notepad hook

 

//---------------------------------------------------------------------------

#include <vcl.h>
#pragma hdrstop

#include "hook.h"

//---------------------------------------------------------------------------
#pragma package(smart_init)
#pragma resource "*.dfm"
TForm1 *Form1;



typedef int (WINAPI* sthndl)(HWND,HWND);
sthndl SetHandle;
typedef int (WINAPI* unsub)();
unsub UnSubClass;
typedef int (WINAPI *filhndl)(HWND,int);
filhndl FillHandleArray;

static HINSTANCE hDLL = NULL;
//---------------------------------------------------------------------------
__fastcall TForm1::TForm1(TComponent* Owner)
    : TForm(Owner)
...{
}
//---------------------------------------------------------------------------
void __fastcall TForm1::FormCreate(TObject *Sender)
...{
    hDLL=LoadLibrary((LPCTSTR)"hookdll.dll");
    if(hDLL==NULL)...{
        exit(1);
    }
}
//---------------------------------------------------------------------------
void __fastcall TForm1::Button1Click(TObject *Sender)
...{
    HWND hHookedWindow = FindWindow("Notepad" ,NULL);
    if(hHookedWindow == NULL)
    ...{
        MessageBox(0,"Could Not find a running instance of Notepad. Please Start Notepad and try again","Error",0);
        return;
    }
    HMENU hAppMenu;
    hAppMenu=GetMenu(hHookedWindow);
    HMENU hAppendMenu;
    hAppendMenu=CreateMenu();
    AppendMenu(hAppMenu,MF_STRING + MF_POPUP,(unsigned int)hAppendMenu,"HTML");
    AppendMenu(hAppendMenu,MF_STRING,125,"Make HTML");
    AppendMenu(hAppendMenu,MF_STRING,126,"Add Line Break");
    HWND hMenuWnd;
    hDLL = LoadLibrary("hookdll.dll");
    hMenuWnd = GetWindow(hHookedWindow, 5);
    DWORD hThread;
    hThread=GetWindowThreadProcessId(hHookedWindow,NULL);
    SetHandle = (sthndl)GetProcAddress(hDLL, "SetHandle");
    UnSubClass = (unsub)GetProcAddress(hDLL, "UnSubclass");
    SetHandle(hHookedWindow,this->Handle);
    FillHandleArray = (filhndl)GetProcAddress(hDLL, "FillHandleArray");
    FillHandleArray(hHookedWindow,1);
    FillHandleArray(hMenuWnd,1);
    ShowWindow(hHookedWindow, SW_MINIMIZE);
}
//---------------------------------------------------------------------------
void __fastcall TForm1::Button2Click(TObject *Sender)
...{
    UnSubClass();
    FreeLibrary(hDLL);
}
//---------------------------------------------------------------------------
void __fastcall TForm1::WMMYHOOK(TMessage& Message)
...{
    Memo1->Text =Memo1->Text + " " + AnsiString(Message.Msg);
    if(Message.WParam==125)
    ...{
        SendKeys("<HTML>");
        SendReturnKey(2);
        SendKeys("<BODY>");
        SendReturnKey(3);
        SendKeys("<HEAD>");
        SendReturnKey(2);
        SendKeys("</HEAD>");
        SendReturnKey(10);
        SendKeys("</BODY>");
        SendReturnKey(2);
        SendKeys("</HTML>");
    }
    if(Message.WParam==126)
    ...{
        SendKeys("<BR>");
    }
}
//---------------------------------------------------------------------------
bool TForm1::SendKeys(char * sKeys)
...{
    long length=strlen(sKeys);
    int p;
    for(p=0;p<length;p++)
    ...{
        if(sKeys[p]=='<')
        ...{
            keybd_event(VK_SHIFT, 0x45, KEYEVENTF_EXTENDEDKEY |0, 0);
            keybd_event(188, 0x45, KEYEVENTF_EXTENDEDKEY |0, 0);
            keybd_event(188, 0x45, KEYEVENTF_EXTENDEDKEY | KEYEVENTF_KEYUP, 0);
            keybd_event(VK_SHIFT, 0x45, KEYEVENTF_EXTENDEDKEY | KEYEVENTF_KEYUP, 0);

        }
        else if(sKeys[p]=='>')
        ...{
            keybd_event(VK_SHIFT, 0x45, KEYEVENTF_EXTENDEDKEY |0, 0);
            keybd_event(190, 0x45, KEYEVENTF_EXTENDEDKEY |0, 0);
            keybd_event(190, 0x45, KEYEVENTF_EXTENDEDKEY | KEYEVENTF_KEYUP, 0);
            keybd_event(VK_SHIFT, 0x45, KEYEVENTF_EXTENDEDKEY | KEYEVENTF_KEYUP, 0);

        }
        else if(sKeys[p]=='/')
        ...{
            keybd_event(VK_DIVIDE, 0x45, KEYEVENTF_EXTENDEDKEY |0, 0);
            keybd_event(VK_DIVIDE, 0x45, KEYEVENTF_EXTENDEDKEY | KEYEVENTF_KEYUP, 0);

        }
        else
        ...{
            keybd_event(int(sKeys[p]), 0x45, KEYEVENTF_EXTENDEDKEY |0, 0);
            keybd_event(int(sKeys[p]), 0x45, KEYEVENTF_EXTENDEDKEY | KEYEVENTF_KEYUP, 0);
        }
    }
return TRUE;
}
//---------------------------------------------------------------------------
void TForm1::SendReturnKey(long numoftimes)
...{
    for(int tmp=0;tmp<numoftimes;tmp++)
    ...{
        SendKeys(" ");
    }
}
//---------------------------------------------------------------------------

hookapp.h

 

//---------------------------------------------------------------------------

#ifndef hookH
#define hookH
//---------------------------------------------------------------------------
#include <Classes.hpp>
#include <Controls.hpp>
#include <StdCtrls.hpp>
#include <Forms.hpp>
#define WM_MYHOOK   (WM_APP +1024)
//---------------------------------------------------------------------------
class TForm1 : public TForm
...{
__published:    // IDE-managed Components
    TMemo *Memo1;
    TButton *Button1;
    TButton *Button2;
    void __fastcall FormCreate(TObject *Sender);
    void __fastcall Button1Click(TObject *Sender);
    void __fastcall Button2Click(TObject *Sender);
private:    // User declarations
    void __fastcall WMMYHOOK(TMessage& Message);
    void SendReturnKey(long numoftimes);
    bool SendKeys(char * sKeys);
public:        // User declarations
    __fastcall TForm1(TComponent* Owner);
    //LRESULT WINAPI WndProc(HWND hwnd,UINT msg2 ,WPARAM w_param,LPARAM l_param);


BEGIN_MESSAGE_MAP
    MESSAGE_HANDLER(WM_MYHOOK, TMessage, WMMYHOOK);
END_MESSAGE_MAP(TForm);

};
//---------------------------------------------------------------------------
extern PACKAGE TForm1 *Form1;
//---------------------------------------------------------------------------
#endif

 

hookdll.cpp

 

//---------------------------------------------------------------------------

#include <vcl.h>
#include <windows.h>
#include <iostream.h>
#include <tlhelp32.h>
#pragma hdrstop
//---------------------------------------------------------------------------
//   Important note about DLL memory management when your DLL uses the
//   static version of the RunTime Library:
//
//   If your DLL exports any functions that pass String objects (or structs/
//   classes containing nested Strings) as parameter or function results,
//   you will need to add the library MEMMGR.LIB to both the DLL project and
//   any other projects that use the DLL.  You will also need to use MEMMGR.LIB
//   if any other projects which use the DLL will be performing new or delete
//   operations on any non-TObject-derived classes which are exported from the
//   DLL. Adding MEMMGR.LIB to your project will change the DLL and its calling
//   EXE's to use the BORLNDMM.DLL as their memory manager.  In these cases,
//   the file BORLNDMM.DLL should be deployed along with your DLL.
//
//   To avoid using BORLNDMM.DLL, pass string information using "char *" or
//   ShortString parameters.
//
//   If your DLL uses the dynamic version of the RTL, you do not need to
//   explicitly add MEMMGR.LIB as this will be done implicitly for you
//---------------------------------------------------------------------------

#pragma argsused
extern "C" __declspec(dllexport) int WINAPI SetHandle(HWND,HWND);
extern "C" __declspec(dllexport) int WINAPI FillHandleArray(HWND,int);
extern "C" __declspec(dllexport) int WINAPI UnSubclass();

LRESULT CALLBACK WindowProc(HWND hwnd,UINT uMsg,WPARAM wParam,LPARAM lParam);
LRESULT CALLBACK CBTProc(int nCode,WPARAM wParam,LPARAM lParam);

HANDLE MapGlobalData(const AnsiString MapName, int Size, LPVOID &P);
LRESULT CALLBACK KeyboardProc(int nCode,WPARAM wParam,LPARAM lParam );
void ReleaseGlobalData(HANDLE handle, void* &Ptr);
typedef struct ...{
    HWND hTarget;
    HWND hApp;
    int num ;// Number of the subclassed window handle ,for use in the dll
    bool done;
    HINSTANCE hInstance;
    HWND hndll[100];  // array to store handles
    int form[100] ;  // Forms which we need to subclass
    long OldWndHndl[100] ; //array to store old window handles
    BOOL blnsubclassed[100];
    HHOOK hWinHook;
} TGlobalData, *PGlobalData;

const char* GLOBAL_DATA_MAPNAME = "HOOK_GLOBAL_DATA";
//const char* HOOK_EVENT_NAME = "SetWindowsHookEx_Event";
//---------------------------------------------------------------------------
PGlobalData g_Data;
HANDLE MapHandle;
//---------------------------------------------------------------------------
//Window Procedures of the subclassed windows
LRESULT CALLBACK WindowProc(
  HWND hwnd,
  UINT uMsg,
  WPARAM wParam,
  LPARAM lParam
)
...{    
    long val;
    int count;
    for(count=0;count<g_Data->num;count++)
    ...{
        if(g_Data->hndll[count]==hwnd)
        ...{
            val=count;   // this gets us the exact position of this window procedure in the array
        }
    }
    long result;
    if(uMsg==273) //Message Implying Menu Clicks
        if(HIWORD(wParam)==0)
                result=SendNotifyMessage(g_Data->hApp,WM_APP +1024,(WPARAM)(LOWORD(wParam)),(LPARAM)uMsg);// Send the message  to the vb app

    return CallWindowProc((WNDPROC)(g_Data->OldWndHndl[val]),hwnd,uMsg,wParam,lParam);
}//End Procedure
//---------------------------------------------------------------------------
//This function wld get all the handles from the Our application and store in in the array
int WINAPI FillHandleArray(HWND hwndSubclass,int intFrmNUm)
...{
    
    g_Data->hndll[g_Data->num]=hwndSubclass; // fill the array with the handle
    g_Data->form[g_Data->num]=intFrmNUm;  //fill the corresponding array for the form number
    g_Data->blnsubclassed[g_Data->num]=FALSE;// set the state to not subclassed
    g_Data->num=g_Data->num+1;
    return 1;
}// End of the fill array function
//---------------------------------------------------------------------------
// Function to set the original window procedure of each subclassed window
int WINAPI UnSubclass()
...{
    int count;
    for(count=0;count<g_Data->num;count++)
    ...{
        if((int)g_Data->hndll[count]>1)
        ...{
            SetWindowLong(g_Data->hndll[count],GWL_WNDPROC,g_Data->OldWndHndl[count]);   //Set back the old window procedure
        }        
    }    

        return 1;
}//End UnSubclass function
//---------------------------------------------------------------------------
int WINAPI DllEntryPoint(HINSTANCE hinst, unsigned long reason, void* lpReserved)
...{
    MapHandle = MapGlobalData(GLOBAL_DATA_MAPNAME, sizeof(TGlobalData), Pointer(g_Data));
    g_Data->hInstance = hinst;
    return 1;
}
//---------------------------------------------------------------------------
// Get the handles of the Targetwindow and of the Our application
int WINAPI SetHandle(HWND HandleofTarget ,HWND HandleofApp)
...{

    g_Data->hTarget=HandleofTarget;
    g_Data->hApp=HandleofApp;
    g_Data->hWinHook=SetWindowsHookEx(WH_CBT,(HOOKPROC)CBTProc,g_Data->hInstance,GetWindowThreadProcessId(g_Data->hTarget,NULL));
//    if(hWinHook==NULL)
//        return 0;
//    else
        return 1;
}//End this function
//----------------------------------------------------------------------------------------------------
//The CBT hook Proc(Computer Based Training Hook)
LRESULT CALLBACK CBTProc(int nCode,WPARAM wParam,LPARAM lParam)
...{
    if (nCode==HCBT_ACTIVATE)  //Called when the application window is activated
    ...{
        if((HWND)(wParam)==g_Data->hTarget)  //check if the window activated is Our Targer App
        ...{
            int count;
            for (count=0;count<g_Data->num;count++)
            ...{
                if (g_Data->blnsubclassed[count]==FALSE)
                ...{    
                    if(((int)g_Data->hndll[count])>1)
                    ...{
                        g_Data->OldWndHndl[count]=SetWindowLong(g_Data->hndll[count],GWL_WNDPROC,(long)WindowProc);  //Subclass !!!!
                    }
                                        
                    g_Data->blnsubclassed[count]=TRUE;    // Set state as subclassed
                }
            }
        }        
    }
    if (nCode==HCBT_DESTROYWND) //Called when the application window is destroyed
    ...{
        if((HWND)wParam==g_Data->hTarget)
            SendNotifyMessage(g_Data->hApp,WM_APP +1024,(WPARAM)wParam,(LPARAM)lParam);// Send the message  to the vb app
    }
    return CallNextHookEx(NULL, nCode, wParam, lParam);
}//End of the hook procedure
//----------------------------------------------------------------------------------------------------
HANDLE MapGlobalData(const AnsiString MapName, int Size, LPVOID &P)
...{
  HANDLE ret = CreateFileMapping( (HANDLE)0xFFFFFFFF, NULL, PAGE_READWRITE, 0, Size, MapName.c_str());
  if (ret == 0) ...{
    if (GetLastError() == ERROR_ALREADY_EXISTS) ...{
      ret = OpenFileMapping(FILE_MAP_ALL_ACCESS, false, MapName.c_str());
      if (ret == 0) return ret;
    } else
      return ret;
  }
  P = (LPVOID)MapViewOfFile(ret, FILE_MAP_ALL_ACCESS, 0, 0, 0);
  if (P == NULL) ...{
    CloseHandle(ret);
    ret = 0;
  }
  return ret;
}
//----------------------------------------------------------------------------------------------------
void ReleaseGlobalData(HANDLE handle, void* &Ptr)
...{
  if (Ptr) ...{
    UnmapViewOfFile(Ptr);
    Ptr = NULL;
  }
  if (handle != 0) ...{
    CloseHandle(handle);
    handle = 0;
  }
}
//----------------------------------------------------------------------------------------------------

请输入大于5个字符的标题HOOK  DLL INJECT PPT