updates and moves

n/a

Win32/Proof of Concepts/SetWindowsHookExInjection/SetWindowsHookEx/SetWindowsHookEx.cpp

@@ -0,0 +1,94 @@
+// SetWindowsHookEx.cpp : 定义控制台应用程序的入口点。
+//
+
+#include "stdafx.h"
+#include <Windows.h>
+#include <iostream>
+using namespace std;
+#include "tlhelp32.h"
+
+HHOOK Handle = NULL;
+LRESULT CALLBACK HookProc
+	(
+	int nCode,
+	WPARAM wParam,
+	LPARAM lParam
+	);
+BOOL InstallSetWindowsHookEx(ULONG ProcessId,BOOL Hook)
+{
+	if(Hook)
+	{
+		HMODULE hModule = LoadLibrary(L"DllTestx64.dll");
+		if(hModule==NULL)
+		{
+			cout<<"Loadlibrary Fail"<<endl;
+			getchar();
+			return FALSE;
+		}
+		HOOKPROC TestAddress = (HOOKPROC)GetProcAddress(hModule,"Test");
+		if(TestAddress==NULL)
+		{
+			cout<<"Get HookProc Failed"<<endl;
+			getchar();
+			return FALSE;
+		}
+	//  全局钩子
+	//	Handle = SetWindowsHookEx(WH_KEYBOARD,TestAddress,hModule,0);
+		// 定义线程信息结构  
+		
+		THREADENTRY32 te32 = {sizeof(THREADENTRY32)} ;  
+		//创建系统线程快照  
+		HANDLE hThreadSnap = CreateToolhelp32Snapshot ( TH32CS_SNAPTHREAD, 0 ) ;  
+		if ( hThreadSnap == INVALID_HANDLE_VALUE )  
+			return FALSE ;  
+		// 循环枚举线程信息  
+		if ( Thread32First ( hThreadSnap, &te32 ) )  
+		{  
+			do{  
+				if(te32.th32OwnerProcessID == ProcessId)
+				{
+					Handle = SetWindowsHookEx(WH_KEYBOARD,TestAddress,hModule,te32.th32ThreadID);
+					if(Handle == NULL)
+					{
+						printf("The KeyBoard could not be hooked LastError [%d]\n", GetLastError());
+						getchar();
+						return FALSE;
+					}
+				}
+			}while (Thread32Next(hThreadSnap, &te32));  
+		}  	
+		CloseHandle (hThreadSnap);	
+	}
+	else
+	{
+		UnhookWindowsHookEx(Handle);  
+	}	
+}
+
+
+int _tmain(int argc, _TCHAR* argv[])
+{
+	int a = 0;
+	int b = 0;
+	cout<<"Please input ProcessId:\r\n";
+	cin>>a;
+	InstallSetWindowsHookEx(a,TRUE);
+	cin>>b;
+	if(b==20)
+	{
+		InstallSetWindowsHookEx(a,FALSE);
+	}
+	return 0;
+}
+
+
+LRESULT CALLBACK HookProc
+	(
+	int nCode,
+	WPARAM wParam,
+	LPARAM lParam
+	)
+{
+	MessageBox(NULL,L"Suu",L"Suu",1);
+	return 0;
+}