(1)屏蔽本程序的鼠标信息和特定按键信息。设置后门按键F2可退出程序。
HHOOK g_hKeyBoard;
HHOOK g_hMouse;
LRESULT CALLBACK MouseProc(
_In_ int nCode,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
return 1; //屏蔽鼠标消息
}
LRESULT CALLBACK KeyboardProc(
_In_ int code,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
if (wParam == VK_SPACE || wParam == VK_RETURN)
return 1; //表示已处理案件信息
if (wParam == VK_F4 && (lParam >> 29 & 0x01)) //lParam >> 29 & 0x01 == 1:表示ALT键按下
return 1;
if (wParam == VK_F2)
{
::SendMessage(AfxGetApp()->m_pMainWnd->GetSafeHwnd(), WM_CLOSE, 0, 0);
UnhookWindowsHookEx(g_hKeyBoard);//移除键盘钩子过程
UnhookWindowsHookEx(g_hMouse); //移除鼠标钩子过程
}
return CallNextHookEx(g_hKeyBoard,code,wParam,lParam);
}
BOOL CHookDemoDlg::OnInitDialog()
{
// TODO: 在此添加额外的初始化代码
if (!(g_hMouse = SetWindowsHookEx(WH_MOUSE, MouseProc, NULL, GetCurrentThreadId())))
{
int nErrorCode = GetLastError();
return FALSE;
}
if (!(g_hKeyBoard = SetWindowsHookEx(WH_KEYBOARD, KeyboardProc, NULL, GetCurrentThreadId())))
{
int nErrorCode = GetLastError();
return FALSE;
}
return TRUE; // 除非将焦点设置到控件,否则返回 TRUE
}(2)屏蔽所有线程的鼠标消息和键盘消息。留下按键F2作为程序退出的后门。
方法:1.使用动态链接库创建全局钩子
//HOOK.cpp
#include "stdafx.h"
#include <Windows.h>
HHOOK g_hMouse = nullptr;
HHOOK g_hKeyBoard = nullptr;
HWND g_hUseDLL;
LRESULT CALLBACK MouseProc(
_In_ int nCode,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
return 1;
}
LRESULT CALLBACK KeyboardProc(
_In_ int code,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
if (wParam == VK_F2)
{
SendMessage(g_hUseDLL, WM_CLOSE, 0, 0);
UnhookWindowsHookEx(g_hMouse);
UnhookWindowsHookEx(g_hKeyBoard);
}
return 1;
}
void SetHook(HWND hUseDLL) //传入当前调用DLL的窗口句柄,方便设置后门关闭程序,否则程序屏蔽了鼠标和键盘消息,将无法被关闭。
{
g_hUseDLL = hUseDLL;
g_hMouse = SetWindowsHookEx(WH_MOUSE, MouseProc, GetModuleHandle(L"HOOK"), 0);
g_hKeyBoard = SetWindowsHookEx(WH_KEYBOARD, KeyboardProc, GetModuleHandle(L"HOOK"), 0);
}
//HOOK.def
; HOOK.def : 声明 DLL 的模块参数。
LIBRARY Hook ;指定动态链接库的内部名称
EXPORTS
; 此处可以是显式导出
SetHook @2 ;导出函数,并指定其序号为22.创建一个mfc工程用以加载全局钩子动态链接库
_declspec(dllimport) void SetHook(HWND hUseDLL); //函数声明,表明函数SetHook()是从DLL的.lib文件中导出的
BOOL CUseHookDllDlg::OnInitDialog()
{
SetHook(this->GetSafeHwnd());
return TRUE; // 除非将焦点设置到控件,否则返回 TRUE
}本文出自 “whatever957” 博客,请务必保留此出处http://whatever957.blog.51cto.com/6835003/1592914
原文:http://whatever957.blog.51cto.com/6835003/1592914