Everyone knows that each window has the default window function to perform the processing of the window message. And the subclassics is the technology of the window function that replaces the window for its own function. For example, the following code: Var Form1: TFORM1; OldWndProc : Pointer; IMPLEMENTATION
{$ R * .dfm} function NewWndProc (hHwnd, Msg, wParam, lParam: LongWORD): Longint; stdcall; begin if Msg = WM_CLOSE then exit; Result: = CallWindowProc (OldWndProc, hHwnd, Msg, wParam, lParam); end ;
procedure TForm1.FormCreate (Sender: TObject); begin {Save the old window function address} OldWndProc: = Pointer (GetWindowLong (Self.Handle, GWL_WNDPROC)); {set a new window function for the custom function} SetWindowLong (Self.Handle , GWL_WndProc, longint (@newwwndproc)); END; This makes subcatenification on the window when the window is established. At this time, the shutdown button pressing the window will not turn the window, because the new window handling function puts the WM_Close message Filtered, to cancel the subcarplication, just simply restore the previous window function. Setwindowlong (Self.Handle, GWL_WndProc, Longint (OldWndProc));
It seems that it seems to be very simple, as long as subcatetics in other processes can be subcatenified. But in Win32, every process has its own independent memory space, new window Functions must be in the same process of the target window, using setWindowlong (handle, gwl_wndproc, new window functions in other processes), so you want to put our window function code in the target process, here There are two ways, one is to create threads in the target process using CreateRemThetRead, but this function is only implemented in NT and above, and it should also involve problems such as API addresses, it is very troublesome (please refer to http: // www .9cbs.net / deb? Id = 21079). Another method is to use hook technology (SETWINDOWSHOKEX, if you don't know, please refer to Hook technology articles), everyone knows that HOOK for other processes This process automatically loads the Hook process where the DLL is located. If we put the window function in the DLL, the window function is equivalent to loading the address space of the target process, which is simple. Here we use Hook technology to achieve cross-process subcatenation.
The last problem is how to implement global variables in the DLL, because the variables in the DLL apply to new spaces when each process is loaded with this DLL, so the variables in the DLL are different in each process, and memory files can be utilized Mapping, WM_CopyData, etc. to achieve global variables. This uses memory file mapping.
Now what you need is already understood, let us see the specific code (here, put all the functions in a DLL): library hook;
Uses sysutils, windows, messages;
Const WM_UNSUBCLASS = WM_USER 1001; {Uninstall subclass message} WM_NEWMESSAGE = WM_USER 1002; {Notification Watch window to new message} hook_event_name = 'myhook';
type PMyDLLVar = ^ TMyDLLVar; TMyDLLVar = record SubClass: Boolean; {whether subclass} HookWindow, SpyWindow: LongWORD; {HOOK to install windows and a window for receiving the message} hHook: LongWORD; {HOOK handle} OldWndProc: Pointer; {Old window process} msghwnd: longword; msg: tMESSAGE; END; var DLLDATA: PMYDLLVAR;
{---------------------------------------} {function name: newWndProc {function function: New window process {function parameter: hhwnd: window handle MSG: message ID {wparam, lparam: message parameter {function return value: The next window process return value {-------------- -------------------------} Function NewWndProc (HHWND, MSG, WPARAM, LPARAM: longword): longint; stdcall; begin if msg = wm_unsubclass the {If you receive the previous WndProc} begin setWindowlong (DLLDATA ^ .OLDWNDOT (DLLDATA ^ .OldWndProc); exit; end; {This is mapped by the message In memory, our own procedure can get the monitored message by reading this memory.} DLLDATA ^ .msg.msg: = msg; dlldata ^ .msg.wparam: = wparam; dlldata ^ .msg.lparam: = lparam; DLLDATA ^ .msghWnd: = hhwnd; {Send a message to the monitor window} SendMessage (dlldata ^ .sspyWindow, WM_NewMessage, 0, 0); {This can add your own code for the target process message, because yourself It is in the address space of the target process, and now you can do whatever you want to be ^ _ ^) Result: = CallWindowProc (DLLDATA ^ .OLDWNDPROC, HHWND, MSG, WPARAM, LPARAM);
{------------------------------------} {process name: hookproc {process function: hook process { Process Parameters: Ncode, WPARAM, LPARM message phase {Guan parameter {-------------------------------------------------------------------------------------------------------------------------- -} Procedure HookProc (ncode, wparam, lparam: longword); stdcall; var hent: thandle; begin if not dlldata ^ .subclass the {If this window is subcatenified} begin {Save window process address and subcatenification} if hEvent <> 0 then begin WaitForSingleObject (hEvent, INFINITE); CloseHandle (hEvent); end; DLLData ^ .OldWndProc: = pointer (GetWindowLong (DLLData ^ .HookWindow, GWL_WNDPROC)); SetWindowLong (DLLData ^ .HookWindow, GWL_WNDPROC, integer ( @NewWndProc)); DLLData ^ .SubClass: = True; hEvent: = OpenEvent (Synchronize, False, HOOK_EVENT_NAME); end; {next call Hook} CallNextHookEx (DLLData ^ .hHook, nCode, wParam, lParam); end; { ------------------------------------} {Function Name: InstallHook {Function Function: On the specified window Install hook {function parameters: hwindow: To install the window of the window {SWINDOW: Window for receiving the message {Return value: Successfully returned true, failed to return false {---------------- --------------------} Function Installhook (Hwindow, Swindow: Longword): Boolea n; stdcall; var threadid: longword; hevent: thandle; begin result: = false; dlldata ^ .hook: = 0; dlldata ^ .hookwindow: = hwindow; dlldata ^ .spyWindow: = SWindow; {Get the thread ID of the specified window } ThreadID: = GetWindowThreadProcessId (HWindow, nil); {designation window is linked to a child} hEvent: = CreateEvent (nil, True, False, HOOK_EVENT_NAME); DLLData ^ .hHook: = SetWindowsHookEx (WH_GETMESSAGE, @HookProc, hinstance, ThreadID) , STEVENT (HEVENT); CloseHandle (HEVENT); if DLLDATA ^ .hook> 0 Then Result: = true; {Success Hook} end;
{------------------------------------} {process name: unhook {process function: uninstall hook { Procedure parameters: no {----------------------------------} procedure unhook; stdcall; begin {send Uninstall subclassization message to the specified window} SendMessage (DLLDATA ^ .HookWindow, WM_UNSUBCLASS, 0, 0); dlldata ^ .SUBCLASS: = false; {Uninstall hook} unhat ^ .hhook; end; {---- --------------------------------} {process name: DLL entry function {process function: DLL initialization, release, etc. {Process parameters: DLL status {----------------------------------} procedure mydllhandler (Reason: integer VAR FHANDLE: Longword; Begin Case REASON OF DLL_PROCESS_ATTACH: Begin {Building file map to implement global variables in the DLL} fhandle: = CreateFileMapping ($ fffffff, nil, page_readwrite, 0, $ ff, 'mydllData); if FHandle = 0 then if GetLastError = ERROR_ALREADY_EXISTS then begin FHandle: = OpenFileMapping (FILE_MAP_ALL_ACCESS, False, 'MYDLLDATA'); if FHandle = 0 then Exit; end else Exit; DLLData: = MapViewOfFile (FHandle, FILE_MAP_ALL_ACCESS, 0, 0, 0) ; If DLLDATA = NIL THEN CloseHandle (FHANDLE); END; DLL _Process_Detach: if Assigned (DLLDATA) THEN BEGIN UNMAPVIEWOFFILE (DLLDATA); DLLDATA: = NIL; END; DLL_THREAD_ATTACH: DLL_THREAD_DETACH: END; END;
{$ R * .res} exports installhook, unhook, hookproc;
Begin DllProc: = @MydllHandler; MyDLLHandler (DLL_PROCESS_ATTACH); END.
Compile this DLL, then load this DLL in our program, and call installhook (Target window handle, yourself) to implement monitoring of the target window message (read mapping memory when receiving the WM_NEWMESAGE message), Calling UnHook, you can uninstall the dropping of the drop and hook. If you have a break, please write it yourself.
