The program is just a principle description, there may be many places to be imperfect. The method is to use the shell hook.
With Win32 global hooks, I directly give hook code, you can intercept the Chinese version and English version of the messenger service is Msghook.dll source code // ------------ // msghook .cpp // -------------------------------------------------------------------------------------------------------------------------------------------------------------------- ----------------------------- # include
// Original Window header file
#pragma HDRSTOP
#pragma argsused
/ / -------------------------------------------------------------------------------------------- ---------------------------
// DLL fixed statement
HHOOK HHOOK; / / HOOK HANDLE
HWnd happwnd; // Perform this DLL specific EXE program Handle
Hinstance instance; // Connect the module Handle, fixed stroke
/ / -------------------------------------------------------------------------------------------- -------------------------- // Comply with C language compiled DLL output functions extern "c" {__DECLSPEC (DLLEXPORT) __stdcall void setHook (void); __ declspec (DLLEXPORT) __stdcall void removehook (void); __ declspec (dllexport) __stdcall void adduser (void);} // --------------------- -------------------------------------------------- ---- // Overloaded ShellProc function LRESULT CALLBACK ShellProc (int Ncode, WPARAM WPARAM, LPARAM LPARAM); // ----------------------- -------------------------------------------------- - Bool Callback EnumwindowsProc (HWND HWND, LPARAM LPARAM); // ----------------------------------- ---------------------------------------- Bool Callback EnumwindowsProc (HWND HWND, LPARAM LPARAM) {Tchar SzwindowText [256]; :: getWindowText, 256); if (Strcmp (SzwindowText, "Swings Service") == 0 || StrCMP (SzwindowText, "Messenger Service") == 0) {Tchar Szmessage [256]; hWnd hWndMessage = :: getdlgitem (hwnd, 0xffff) ;: getWindowText (HWndMessage, Szmessage, 256); :: SendMessage (hwnd, wm_close, 0, 0); // :: Po Stimentage (hwnd, wm_destroy, 0, 0); :: TerminateProcess (hwnd, 0); MessageBox (null, szmessage, "haha! This is my window ", MB_OK);} return true;} // --------------------------------- ------------------------------------------
// DLL main function int WinAPI DLLENTRYPOINT (Hinstance Hinst, unsigned long reason, void * lpreserved) {instance is called or end {copy DLL_Process_attach: // This DLL constructor / / Accept the specific program of this DLL HandleHappWnd = :: FindWindow ("Lurker", 0); Break; Case DLL_PROCESS_DETAK: // This DLL destructor Break;
Case DLL_THREAD_ATTACH: / / This DLL multi-threaded constructor Break;
Case DLL_THREAD_DETACH: // This DLL multi-threaded analysis function Break;} returnif 1;}
/ / -------------------------------------------------------------------------------------------- --------------------------- // Register custom HOOK to HOOK chain void __stdcall setook (void) {// If Hook has not hanging The information chain is registered to the hook chain if (hHOOK == null) {hHOOK = :: h = NULL) {hHOLLPROC, INST, 0); // Show to be hooked, test! IF (hHOOK == NULL) Messagebox (NULL, "Sorry! Unable to hang hook.", "Hook dll", mb_ok); ElseMessageBox (null, "OK, Hook has been successfully hanging!", "Hook dll", MB_OK);}} // ------------------------------------------- ------------------------------ LResult Callback ShellProc (int Ncode, WPARAM WPARAM, LPARAM LPARAM) {
// if (nCode == HSHELL_WINDOWACTIVATED) // HSHELL_WINDOWCREATEDif (nCode == HSHELL_WINDOWCREATED || nCode == HSHELL_WINDOWACTIVATED || nCode == HSHELL_GETMINRECT || nCode == WM_WINDOWSHOW) {// :: EnumWindows ((WNDENUMPROC) EnumWindowsProc, 0) HWnd hwnd = hwnd (wparam); tchar szwindowtext [256];:: getWindowText (hwnd, szwindowtext, 256); if (Strcmp (SzwindowText, "Swings Service") == 0 || Strcmp (SzwindowText, "Messenger Service" ) == 0) {TCHAR szMessage [256]; // Get Message detailHWND hWndMessage = :: GetDlgItem (hWnd, 0xffff); :: GetWindowText (hWndMessage, szMessage, 256); :: SetActiveWindow (hWnd); :: SendMessage ( HWND, WM_CLOSE, 0, 0); :: TerminateProcess (hwnd, 0);
MessageBox (Null, Szmessage, "Haha! This is my window", MB_OK);}} return 1;} // ----------------------- -------------------------------------------------- ---- // In the hook chain, the custom hookvoid __stdcall removehook (void) {// If the Hook already hangs the information chain, remove this HOOK information if (hHOOK! = Null) {if (:: UnHookWindowsHookex (hHOOK)! = False) {hhook = null; MessageBox (NULL, "Hook has successfully uninstalled!", "Hook dll", mb_ok);} else // test! Messagebox (Null, "Sorry! Can't release hook.", "Hook DLL", MB_OK;} else // Test! // :: Textout (getDC (0), 80, 10, "Hook isn't Null", 16); MessageBox (NULL, "Hook is empty!", "Hook dll", MB_OK);} // -------------------------------------------------- ------------------------ Note the following sentence (Strcmp (SzwindowText, "Music Service") == 0 || Strcmp (SzwindowText, "Messenger Service" ) == 0) "Letter Service", there is a space, "Messenger Service" here has two spaces.
Author: unknown Source: 9CBS
