Screen grab tutorial
Take you into a new and strange programming field: intercept the Win9X API function, reveal the secret of the screen grabbing!
The screen grabbed in Acrobat Reader 3, IE5, IE4! Free download intercepting engine TWORM, free download is comparable to Jinshan Words grasp the word DLL!
First class screen grabbing introduction
What is a screen grab?
What is the implementation of the screen grip?
Basic principle of screen grip
Second lesson related background knowledge
Introduction to the mouse hook function
Free mouse hook routine: moushook.zip size: 170K.
Download the keyboard to simulate the mouse for free: KeyMouse.zip size: 164K.
View 16-bit textout () parameters with Soft-Ice
Use Soft-ICE to view the parameters of 32-bit textouta ()
The third class screen grabs the word engine: TWORM
Introduction to Intercepting API's Engine TWORM
How to use the TWORM blocking WIN API function
Download the Download Intercepting Engine TWORM: Worm.DCU Size: 3K.
Intercepting the Limit of the Engine TWORM Demo Edition
Free Download: Use TWORM Interception Beginpaint () BeginPaint.zip Free Download: Use TWORM Intercept Textout () and ExtOutOut () TEXTOUT.ZIP to achieve "full screen color", is the foundation of "full screen".
Is the core of Win9X Win16?
Why can the 16-bit TWORM intercept 32-bit TEXTOUTA ()?
How to buy TWORM official version
Fourth lesson IE4 and IE5 screen grabby
Screen grip DLL principle
Screen grip DLL function
Comparison with "Jinshan Words"
Free Download: FREEDICT.ZIP for screen grip
Welcome all programming masters to use TWROM to communicate, and correct.
Provide the original code for screen grabbed words to the software company with a low-profit price.
My email: Mafeitao@371.net
First class screen grabbing introduction
What is the screen grip?
"Screen Grasping" technology is widely used in the electronic dictionary, and it is called "即 即 即", "mouse tetrans", "cursor dictionary", "screen tether", etc., in this article "screen catch word". Users of the Four-way Practice and Jinshan Words have seen screen grabbing technology. Which words are translated in the mouse, which seems simple, in fact, is very complex and interesting in the Windows system. The programming technology adopted is also very unique. The author is an experience, not dare to "the garden fragrance is alone", willing to lead you into this new and strange programming field, and hope to obtain the teachings and corrections of the programs. Back to top
What is the implementation of the screen grip?
I found that the screen grabbed, after purchasing the English-Han Tong Software. At that time, the author was only a practitioner of Visual Basic, and there is not much knowledge of the knowledge inside the Windows system. It is considered that the implementation of the screen grip in the Windows system should be the same as the DOS system, and call a DOS interrupt on the screen or It is possible to read the contents of the memory directly. With the understanding of the WINDOWS system, it is not as simple as the problem is not as simple as it is. First, read thousands of functions in the WinodWS Application Interface (API), do not find an outgoing function similar to getWordFromPoint (); according to experience, it is not an image recognition technology that is judged by judging the screen grabbing. The online document of the SDK is not covered in the online document of the SDK; it is difficult to obtain the information of the card programming interface, and some are only the basic knowledge of CGA to VGA. Recalling that the online information (if it is paper, it will be piled up like a mountain), and it feels that it is in the dark, there is no direction, there is no light, but strong interest is close to me. Be sure to unlock this mystery. When I passed the countless crash, I finally completed the programming of IE4, IE5, Outlook 4, Outlook5, IE5, Outlook 4, Outlook5, Woed 97, Excel 97, Win Help, Netscape and other environment screens, looking at Soft -ICE is a thick work note, looking at the word sentence that condenses my hard work, I can't help but be more difficult for WIN underlying! This difficult, people who are accustomed to fast procedures may never experience. Back to top Basic principle of screen grip
Use the "Mouse Hook" or "Timer" to get the position of the mouse, if the mouse moves, then place a small window at the mouse position, (in my program, this window height is 1, length 1, small As a needle tip) The Windows system issues a WM_PAINT message, indicating IE, Netscape and other application redraw screens, when IE, Netscape and other applications respond to WM_PAINT, TextOut (), extTextOut () will call the API function to draw text, if We intercept the parameters of TextOut () and EXTTEXTOUT () in the stack of IE, Netscape and other applications, and "screen grip" is implemented.
Second lesson related background knowledge
Introduction to the mouse hook function
The screen grabby can take the "Mouse Hook" or "Timer" to get the location of the mouse. The "mouse hook" response speed is faster, but programming technology is also troublesome, and now "Mouse Hook" is a profile. The mouse hook function can also be called a mouse message filter, a callback function that is called by the system. If you install the address of the mouse hook function with SETWINDOWSHOK or SETWINDOWSHOKEX, whenever you move your mouse on the screen, the system will give the control to the mouse hook function, so that we can have a chance to intercept a variety of mouse messages within the mouse hook function. Before these messages have not delivered the application queue, they displays them, change them or directly to the next default mouse hook function. Note that the mouse hook function is intercepted is a system-level message instead of a window message within a single application queue; the system sent to each application queue can be intercepted by the mouse hook function. All of the VC's Spy and Delphi WinsPy have a hook function that intercepts various system-level messages, including mouse hook functions, keyboard hook functions, window hook functions, and the like. We can copy a mouse hook function to simulate a self, when the mouse moves, we will immediately obtain the control of the system (including the first Windows 3.1 and the first Windows 9x), intercept the mouse message in real time inside the mouse hook function, Displays the position and status of the mouse and the secret address of the window, the title bar, window class, window process address, and the like. InvalidateRect (), invalidatergn (), invalidatergn () can be called within the mouse hook function to get the words under the mouse on the screen. Download Mouse Hook for free: MOUSHOK.ZIP Size: 170K.
Download the keyboard to simulate the mouse for free: KeyMouse.zip size: 164K.
Back to top
View 16-bit textout () parameters with Soft-Ice
For example:: BPX GDI! Textout: g: dw s: ESP 34B7: 00008310 0028 01AF 0004 0000 3447 0005 0010 093E: DW 3447: 0000 (Note: 0028 is CS, 01AF is IP, 0004 is the parameter count, 0005 Y, 0010 is X, 093E is HDC, 3447: 0000 is the LPSZ we have to intercept back to top
Use Soft-ICE to view the parameters of 32-bit textouta ()
For example:: BPX GDI32! TextOuta: G: DD SS: ESP 017F: 0067F364 00000010 000000005 017F: 0067F374 0045163F 00000004: DD 0045163F (Note: 00420495 is the return address, 93E is HDC, 10 is x, 5 is Y, 0045163F is the LPSZ we want to intercepted 4 is count Back to top
The third class screen grabs the word engine: TWORM
TWORM Introduction
The key to "screen grip" is to intercept the API function. For security considerations, I put the specific details of the interception track into a class TWORM. I called it as a wormy, meaning can be drilled into other Windows APIs. . This will no longer need to study the original code, and call TWORM to intercept, track, and change the integration of Windows 3.1 API. I compile TWORM into Torm.dcu, and use Uses TWorm in Delphi. In WIN 9X, TWORM can be used to intercept the 32-bit function. After installed WIN 98, after this time study, I found that Win 98 is not like Microsoft promotion is true 32-bit operating system! The method of intercepting the 32-bit function in WIN 9X is simple, that is, intercept the 16-bit function in Win 3.1 in Win 3.1, calling the TWORW class in my package to block the 32-bit Win 9x in the 32-bit function! You can try. How to use the TWORM blocking WIN API function
The usage is as follows: (Please use Delphi 1) Uses TWorm; Var W1, W2: TWorm; {can declare multiple objects W1, W2, W3, intercept multiple functions} W1: = Torm.create; {Create two new objects} w2: = Tworm.create; w1.oldProc: = getProcAddress (getModuleHandle ( 'gdi', 'TextOut'); w1.newProc: = getProcAddress (getModuleHandle ( 'my_DLL', 'myTextOut'); w1.change; {Settings Interception 1} {.... The system is intercepted when the system calls textout;} w1.restore; {Release interception 1} w2.oldproc: = getProcaddress (getModuleHandle ('win_api_fun'); w2.newproc : = getProcadDress (getModuleHandle ('my_dll'); w2.change; {setting interception 2} ... System call Any_WIN_API_FUN () will be intercepted into my_trace_fun () internal ..... .... In MY_TRACE_FUN () inside, you can program anything you want to do ....... {即: Every Win API function may be intercepted into my tracking function, in me In the tracking function, you can restore the original function, dry anything} w2.restore; {Release block 2} w1.free; {Release Object 1} w2.free; {Release Object 2}
Download TWORM Demo Edition: Worm.DCU Size: 3K.
You can intercept any multiple WIN 9X API functions in 1 DLL.
Back to top
TWORM Demo Edition limit
In order to control the flow of intercepting technology, considering the safety of computer system security, I don't want to have a chance, your own computer will become a victim of the hacker program with intercept technology !!! For this reason, I am from TWROM.DCU for free download Two restrictions in the demo version: 1 After more than 5 minutes each time, you will be prompted to be a demo version and exit. Will not delay your compilation and debugging work, because you can debug programs after compile, by many travel TWorms. 2 Start running, there is a BEEP. Back to top Free Download: Examples of Beginpaint () with TWORM BeginPaint.zip Continued
Free download: Intercept TextOut () and extTextOut () and extTextOut (), is the foundation of "full screen": TextOut.zip contains original code
(I developed on the screen gramphus version of the screen gramphock running in the Acrobat Reader 3, IE4, IE5, Netscape, Office 97, etc., is starting with TextOut.zip.)
Back to top
Is the core of Win9X Win16?
Why can the 16-bit TWORM intercept 32-bit TEXTOUTA ()?
Microsoft said that W16 API is only for compatibility, and the programmer should call 32-bit API as much as possible, it is actually not the case! The 32-bit API within WIN 98 (also included WIN 95) is called a large number of 16-bit APIs in WIN 3.1, estimating that the 32-bit API that may exceed 80% passes through the same name 16-bit API. It can be said that Win 3.1 is the cornerstone of Win9X, without Win 3.1, Win 9X will immediately crash. Win 9X EXTTEXTATA, EXTTEXTOUTW, TEXTOUTA, Textoutw are called EXTTEXTOUT, TEXTOUT, and Quality! Then, the method of intercepting the 32-bit function in WIN 9X is found, that is, intercept the 16-bit function in WIN 3.1 in WIN 3.1, calling the TWORW class in my package to block the 32-bit Win 9x by intercepting the 16-bit function. function! You can try. Because Win 9X itself is a 16-bit and 32-bit code mixed operating system, it is very seriously relying on 16-bit code, so W16 programming can be the secret weapon in Win 9X programming, and will be very powerful! Back to top
How to buy TWORM official version
If you want to buy TWORM's official version without any restrictions, you must follow:
You must guarantee that you do not use TWORM for viruses, hackers;
Show me what you are going to intercept what API;
Tell me: Your name, work unit, contact information.
Then, please contact me to purchase the official version of TWorm.dcu without any restrictions. My contact information: mailto: Please contact me: Mafeitao@371.net Back to top
Fourth lesson IE4 and IE5 screen grabby
Screen grip DLL principle
I am writing "screen grab", in several specials in IE4, IE5: 1 Writing screen grabbed words in IE4, how I encountered the unified encoding Unicode. 2 IE4 depicts the English and Chinese mixed text, English and Chinese use 1 extTextOut () output; 3 IE5 beta (IE 5.00.0518.10) When depicting English and Chinese mixed text, English and Chinese share 1 extTEXTOUT () output; 4 IE5 official version (IE 5.00.2014.0216) When the text is depicted, in addition to English and Chinese sharing 1 extTEXTOUT () output; there is a feature: When the window is smaller, use the IE4, IE5 beta, the method is determined to determine the X, Y The value is large when the window is large, and the value of the X, Y is determined by the positioning method relative to each line baseline. 5 IE5 beta and official version of the system change, such as the IE5 beta, SyslistView32 window class draws the text using extTextOutw (), and uses extTextouta () in the IE4 and IE5 formal version; the above four features, If you are programming, you don't pay attention, the light or not can intercept, or you can't position; you will make the stack of the IE crash, causing a crash. I used two weeks to solve the above problems, I finally completed the screen gramphi in the application environment of IE4, IE5, Netscape, Outlook Express4, 5, Office 97, and other applications in Win9x systems. I made the screen grabbed a dynamic connection library, demo.dll, in FreeDict.zip, can be used for program calls for 32-bit or 16-bit. The programming principle of the DLL is to determine the mouse position in the timer. If the mouse moves, place a length of 1, the height is 1, the height is 1, then hides it; because the needle tip window "stain" The screen, the Win9x system will notify the application (IE, Netscape, Office, etc.) to redraw this point, the application calls TextOut, Textouta, Textoutw, etc. to depict Text, and TextOut, TextOuta, Textoutwwwwwwwwwwwwwwwworth Good TWORM interception, gets the pointer to the string LPSZ, the text of the pointer points to the string is both the word to be grabbed in the stack of the application. Back to top screen grabby DLL function and feature
1: You can intercept the Acrobat Reader 3, IE4, IE5 beta, IE5 official version, Netscape, Outlook Express, FrontPage Express 2, Office97, etc. 2: Sparkling function. When you repeat the word, the location of the dictionary window is automatically locked. 3: You can coexist with Rich Win, XDict, and does not affect each other. When loading Rich Win first loads Rich Win, press the "Rehook" button to restore the grabbing function after causing the Rich Win. 4: You can pass the words you caught to the 32-bit application. 5: You can catch words in dynamic scrolling subtitles. 6: Does not affect the running speed of applications such as IE, Netscape. 7: Running in Win9X Stable Back to top
Compare the "Jinshan Words", I am comparison XDict, I am not inferior, I can intercept IE5, IE4, run stable and strong, and the compatibility with Jinshan word tyrants and four cubes are very good. Back to top
Download, Screen Grasses Demo FREEDICT.ZIP can be in Win 9x system, Acrobat Reader 3.0, IE5, IE4, Outlook Express 4, Outlook Express 5, FrontPage Express 2, Netscape, Office 97, Win Help, Delphi, etc. Running in the environment, showing the dynamic interception of the electronic dictionary (such as Jinshan word, four cubic, etc.).
Welcome to download, test, and use the "Screen Grasping" dynamic connection library: demo.dll.
Welcome all programming masters to use TWROM to communicate, and correct.
Because I personally fare to make my own copyright English-Chinese Dictionary and Chinese-English dictionary, I am willing to provide the software company with the original code of "screen grip" with a low-and-offer price. Welcome to make the electronic dictionary, internal code conversion, Chinese character platform companies contact me to cooperate:
Mafeitao@371.net Ma Feitao
If you have questions or suggestions about this site, please email Mafeitao@371.net.
