📄 hookdll.asm
字号:
;*****************************
;文件:HookDLL.asm *
;功能:在DLL中的钩子过程 *
;*****************************
.386P
.Model Flat ,StdCall
include win32.inc
extrn MessageBoxA:PROC
extrn SetWindowsHookEx:PROC
extrn CallNextHookEx:PROC
extrn SendMessageA:PROC
extrn PostMessageA:PROC
extrn SetWindowsHookExA:PROC
extrn UnhookWindowsHookEx:PROC
NULL = 0
WM_MYMSG = WM_USER + 1 ;自定义消息
DLL_PROCESS_ATTACH = 1
DLL_PROCESS_DETACH = 0
DLL_THREAD_ATTACH = 2
DLL_THREAD_DETACH = 3
HC_ACTION = 0
WH_JOURNALRECORD = 0
EVENTMSG struc
message dd ?
paramL dd ?
paramH dd ?
time dd ?
handle dd ?
ends
public KeyHook
public InstallKeyHook
.Data
Caption db 'Hook DLL',0
pinit db 'DLL装入',0
pend db 'DLL退出',0
hMainWin dd ? ;主窗口句柄
hModule dd ? ;DLL的模块句柄
hHook dd ? ;钩子句柄
.Code
DllMain proc hInst:DWORD,fdwReason:DWORD,fImpLoad:DWORD
mov eax,fdwReason
cmp eax,DLL_PROCESS_ATTACH
jz ProcInit
cmp eax,DLL_PROCESS_DETACH
jz ProcExit
cmp eax,DLL_THREAD_ATTACH
jz ThreadInit
cmp eax,DLL_THREAD_DETACH
jz ThreadExit
ProcInit: ;DLL初映射进进程空间
mov eax,hInst
mov [hModule],eax
call MessageBoxA,NULL,offset pinit,offset Caption,MB_OK
jmp DllMainEnd
ProcExit: ;解除映射
call MessageBoxA,NULL,offset pend,offset Caption,MB_OK
call UnhookWindowsHookEx,dword ptr [hHook]
jmp DllMainEnd
ThreadInit:
jmp DllMainEnd
ThreadExit:
jmp DllMainEnd
DllMainEnd:
mov eax,1
ret
DllMain endp
;*****************************************************
KeyHook proc nCode:DWORD,wParam:DWORD,lParam:DWORD
cmp nCode,HC_ACTION
jnz KeyHookEnd
mov edx,lParam
mov eax,[edx]
cmp eax,WM_KEYDOWN ;是键盘按下?
jnz KeyHookEnd
mov eax,[edx].paramL ;送信息给主窗口
mov edx,[edx].paramH
call PostMessageA,dword ptr [hMainWin],WM_MYMSG,eax,edx
KeyHookEnd: ;下一个钩子过程
call CallNextHookEx,hHook,nCode,wParam,lParam
ret
KeyHook Endp
InstallKeyHook proc hwin:DWORD ;安装钩子过程
mov eax,hwin
mov [hMainWin],eax
call SetWindowsHookExA,WH_JOURNALRECORD,offset KeyHook,dword ptr [hModule],0
mov [hHook],eax
ret
InstallKeyHook endp
end DllMain
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -