拦截全局键盘的hook Option Explicit Public Declare Function SetWindowsHookEx Lib "user32" Alias "SetWindowsHookExA" (ByVal idHook As Long, ByVal lpfn As Long, ByVal hmod As Long, ByVal dwThreadId As Long) As Long Public Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long) Public Declare Function UnhookWindowsHookEx Lib "user32" (ByVal hHook As Long) As Long Public Declare Function CallNextHookEx Lib "user32" (ByVal hHook As Long, ByVal nCode As Long, ByVal wParam As Long, lParam As Any) As Long Public Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long Public Declare Function GetWindowLong Lib "user32" Alias "GetWindowLongA" (ByVal hwnd As Long, ByVal nIndex As Long) As LongPublic Const WM_CLOSE = &H10 Const GWL_HINSTANCE = (-6) Public Type KBDLLHOOKSTRUCT vkCode As Long 'value of the key you pressed scanCode As Long flags As Long time As Long dwExtraInfo As Long End Type Public Const WH_KEYBOARD = 2 Public Const WH_KEYBOARD_LL = 13 Public Const HC_ACTION = 0 Public Const VK_DELETE = &H2E Public Const WM_COMMAND = &H111 Public KeyboardHook As LongPublic Sub Hook() Dim Hin As Long Hin = GetWindowLong(FindWindow("XLMAIN", vbNullString), GWL_HINSTANCE) 'better compatibility excel97,XP,2003. Debug.Print Application.Hinstance 'hook the keyboard KeyboardHook = SetWindowsHookEx(WH_KEYBOARD_LL, AddressOf LowLevelKeyboardProc, Hin, 0) End Sub Public Sub UnHook() 'unhook the keyboard. UnhookWindowsHookEx KeyboardHook End Sub Public Function LowLevelKeyboardProc(ByVal nCode As Long, ByVal wParam As Long, lParam As Long) As Long Dim xpInfo As KBDLLHOOKSTRUCT If nCode = HC_ACTION Then
CopyMemory xpInfo, lParam, Len(xpInfo) 'copy the structure from lParam to xpinfo LowLevelKeyboardProc = -1
Else LowLevelKeyboardProc = CallNextHookEx(KeyboardHook, nCode, wParam, lParam) End If End Function
msgbox pid
end if
是哪篇呢?还有,我想知道用vba能实现拦截其他程序内部消息框的功能吗?我用hook的时候,总是绑定不了其它的程序。
Option Explicit
Public Declare Function SetWindowsHookEx Lib "user32" Alias "SetWindowsHookExA" (ByVal idHook As Long, ByVal lpfn As Long, ByVal hmod As Long, ByVal dwThreadId As Long) As Long
Public Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)
Public Declare Function UnhookWindowsHookEx Lib "user32" (ByVal hHook As Long) As Long
Public Declare Function CallNextHookEx Lib "user32" (ByVal hHook As Long, ByVal nCode As Long, ByVal wParam As Long, lParam As Any) As Long
Public Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Public Declare Function GetWindowLong Lib "user32" Alias "GetWindowLongA" (ByVal hwnd As Long, ByVal nIndex As Long) As LongPublic Const WM_CLOSE = &H10
Const GWL_HINSTANCE = (-6)
Public Type KBDLLHOOKSTRUCT
vkCode As Long 'value of the key you pressed
scanCode As Long
flags As Long
time As Long
dwExtraInfo As Long
End Type
Public Const WH_KEYBOARD = 2
Public Const WH_KEYBOARD_LL = 13
Public Const HC_ACTION = 0
Public Const VK_DELETE = &H2E
Public Const WM_COMMAND = &H111
Public KeyboardHook As LongPublic Sub Hook()
Dim Hin As Long
Hin = GetWindowLong(FindWindow("XLMAIN", vbNullString), GWL_HINSTANCE) 'better compatibility excel97,XP,2003.
Debug.Print Application.Hinstance
'hook the keyboard
KeyboardHook = SetWindowsHookEx(WH_KEYBOARD_LL, AddressOf LowLevelKeyboardProc, Hin, 0)
End Sub
Public Sub UnHook()
'unhook the keyboard.
UnhookWindowsHookEx KeyboardHook
End Sub
Public Function LowLevelKeyboardProc(ByVal nCode As Long, ByVal wParam As Long, lParam As Long) As Long
Dim xpInfo As KBDLLHOOKSTRUCT
If nCode = HC_ACTION Then
CopyMemory xpInfo, lParam, Len(xpInfo) 'copy the structure from lParam to xpinfo
LowLevelKeyboardProc = -1
Else
LowLevelKeyboardProc = CallNextHookEx(KeyboardHook, nCode, wParam, lParam)
End If
End Function
嘿嘿,正因为不理解才要问啊,为什么一定要用到第三方的dll呢?dll不也是应用程序的一种吗?只是不能自己执行啊。
哪篇文章我也不记得了
因为我现在也不想写什么文章
CSDN对技术博客一点都不看中
懒得写了浪费我去打字
好了废话不说
首先你得自己写一段shellcode然后使用WriteProcessMemory写入到目标进程中,然后使用CreateRemoteThread等相关api让此shellcode执行,如果要接收控制操作可以在shellcode里加入SendMessage发送自定义消息那样其实和dll一样的效果
不还是要用到汇编
纯粹vb不还是完成不了。至于不使用CreateRemoteThread等函数也能让代码执行起来这个倒正常 api hook本来就有多个方式shellcode也可以 修改 IAT同样可以 SEH也可以。
但是都要用到汇编或者特殊办法来生成可输出函数dll。
只需要一段shellcode就行了
其实说用到汇编也不否定,其实应该说是完全自己写机器码而已
也不表示VB不能用机器码来执行程序吧
只是在写机器码的时候VB没VC等方便,当然更没汇编爽了
但是都要用到汇编或者特殊办法来生成可输出函数dll。
我说的是或者
我没说汇编和dll都是必须的
而且我前面也说了是“纯vb”完成不了api hookvb来完成api hook的办法我也了解,
而vb sheelcode完成apihook的办法也并非什么新技术
2004年台湾就有人写出代码了。