请教下钩子卸载的问题
#include"head.h"HINSTANCE g_hInstance = NULL;
HHOOK g_Khook = NULL;
HWND g_hwnd = NULL;
BOOL DllMain(HINSTANCE hInstace, DWORD reason, LPVOID lp)
{
switch (reason)
{
case DLL_PROCESS_ATTACH:
g_hInstance = hInstace;
break;
default:
break;
}
return TRUE;
}
void ShowMsg(HWND* hwnd)
{
g_hwnd = *hwnd;
wchar_t text{ 0 };
wsprintf(text, L"当前实例句柄:%p", g_hInstance);
MessageBoxW(*hwnd, text, 0, 0);
}
LRESULT CALLBACK KeyProc(
_In_ int nCode,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
if (nCode==HC_ACTION)
{
if ((wParam == 0x5a)&&((lParam&0x80000000)==0))
{
if (UnhookWindowsHookEx(g_Khook))
{
MessageBoxW(g_hwnd, L"钩子解除", 0, 0);
return 1;
}
else
{
//DWORD a = GetLastError();
wchar_t text{ 0 };
wsprintf(text, L"钩子句柄:%p", g_Khook);
MessageBoxW(g_hwnd, text, 0, 0);
wsprintf(text, L"实例句柄:%p", g_hInstance);
MessageBoxW(g_hwnd, text, 0, 0);
wsprintf(text, L"主窗口句柄:%p", g_hwnd);
MessageBoxW(g_hwnd, text, 0, 0);
return 1;
}
}
}
return CallNextHookEx(g_Khook,nCode,wParam,lParam);
}
BOOL Sethook()
{
HINSTANCE hdll = GetModuleHandleW(L"g:\\自动扫雷(DLL注入).dll");
g_Khook = SetWindowsHookEx(WH_KEYBOARD, KeyProc, hdll, GetWindowThreadProcessId(g_hwnd, 0));
if (g_Khook == 0)
{
return FALSE;
}
wchar_t text{ 0 };
wsprintf(text, L"钩子句柄是:%p", g_Khook);
MessageBoxW(g_hwnd, text, 0, 0);
return TRUE;
}
BOOL Unhook()
{
if (UnhookWindowsHookEx(g_Khook))
{
return TRUE;
}
return FALSE;
}
这是单纯的DLL文件然后我注入到x86的扫雷中
我想请教下钩子的回调函数在dll是怎么运作的 3个句柄只有1个DLL本身的实例句柄能识别 为什么会这样呢 是不是和共享节有关联? 应该是没做共享数据段 钩子是啥{:301_1004:}
页:
[1]