谁来帮我看看我Hook窗口创建的代码有什么错误?能Hook成功,只是会导致资源管理器错误 |
尚未結案
|
testman
一般會員 發表:1 回覆:0 積分:0 註冊:2008-09-26 發送簡訊給我 |
以下贴出全部代码,仅仅是监视窗口创建并写出log文件。Dll加载,卸载,挂钩,解钩都能正常打出log,并且成对儿出现。
该释放的都释放了。 实在不解,为什么还是会导致资源管理器(explorer.exe)和任务管理器(taskmgr.exe)出错。 hook过程中,没有任何错误。只是在把主程序关掉后,才可能出现错误。各位测试的时候注意一下,谢谢。 初次发贴,有不合适之处还请多多谅解。 按照如下方式操作,就会出现错误: 先打开任务管理器(别关掉),执行主程序,挂钩,打开几个有窗口的程序(别关掉),退出主程序。 任务栏鼠标右键->任务管理器,出错。 我这里只要这么操作,就一定出错。 [code delphi] library makeErr; uses Messages, Classes, SysUtils, Windows, Dialogs, ComServ, theMain in 'theMain.pas'; exports DllGetClassObject, DllCanUnloadNow, DllRegisterServer, DllUnregisterServer; {$R *.RES} const HookMemFileName = 'DllHookMemFile.DTA'; var PShare: PShareMem; MapHandle: THandle; function CallWndProc(nCode: Integer; WParam: WPARAM; LParam: LPARAM): LRESULT; stdcall; var winStruct: TCWPStruct; begin winStruct := PCWPSTRUCT(LParam)^; if nCode >= 0 then begin if winStruct.message = WM_SHOWWINDOW then begin SaveInfo('发现窗口创建:::' inttostr(winStruct.hwnd)); end; end; Result := CallNextHookEx(0, nCode, WParam, LParam); end; procedure StartHook; stdcall; begin if PShare^.HookHandle = 0 then begin PShare^.HookHandle := SetWindowsHookEx(WH_CALLWNDPROC, PShare^.HookProc, hinstance, 0); SaveInfo('钩子启动完毕,钩子句柄:::' inttostr(PShare^.HookHandle)); end; end; procedure StopHook; stdcall; var unhookResult: Boolean; begin if PShare^.HookHandle <> 0 then begin unhookResult := UnhookWindowsHookEx(PShare^.HookHandle); if unhookResult then begin PShare^.HookHandle := 0; SaveInfo('钩子卸载完毕'); end else SaveInfo('钩子卸载失败'); end else SaveInfo('PShare^.HookHandle为空:::' inttostr(PShare^.HookHandle)); end; procedure DllEntry(dwReason: DWORD); begin case dwReason of DLL_PROCESS_ATTACH: begin saveinfo('run in DLL_PROCESS_ATTACH'); end; DLL_PROCESS_DETACH: begin saveinfo('dll 卸载,MapHandle:::' inttostr(MapHandle)); UnmapViewOfFile(PShare); closehandle(MapHandle); SaveInfo('共享内存关闭'); end; end; end; exports StartHook, StopHook; begin DisableThreadLibraryCalls(HInstance); MapHandle := OpenFileMapping(FILE_MAP_ALL_ACCESS, False, pchar(HookMemFileName)); if MapHandle = 0 then begin MapHandle := CreateFileMapping($FFFFFFFF, nil, PAGE_READWRITE, 0, SizeOf(TShareMem), pchar(HookMemFileName)); end; PShare := MapViewOfFile(MapHandle, FILE_MAP_ALL_ACCESS, 0, 0, 0); PShare^.HookProc := @CallWndProc; DllProc := @DllEntry; end. [/code] theMain.pas程式: [code delphi] unit theMain; interface uses Windows,SysUtils; type THookProc = function(nCode: integer; wParam: WPARAM; lParam: LPARAM): LRESULT; stdcall; PShareMem = ^TShareMem; TShareMem = packed record Data: String[255]; HookHandle:HHook; ModuleHandle:THandle; HookProc: THookProc; end; procedure SaveInfo(str: string); stdcall; implementation procedure SaveInfo(str: string); stdcall; var f: textfile; begin assignfile(f,'d:\Records.txt'); if FileExists('d:\Records.txt') = false then rewrite(f) else append(f); writeln(f, str); closefile(f); end; initialization finalization end. [/code] 主程序: [code delphi] unit MainForm; interface uses Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms, Dialogs, StdCtrls; type TForm1 = class(TForm) Button1: TButton; Button2: TButton; procedure Button1Click(Sender: TObject); procedure FormClose(Sender: TObject; var Action: TCloseAction); private { Private declarations } procedure SaveInfo(str: string); public { Public declarations } end; //procedure StartHook; stdcall; external 'makeErr.dll' name 'StartHook'; //procedure StopHook; stdcall; external 'makeErr.dll' name 'StopHook'; var Form1: TForm1; StartHook:procedure; stdcall; StopHook:procedure; stdcall; moduleHandle : THandle; implementation {$R *.dfm} procedure TForm1.Button1Click(Sender: TObject); begin moduleHandle := loadlibrary(pchar('makeErr.dll')); StartHook := GetProcAddress(moduleHandle, 'StartHook'); StopHook := GetProcAddress(moduleHandle, 'StopHook'); if @StartHook<>nil then StartHook; end; procedure TForm1.SaveInfo(str: string); var f: textfile; begin assignfile(f,'d:\Records.txt'); if FileExists('d:\Records.txt') = false then rewrite(f) else append(f); writeln(f, str); closefile(f); end; procedure TForm1.FormClose(Sender: TObject; var Action: TCloseAction); begin SaveInfo('开始卸载钩子'); if @StopHook<>nil then StopHook else SaveInfo('未找到卸载函数'); freelibrary(moduleHandle); // closehandle(moduleHandle); SaveInfo('关闭主程序'); end; end. [/code] 編輯記錄
testman 重新編輯於 2008-09-27 11:13:18, 註解 無‧
|
本站聲明 |
1. 本論壇為無營利行為之開放平台,所有文章都是由網友自行張貼,如牽涉到法律糾紛一切與本站無關。 2. 假如網友發表之內容涉及侵權,而損及您的利益,請立即通知版主刪除。 3. 請勿批評中華民國元首及政府或批評各政黨,是藍是綠本站無權干涉,但這裡不是政治性論壇! |