本人新手,学习delphi通过远程钩子向目标进程注入dll,dll中封装了一个窗体,注入目标程序成功后,在目标程序上按下END键呼出这个窗体,我这个程序写的非常简单,仅仅是在dll文件里封装了一个窗体,主程序把dll文件注入目标进程后通过热键END把窗口呼出就算成功。目前我遇到的问题:在注入所有的不涉及到3D渲染方面程序,呼出都成功了;但是,一旦涉及到程序本身会带3D的——我试验了很多3D游戏,魔兽3,CS1.6等等,一按热键只见呼出窗口象发疯一样不断的生成,这是为什么?为什么会这样,难道3D渲染下建立窗口有什么特别之处?源代码dll的代码:
工程文件代码
==========
library hook32;
uses
SysUtils,
Forms,
Classes,
myDLl in 'myDLl.pas' {Form1};{$R *.res}exports
HookOn,HookOff;begin
{Application.Initialize;
Application.Run; }
end.
==========dll主文件代码
==========
unit mydll;interfaceuses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, ExtCtrls , ComCtrls;type
TForm1 = class(TForm)
Button1: TButton;
private
{ Private declarations }
public
{ Public declarations }
end;var
Form1: TForm1;
function HookProc(nCode:Integer;WParam: WPARAM;LParam:LPARAM):LRESULT;stdcall;
function HookOn(lpHwnd:HWND;lpType:Longint):Longint;stdcall;export;
function HookOff:Boolean;stdcall;export;implementation
var
hHk: HHOOK=0; //钩子的句柄
hThread: Cardinal; //长整形数据,窗口线程的标示符
hmod: Pointer; //进程标示符的指针
{$R *.dfm}
function HookProc(nCode:Integer;WParam: WPARAM;LParam:LPARAM):LRESULT;stdcall;
begin
if (wParam=VK_END) and ((LParam and $40000000) <> 0) then
begin
Form1:=TForm1.Create(Application);
Form1.show;
end;
Result :=0 //CallNextHookEx(hHk,nCode,WParam,LParam);
end;function HookOn(lpHwnd:HWND;lpType:Longint): Longint;stdcall; export;
begin
hThread :=GetWindowThreadProcessId(lpHwnd,hmod);
//注入开始
hHk :=SetWindowsHookEx(lpType,@HookProc,hInstance,hThread); // WH_KEYBOARD
Result :=hHk
end;function HookOff:Boolean;stdcall; export;
begin
if hHk<>0 then
begin
//移除挂钩
UnHookWindowsHookEx(hHk);
hHk :=0;
Result :=true;
end
else
Result :=false;
end;end.
==========以下是调用dll的程序的代码
==========
unit Unit1;interfaceuses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, ExtCtrls, XPMan;type
TForm1 = class(TForm)
Button1: TButton;
Button2: TButton;
procedure FormClose(Sender: TObject; var Action: TCloseAction);
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);private
{ Private declarations }
public
{ Public declarations }
end;var
Form1: TForm1;
function HookOn(lpHwnd:HWND;lpType:Longint):Longint;stdcall;external 'Hook32.dll' name 'HookOn';
function HookOff:Boolean;stdcall;external 'Hook32.dll' name 'HookOff';
implementation{$R *.dfm}procedure TForm1.FormClose(Sender: TObject; var Action: TCloseAction);
begin
hookoff;
end;procedure TForm1.Button1Click(Sender: TObject);
varh1:HWND;
beginh1:=FindWindow(NIL,'counter-strike');//这是窗口的句柄,要自己找到后,填写入。
if h1=0 then showmessage('没找到进程!');
if h1>0 then showmessage('找到进程!');
sleep(200);
HookOn(h1,WH_KEYBOARD);
end;procedure TForm1.Button2Click(Sender: TObject);
begin
HookOff;
end;end.
==========
工程文件代码
==========
library hook32;
uses
SysUtils,
Forms,
Classes,
myDLl in 'myDLl.pas' {Form1};{$R *.res}exports
HookOn,HookOff;begin
{Application.Initialize;
Application.Run; }
end.
==========dll主文件代码
==========
unit mydll;interfaceuses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, ExtCtrls , ComCtrls;type
TForm1 = class(TForm)
Button1: TButton;
private
{ Private declarations }
public
{ Public declarations }
end;var
Form1: TForm1;
function HookProc(nCode:Integer;WParam: WPARAM;LParam:LPARAM):LRESULT;stdcall;
function HookOn(lpHwnd:HWND;lpType:Longint):Longint;stdcall;export;
function HookOff:Boolean;stdcall;export;implementation
var
hHk: HHOOK=0; //钩子的句柄
hThread: Cardinal; //长整形数据,窗口线程的标示符
hmod: Pointer; //进程标示符的指针
{$R *.dfm}
function HookProc(nCode:Integer;WParam: WPARAM;LParam:LPARAM):LRESULT;stdcall;
begin
if (wParam=VK_END) and ((LParam and $40000000) <> 0) then
begin
Form1:=TForm1.Create(Application);
Form1.show;
end;
Result :=0 //CallNextHookEx(hHk,nCode,WParam,LParam);
end;function HookOn(lpHwnd:HWND;lpType:Longint): Longint;stdcall; export;
begin
hThread :=GetWindowThreadProcessId(lpHwnd,hmod);
//注入开始
hHk :=SetWindowsHookEx(lpType,@HookProc,hInstance,hThread); // WH_KEYBOARD
Result :=hHk
end;function HookOff:Boolean;stdcall; export;
begin
if hHk<>0 then
begin
//移除挂钩
UnHookWindowsHookEx(hHk);
hHk :=0;
Result :=true;
end
else
Result :=false;
end;end.
==========以下是调用dll的程序的代码
==========
unit Unit1;interfaceuses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, ExtCtrls, XPMan;type
TForm1 = class(TForm)
Button1: TButton;
Button2: TButton;
procedure FormClose(Sender: TObject; var Action: TCloseAction);
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);private
{ Private declarations }
public
{ Public declarations }
end;var
Form1: TForm1;
function HookOn(lpHwnd:HWND;lpType:Longint):Longint;stdcall;external 'Hook32.dll' name 'HookOn';
function HookOff:Boolean;stdcall;external 'Hook32.dll' name 'HookOff';
implementation{$R *.dfm}procedure TForm1.FormClose(Sender: TObject; var Action: TCloseAction);
begin
hookoff;
end;procedure TForm1.Button1Click(Sender: TObject);
varh1:HWND;
beginh1:=FindWindow(NIL,'counter-strike');//这是窗口的句柄,要自己找到后,填写入。
if h1=0 then showmessage('没找到进程!');
if h1>0 then showmessage('找到进程!');
sleep(200);
HookOn(h1,WH_KEYBOARD);
end;procedure TForm1.Button2Click(Sender: TObject);
begin
HookOff;
end;end.
==========
你管它什么3D渲染(可能和游戏程序对键盘输入监测有关系)
自己写个过程,只让你的Form生成一个实例不就行了。