解决方案 »
- 怎样使CEdit背景颜色闪烁?
- vs2005有没有工具能分析各个函数的执行时间及被调用的次数
- Windows Vista下进程权限提升,非高手无法搞定。
- 我用CBCGPOutlookBarPane生成的左边的像OUTLOOK的东西,如何让此东西不能关闭??
- 请问在sdk程序中有没有可以用的按钮类库
- 想要在一模态对话框显示之前更改其字体,请问什么时候可以call SetFont(...)
- 串口读写是在同一个端口上操作么?
- 怎么让程序随机器启动而运行.程序窗口是要隐藏的,,,
- 为不通类型的工具条创建不通的停靠区
- MFC的_tWinMain函数的作用
- VC采用ADO连接数据库,假如数据库有3张表,怎么将数据添加到3张表中。
- Win32的StretchBlt()和BitBlt()哪个块?
[This is preliminary documentation and subject to change.]SUMMARY
A port monitor DLL is a user-mode DLL that is responsible for providing a communications path between the user-mode print spooler and the kernel-mode port drivers that access I/O port hardware. Please refer to the Windows® DDK documentation for further information about print monitors.This sample works on both x86 and Alpha platforms and the code is 64-bit compliant. BUILDING THE SAMPLE
The code must be built using the build environment shipped with the DDK. Microsoft® Visual C® must be present on the machine for the sample to build properly, as build will use some header files. Also, the SDK and the DDK must be installed.To build the sample, run build from the src\print\monitors\localmon directory. The DLL will be placed in the appropriate platform directory (either i386 or Alpha). To install a port monitor, an INF file called Monitor.inf is needed. This INF file is based on Printmon.inf, the default INF file for installing port monitors. A functional Monitor.inf file is provided. However, in order to adapt it to the user's needs, it will be necessary to make changes in certain designated places tagged "User Changes." Examples of these changes are: changing the source media description or adding a help file to the monitor. Once built, the sample will produce four binaries: DDKLocalmon.dll, DDKLocalmon.lib (an export lib), DDKLocalmon.exp, and, if the sample is built in a checked environment, DDKLocalmon.pdb.Before installing this sample monitor, the user needs to build src\print\localui, because DDKLocalui.dll provides the UI for DDKLocalmon and they are installed together. CODE TOUR
File Manifest
File DescriptionConfig.c Handles spooler entry points for adding, deleting, and configuring localmon ports
Dialogs.c Source module that implements dialog boxes
Dialogs.h Header for DIALOGS.C
Lmon.h Header that declares PORT_INFO_FF structure
Irda.c IRDA printing support in localmon
Irda.h Header for IRDA
Local.h Header that declares debug functions
Localmon.c Source module that contains the DLL entry point
Localmon.def File that lists the exported functions
Localmon.prf Resource file for the dialogs
Localmon.h Header for global declarations and function prototypes
Localmon.rc Resource file for the module
Makefile Generic file for building the code sample
Precomp.h Generic header
Localmon.htm Documentation for this sample (this file)
Resource.rcv Resource version file
Resource.h Resource include file
Setlink.c Utility to display or change the value of a symbolic link
Sources Generic file for building the code sample
Spltypes.h Header for Winspool.c
Util.c Source module for support routines
Winspool.c Implements the spooler supported APIs for printing
Xcv.c Interface for calling print spooler's XcvData (transceive data) functions. This is the means by which a port monitor UI DLL communicates with its associated port monitor server DLL.
Top of page
© 1999 Microsoft Corporation
HANDLE hPrinter, // handle to printer object
DWORD Level, // information level
LPBYTE pDocInfo // information buffer
);有打印机句柄用GetPrinter()可以得到打印机名称
我用windbg下断点是可以拦截到的,不知道你代码是怎么写的
//#include "cmnhdr.h"
#define CLIPBOARDOLIBAPI extern "C" __declspec(dllexport)
#include "HookLib.h"
#include "APIHook.h"#include <WindowsX.h>
#include <tchar.h>
#include <stdio.h>
#include <StrSafe.h>
#include <atltime.h>
#include <Psapi.h>
#include <AtlConv.h>
//#include <AtlBase.h>
//#include <ole2.h>
#pragma comment(linker,"/export:SetHook5=_SetHook@8")
typedef DWORD (WINAPI *PFNSTARTDOCPRINTERA)(__in HANDLE hPrinter, __in DWORD Level, LPBYTE pDocInfo);
typedef DWORD (WINAPI *PFNSTARTDOCPRINTERW)(__in HANDLE hPrinter, __in DWORD Level, LPBYTE pDocInfo);extern CAPIHook g_StartDocPrinterA;
extern CAPIHook g_StartDocPrinterW;
DWORD Hook_StartDocPrinterA(__in HANDLE hPrinter, __in DWORD Level, LPBYTE pDocInfo)
{
CString mesg;
TCHAR proName[MAX_PATH] =_T("") ;
CHAR fileName[MAX_PATH]=""; //DWORD pid=GetCurrentProcessId();
HANDLE proHandle = GetCurrentProcess();
HMODULE proMoule ;
DWORD cbNeeded; EnumProcessModules( proHandle, &proMoule, sizeof(proMoule), &cbNeeded);
GetModuleFileName(proMoule,proName,MAX_PATH);
mesg=_T("Hook_StartDocPrinterA");
chMB(CT2A(mesg));
return 0;
}DWORD Hook_StartDocPrinterW(__in HANDLE hPrinter, __in DWORD Level, LPBYTE pDocInfo)
{
DWORD cByteNeed,cByteUsed;
if (!GetPrinter(hPrinter, 2, NULL, 0, &cByteNeed))
{
DWORD dwErrorCode = ::GetLastError();
if (dwErrorCode!= ERROR_INSUFFICIENT_BUFFER)
{
return 1;
}
} PRINTER_INFO_2 * pPrnterInfo = (PRINTER_INFO_2 *)malloc(cByteNeed); if (!pPrnterInfo)
{
return 1;
} if (!GetPrinter(hPrinter, 2, (LPBYTE)pPrnterInfo, cByteNeed, &cByteUsed))
{
free(pPrnterInfo);
pPrnterInfo = NULL;
return 1;
} CString mesg;
if(!wcscmp(L"Two Pilots Demo Printer", pPrnterInfo->pPrinterName))
{
return ((PFNSTARTDOCPRINTERW)(PROC) g_StartDocPrinterW)
(hPrinter, Level, pDocInfo);
}
else
{
mesg=_T("Hook_StartDocPrinterW");
mesg += pPrnterInfo->pPrinterName; chMB(CT2A(mesg));
return 0;
}
}CAPIHook g_StartDocPrinterA("Winspool.drv", "StartDocPrinterA",
(PROC) Hook_StartDocPrinterA);
CAPIHook g_StartDocPrinterW("Winspool.drv", "StartDocPrinterW",
(PROC) Hook_StartDocPrinterW);//#pragma data_seg("YCIShared")
HHOOK g_hhook = NULL;
//#pragma data_seg()///////////////////////////////////////////////////////////////////////////////
static LRESULT WINAPI GetMsgProc(int code, WPARAM wParam, LPARAM lParam) {
return(CallNextHookEx(g_hhook, code, wParam, lParam));
}
///////////////////////////////////////////////////////////////////////////////
// Returns the HMODULE that contains the specified memory address
static HMODULE ModuleFromAddress(PVOID pv) { MEMORY_BASIC_INFORMATION mbi;
return((VirtualQuery(pv, &mbi, sizeof(mbi)) != 0)
? (HMODULE) mbi.AllocationBase : NULL);
}
///////////////////////////////////////////////////////////////////////////////BOOL WINAPI SetHook(BOOL bInstall, DWORD dwThreadId)
{ BOOL bOk; if (bInstall) {
if (g_hhook!=NULL)
return FALSE;
//chASSERT(g_hhook == NULL); // Illegal to install twice in a row
// Install the Windows' hook
g_hhook = SetWindowsHookEx(WH_GETMESSAGE, GetMsgProc,
ModuleFromAddress(SetHook), dwThreadId); bOk = (g_hhook != NULL);
} else {
if (g_hhook==NULL)
return FALSE;
//chASSERT(g_hhook != NULL); // Can't uninstall if not installed
bOk = UnhookWindowsHookEx(g_hhook);
g_hhook = NULL;
} return(bOk);
}//////////////////////////////////////////////////////////////////////////
//#pragma unmanagedBOOL WINAPI DllMain(HINSTANCE hInstDll, DWORD fdwReason, PVOID fImpLoad)
{ switch (fdwReason) { case DLL_PROCESS_ATTACH:
// DLL is attaching to the address space of the current process.
break; case DLL_THREAD_ATTACH:
// A new thread is being created in the current process.
break; case DLL_THREAD_DETACH:
// A thread is exiting cleanly.
break; case DLL_PROCESS_DETACH:
// The calling process is detaching the DLL from its address space.
break;
}
return(TRUE);
}
我现在新建了一个服务 在服务里用CreateRemoteThread 往 spoolsv.exe里注入了Hook.dll , 至对一个虚拟打印机起了作用,而计算机连接的共享打印机没有钩到,这说明应用程序在打印的时候,spoolsv.exe不一定都调用到这个StartDocPrinter api 。那现在该hook 那个api?