Как выловить клавиатурных шпионов?

← →
Mouse (2003-08-28 10:35) [0]

Уважаемые мастера!
Обьясните пожалуйста как написать програму, которая бы вылавливала всяких клавиатурных шпионов! (hook-еров)!
Если кто может - подкиньте ссылочку или кодик!
Заранее спасибо!

← →
AlexRush (2003-08-28 11:28) [1]

см. SetWindowsHookEx, подробно WH_DEBUG; далее - DebugProc и DEBUGHOOKINFO.

← →
Mouse (2003-08-28 12:13) [2]

> AlexRush ©

А можно какойто код к примеру? Я просто новичек и мне ето все мало говорит!

← →
AlexRush (2003-08-28 15:06) [3]

Лови:
DLL с хуками:
library hook; uses Windows, SysUtils; {$R *.res} function MyKeyboardProc(iCode:integer; key:DWORD; stoke:DWORD):LRESULT;stdcall;export; begin MessageBoxA(0,PChar( "Current thread ID: "+IntToHEX(GetCurrentThreadId(),8)+#13 +"iCode = "+IntToStr(iCode)+#13 +"key = "+IntToHEX(key,8)+#13 +"stroke = "+IntToHEX(stoke,8)+#13),PChar("Keyboard Hook Handler:"),0); result:=0; end; function MyDebugProc(nCode:integer; HookType:integer; dbi:PDEBUGHOOKINFO):LRESULT;stdcall;export; var s:string; begin result:=0; s:="Current thread ID: "+IntToHEX(GetCurrentThreadId(),8)+#13; s:=s+"nCode: "+IntToStr(nCode)+#13; s:=s+"Hook Type: "; case HookType of {WH_CALLWNDPROC : s:=s+"WH_CALLWNDPROC"; WH_CALLWNDPROCRET : s:=s+"WH_CALLWNDPROCRET "; WH_CBT : s:=s+"WH_CBT "; WH_DEBUG : begin//!!!!! exit; end; {} {WH_GETMESSAGE : s:=s+"WH_GETMESSAGE "; WH_JOURNALPLAYBACK : s:=s+"WH_JOURNALPLAYBACK"; WH_JOURNALRECORD : s:=s+"WH_JOURNALRECORD "; {} WH_KEYBOARD : s:=s+"WH_KEYBOARD "; {WH_MOUSE : s:=s+"WH_MOUSE "; WH_MSGFILTER : s:=s+"WH_MSGFILTER "; WH_SHELL : s:=s+"WH_SHELL "; WH_SYSMSGFILTER : s:=s+"WH_SYSMSGFILTER "; {} else exit; end; s:=s+#13#13; s:=s+" DEBUGHOOKINFO.idThread = "+IntToStr(dbi.idThread)+#13; s:=s+" DEBUGHOOKINFO.idThreadInstaller = "+IntToStr(dbi.idThreadInstaller)+#13; s:=s+" DEBUGHOOKINFO.lParam = "+IntToHEX(dbi.lParam,8)+#13; s:=s+" DEBUGHOOKINFO.wParam = "+IntToHEX(dbi.wParam,8)+#13; s:=s+" DEBUGHOOKINFO.code = "+IntToStr(dbi.code)+#13; s:=s+#0; MessageBoxA(0,@s[1],"DEBUG Hook Handler",$30); end; exports MyKeyboardProc,MyDebugProc; begin end. ***********************************************************
Тест-прога, ставит хук на клаву:
unit Unit1; interface uses Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms, Dialogs, StdCtrls; type TForm1 = class(TForm) Button1: TButton; Button2: TButton; procedure Button1Click(Sender: TObject); procedure Button2Click(Sender: TObject); private hLib :DWORD; hHook:DWORD; public { Public declarations } end; var Form1: TForm1; implementation {$R *.dfm} procedure TForm1.Button1Click(Sender: TObject); var ptrProc:pointer; begin hLib:=LoadLibraryA("hook.dll"); if hLib=0 then exit; ptrProc:=GetProcAddress(hLib,"MyKeyboardProc"); if not assigned(ptrProc) then exit; hHook:=SetWindowsHookExA(WH_KEYBOARD, ptrProc, hLib, 0); end; procedure TForm1.Button2Click(Sender: TObject); begin UnhookWindowsHookEx(hHook); end; end. ***********************************************************
Тест-прога, мониторит другие хуки:
unit Unit2; interface uses Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms, Dialogs, StdCtrls; type TForm2 = class(TForm) Button1: TButton; Button2: TButton; procedure Button1Click(Sender: TObject); procedure Button2Click(Sender: TObject); private hLib :DWORD; hHook :DWORD; public { Public declarations } end; var Form2: TForm2; implementation {$R *.dfm} procedure TForm2.Button1Click(Sender: TObject); var ptrProc:pointer; begin hLib:=LoadLibraryA("hook.dll"); if hLib=0 then exit; ptrProc:=GetProcAddress(hLib,"MyDebugProc"); if not assigned(ptrProc) then exit; hHook:=SetWindowsHookExA(WH_DEBUG, ptrProc, hLib, 0); end; procedure TForm2.Button2Click(Sender: TObject); begin UnhookWindowsHookEx(hHook); end; end. ***********************************************************

Как выловить клавиатурных шпионов? Найти похожие ветки