TForm1.Button2Click(Sender: TObject);
begin
HookOff;
end;
end.
==========
目前我遇到的问题:在注入所有的不涉及到3D渲染方面程序,呼出都成功了;但是,一旦涉及到程序本身会带3D的——我试验了很多3D游戏,魔兽3,CS1.6等等,一按热键只见呼出窗口象发疯一样不断的生成,这是为什么?为什么会这样,难道3D渲染下建立窗口有什么特别之处?
源代码
dll的代码:
工程文件代码
==========
library hook32;
uses
SysUtils,
Forms,
Classes,
myDLl in 'myDLl.pas' {Form1};
{$R *.res}
exports
HookOn,HookOff;
begin
{Application.Initialize;
Application.Run; }
end.
==========
dll主文件代码
==========
unit mydll;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, ExtCtrls , ComCtrls;
type
TForm1 = class(TForm)
Button1: TButton;
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
function HookProc(nCode:Integer;WParam: WPARAM;LParam:LPARAM):LRESULT;stdcall;
function HookOn(lpHwnd:HWND;lpType:Longint):Longint;stdcall;export;
function HookOff:Boolean;stdcall;export;
implementation
var
hHk: HHOOK=0; //钩子的句柄
hThread: Cardinal; //长整形数据,窗口线程的标示符
hmod: Pointer; //进程标示符的指针
{$R *.dfm}
function HookProc(nCode:Integer;WParam: WPARAM;LParam:LPARAM):LRESULT;stdcall;
begin
if (wParam=VK_END) and ((LParam and $40000000) <> 0) then
begin
Form1:=TForm1.Create(Application);
Form1.show;
end;
Result :=0 //CallNextHookEx(hHk,nCode,WParam,LParam);
end;
function HookOn(lpHwnd:HWND;lpType:Longint): Longint;stdcall; export;
begin
hThread :=GetWindowThreadProcessId(lpHwnd,hmod);
//注入开始
hHk :=SetWindowsHookEx(lpType,@HookProc,hInstance,hThread); // WH_KEYBOARD
Result :=hHk
end;
function HookOff:Boolean;stdcall; export;
begin
if hHk <> 0 then
begin
//移除挂钩
UnHookWindowsHookEx(hHk);
hHk :=0;
Result :=true;
end
else
Result :=false;
end;
end.
==========
以下是调用dll的程序的代码
==========
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, ExtCtrls, XPMan;
type
TForm1 = class(TForm)
Button1: TButton;
Button2: TButton;
procedure FormClose(Sender: TObject; var Action: TCloseAction);
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
function HookOn(lpHwnd:HWND;lpType:Longint):Longint;stdcall;external 'Hook32.dll' name 'HookOn';
function HookOff:Boolean;stdcall;external 'Hook32.dll' name 'HookOff';
implementation
{$R *.dfm}
procedure TForm1.FormClose(Sender: TObject; var Action: TCloseAction);
begin
hookoff;
end;
procedure TForm1.Button1Click(Sender: TObject);
var
h1:HWND;
begin
h1:=FindWindow(NIL,'counter-strike');//这是窗口的句柄,要自己找到后,填写入。
if h1=0 then showmessage('没找到进程!');
if h1> 0 then showmessage('找到进程!');
sleep(200);
HookOn(h1,WH_KEYBOARD);
end;
procedure TForm1.Button2Click(Sender: TObject);
begin
HookOff;
end;
end.
==========