0
我创建了一个系统范围的钩DLL和我的DLL我试图得到通知每次一个新的进程创建或销毁。
当有新的进程被检测到时,我希望能够向调用程序发送消息,无论是布尔值还是自定义对象。 我该怎么做?
目前我正在使用一个文件来记录所有名字!这是可怕的 这是迄今为止代码:我怎样才能从DLL通信到调用应用程序在c + +
DEF文件
;LIBRARY
; Def file
EXPORTS
InstallHook
UninstallHook
dllapi.h
void InstallHook(void);
void UninstallHook(void);
dllmain.cpp
#include "stdafx.h"
using namespace std;
HINSTANCE currentProcessHandle;
HHOOK hookID;
string str = "1";
BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call,LPVOID lpReserved)
{
if (ul_reason_for_call == DLL_PROCESS_ATTACH)
currentProcessHandle = hModule;
return TRUE;
}
LRESULT CALLBACK HookProcedure(int nCode, WPARAM wparam, LPARAM lparam)
{
if (nCode < 0) return CallNextHookEx(hookID, nCode, wparam, lparam);
std::ofstream outfile;
CBT_CREATEWND *CBTHOOKCREATE;
RECT *CBTRECTPTR;
RECT CBTRECT;
wstring Message;
CBTHOOKCREATE = (CBT_CREATEWND*) lparam;
LPWSTR str = L" ";
outfile.open(("d:\\test.txt"), std::ios_base::app);
if (nCode >= 0) {
switch (nCode)
{
case HCBT_CREATEWND:
outfile << *(CBTHOOKCREATE->lpcs->lpszName) << " " << CBTHOOKCREATE->lpcs->lpszName << " Created!~ " << endl;
//cout << "Created!~" << endl;
break;
case HCBT_DESTROYWND:
outfile << "Destroied!~" << endl;
//cout << "Destroied!~" << endl;
break;
default:
//cout << "sth else" << endl;
break;
}
}
outfile.close();
return 0;
}
void InstallHook(void)
{
hookID = SetWindowsHookEx(WH_CBT, HookProcedure, currentProcessHandle, 0);
}
void UninstallHook(void)
{
UnhookWindowsHookEx(hookID);
}
挂钩消费类控制台应用程序
// Hook Executer.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include "..\Dll\dllapi.h"
#include <iostream>
using namespace std;
int _tmain(int argc, _TCHAR* argv[])
{
int num = -1;
cout << "1.Install Hook"<<endl
<< "2.Unistall Hook"<<endl
<< "0.Exit";
do{
cin >> num;
if (num ==1)
{
InstallHook();
}
else
{
UninstallHook();
}
getchar();
system("cls");
cout << "1.Install Hook" << endl
<< "2.Unistall Hook" << endl
<< "0.Exit";
} while (num != 0 && num < 3);
return 0;
}