sethook.asm

汇编实战大全.请按书中的附录 A设置好系统的环境变量

;****************************
;文件：SetHook.asm          *
;功能：设置钩子过程         *
;****************************
.386p
.model flat,stdcall
include win32.inc
extrn GetMessageA:proc
extrn TranslateMessage:proc
extrn DispatchMessageA:proc
extrn ShowWindow:proc
extrn UpdateWindow:proc
extrn CreateWindowExA:proc
extrn RegisterClassA:proc
extrn DefWindowProcA:proc
extrn MessageBoxA:proc
extrn ExitProcess:proc
extrn LoadIconA:proc
extrn LoadCursorA:proc
extrn GetStockObject:proc
extrn GetModuleHandleA:proc
extrn PostQuitMessage:proc
extrn GetDC:proc
extrn ReleaseDC:proc
extrn TextOutA:proc
extrn LoadLibraryA:proc
extrn GetProcAddress:proc
extrn _wsprintfA:proc

WM_MYMSG = WM_USER + 1		;自定义消息

POINT struc
	x dd ?
	y dd ?
	ends
MSG struc
    hwnd 	dd ?
    message	dd ?
    wParam	dd ?
    lParam	dd ?
    time	dd ?
    pt		POINT<>
    ends

WNDCLASS struc
	style		dd ?
	lpfnWndProc	dd ?
	cbClsExtra	dd ?
	cbWndExtra	dd ?
	hInstance	dd ?
	hIcon		dd ?
	hCursor		dd ?
	hbrBackground	dd ?
	lpszMenuName	dd ?
	lpszClassName	dd ?
	ends

.data 
	DllFileName	db '..\HookDLL\HookDLL.dll',0
	ProcName	db 'InstallKeyHook',0
	PintMsg_Self	db '在当前窗口的键盘消息：%lX-%lX-%lX-%lX         ',0
	PintMsg_Dll		db '钩子过程发来的键盘消息：%lX-%lX-%lX-%lX       ',0
	PintMsg		db 100 dup (0)
	myclassname	db 'MyClass',0
	caption		db '安装钩子示例',0
	align 4
	hInst	dd ?
	hWnd	dd ?
	msg		MSG<>
	wc		WNDCLASS<>

.code
main:
	call	GetModuleHandleA,0			;取模块句柄
	mov		[hInst],eax
	
	mov		wc.lpszClassName,offset myclassname
	mov		eax,[hInst]
	mov		wc.hInstance,eax
	mov		wc.lpfnWndProc,offset WinMsgProc
	call	LoadIconA,0,IDI_APPLICATION
	mov		wc.hIcon,eax
	call	LoadCursorA,0,IDC_IBEAM
	mov		wc.hCursor,eax
	mov		wc.lpszMenuName,0
	call	GetStockObject,WHITE_BRUSH
	mov		wc.hbrBackground,eax
	mov		wc.style,CS_HREDRAW or CS_VREDRAW or CS_GLOBALCLASS
	mov		wc.cbClsExtra,0
	mov		wc.cbWndExtra,0
	call	RegisterClassA,offset wc	;注册窗口类

	;建立主窗口
	call	CreateWindowExA,0,offset myclassname,offset caption,WS_OVERLAPPEDWINDOW,100,100,450,300,0,0,[hInst],0
	mov		[hWnd],eax

	call	ShowWindow,[hWnd],1
	call	UpdateWindow,[hWnd]
MsgLoop:	;消息循环
	call	GetMessageA,offset msg,0,0,0
	or		eax,eax
	jz		Exit
	call	TranslateMessage,offset msg
	call	DispatchMessageA,offset msg
	jmp		MsgLoop
Exit:		;退出进程
	call	ExitProcess,0
;***********************************************************************
;消息处理函数
WinMsgProc  proc uses ebx edi esi, handle:DWORD, wMsg:DWORD, wParam1:DWORD, lParam1:DWORD
	LOCAL	hldc:DWORD
	cmp		wMsg,WM_CREATE
	jz		create
	cmp		wMsg,WM_DESTROY
	jz		destory
	cmp		wMsg,WM_KEYDOWN
	jz		keydown
	cmp		wMsg,WM_KEYUP
	jz		keyup
	cmp		wMsg,WM_MYMSG
	jz		mymsg
	jmp		default
create:		;建立
	call	LoadLibraryA,offset DllFileName		;把HookDLL.dll映射入进程空间
	call	GetProcAddress,eax,offset ProcName	;取安装钩子的函数
	call	eax,handle							;安装钩子
	xor		eax,eax
	ret
destory:	;注消窗体
	call	PostQuitMessage,0
	xor		eax,eax
	ret
keydown:	;有键按下
	call	GetDC,handle
	mov		hldc,eax
	call	_wsprintfA,offset PintMsg,offset PintMsg_Self,handle,wMsg,wParam1,lParam1
	add		esp,4*6
	call	TextOutA,hldc,30,50,offset PintMsg,eax
	call	ReleaseDC,handle,hldc
	xor		eax,eax
	ret
keyup:		;有键放开
	call	GetDC,handle
	mov		hldc,eax
	call	_wsprintfA,offset PintMsg,offset PintMsg_Self,handle,wMsg,wParam1,lParam1
	add		esp,4*6
	call	TextOutA,hldc,30,70,offset PintMsg,eax
	call	ReleaseDC,handle,hldc
	xor		eax,eax
	ret
mymsg:		;DLL发消息来，有键按下
	call	GetDC,handle
	mov		hldc,eax
	call	_wsprintfA,offset PintMsg,offset PintMsg_Dll,handle,wMsg,wParam1,lParam1
	add		esp,4*6
	call	TextOutA,hldc,30,30,offset PintMsg,eax
	call	ReleaseDC,handle,hldc
	xor		eax,eax
	ret
default:
	call	DefWindowProcA,handle,wMsg,wParam1,lParam1
	ret
WinMsgProc  endp
	end main