Some sort of hook

**Void** · 11-23-2009

After seeing BlackAngels little snippet on a simple keyboard hook I wanted to go a little more in depth with hooks so instead of a keyboard hook I tryed something else and it's been nothing but torture.

Code:

#include <iostream>
#include <windows.h>

using namespace std;

HHOOK Hook;
HMODULE Mod;

LRESULT CALLBACK CallWndProc(int code, WPARAM wParam, LPARAM lParam)
{
        if(code == HC_ACTION)
        {
                PCWPSTRUCT info = (PCWPSTRUCT)lParam;
                return CallNextHookEx(Hook,code,wParam,lParam);
        }
}

int main()
{
    MSG msg;
    Mod = GetModuleHandle(NULL);
    if(!Mod)
    {
            return 0;
    }
    Hook = SetWindowsHookEx(WH_CALLWNDPROC,CallWndProc,Mod,0);
    if(!Hook)
    {
             return 0;
    }
    GetMessage(&msg,0,0,0);
    cin.get();
}

Compiles fine. Everytime I run it it gives me an access violation error and every single program closes and explorer.exe closes. Slow moving trial and error.

Not sure if i'm going in the right direction here but, I was trying to edit any messages that were being sent so that they could do something else. I'm in no hurry, this is all just for practice.

Any help is appreciated, thanks.

**why06** · 11-23-2009

Im not sure if you can hook CallWndProc... in fact I'm pretty sure that a lot of programs use that including the SetWindowsHook funchtion, but I'm not sure o_O... doesn't seem like a good idea.

**Void** · 11-23-2009

Code:

HHOOK SetWindowsHookEx(      
    int idHook,
    HOOKPROC lpfn,
    HINSTANCE hMod,
    DWORD dwThreadId
);

Code:

idHook
    [in] Specifies the type of hook procedure to be installed. This parameter can be one of the following values.

    WH_CALLWNDPROC
        Installs a hook procedure that monitors messages before the system sends them to the destination window procedure. For more information, see the CallWndProc hook procedure.

If I wasn't able to do that, why would MSDN include that?
MSDN lied to me..

SetWindowsHookEx Function()

**why06** · 11-23-2009

Oh. my bad... hmmmm.. wonder what the problem. Maybe I can figure it out with zero understanding of Hooking =/

**Void** · 11-23-2009

Originally Posted by why06

Oh. my bad... hmmmm.. wonder what the problem. Maybe I can figure it out with zero understanding of Hooking =/

I also have zero understanding of hooking.
I just find it weird how all my programs + explorer.exe close after access violation error.

**B1ackAnge1** · 11-24-2009

add a 'return 0' at the very end of your callback.

Also:

The CallWndProc hook procedure can examine the message, but it cannot modify it. After the hook procedure returns control to the system, the message is passed to the window procedure.

**Void** · 11-24-2009

Originally Posted by B1ackAnge1

add a 'return 0' at the very end of your callback.

Tryed that already. Outcome stays the same.

The CallWndProc hook procedure can examine the message, but it cannot modify it. After the hook procedure returns control to the system, the message is passed to the window procedure.

Thanks, I think I found what i'm looking for but I'm still having trouble.
GetMsgProc Function()

Code:

#include <iostream>
#include <windows.h>

using namespace std;

HHOOK Hook;

HMODULE Mod;
MSG *msg;


LRESULT CALLBACK Proc(int code, WPARAM wParam, LPARAM lParam)
{
        msg = (MSG*)lParam;
        
        if(msg)
        {
               cout <<"Test";
        }
        
        return CallNextHookEx(Hook,code,wParam,lParam);
}

int main()
{
    Mod = GetModuleHandle(NULL);
    if(!Mod)
    {
            return 0;
    }
    Hook = SetWindowsHookEx(WH_GETMESSAGE,(HOOKPROC)Proc,Mod,0);
    if(!Hook)
    {
             return 0;
    }
    GetMessage(msg,0,0,0);
    
    cin.get();
}

Not sure if that's right but, GetMsgProc is called whenever GetMessage catches a message and the callback should output "Test" everytime it catches something but nothing happens. I'm testing by pressing any button on the keyboard, I think it should be sending WM_KEYDOWN or WM_SYSKEYDOWN. Correct me if i'm wrong.

**why06** · 11-24-2009

Try using PeekMessage() instead of GetMessage(). GetMessage will freeze up until a message is sent. Also it requires you to do something with that message. So I imagine your freezing all the messages running through every application running on Windows.

EDIT: Oh nvm.. guess you needed GetMsgProc... my bad. >_>

**Void** · 11-24-2009

Originally Posted by why06

Try using PeekMessage() instead of GetMessage(). GetMessage will freeze up until a message is sent. Also it requires you to do something with that message. So I imagine your freezing all the messages running through every application running on Windows.

EDIT: Oh nvm.. guess you needed GetMsgProc... my bad. >_>

Lolwhat?

Even if GetMessage Freezes it's still getting any message sent. And once a message is sent GetMsgProc will be called and if my hook actually works it should output whatever.

**Azathoth69420** · 11-25-2009

Did you escalate your privileges?

**Void** · 11-25-2009

Originally Posted by Azathoth69420

Did you escalate your privileges?

Keyboard hook worked fine without changing any privileges. I think i'm just doing something wrong...I just don't see it.

**Thats the way it is** · 11-25-2009

Originally Posted by B1ackAnge1

add a 'return 0' at the very end of your callback.

Also:

for the record no return 0 is auto return 0 in most compilers it doesnt makes a difrend

**B1ackAnge1** · 11-25-2009

Originally Posted by Thats the way it is

for the record no return 0 is auto return 0 in most compilers it doesnt makes a difrend

Only in a few select situations and even then it's a nasty habit to just assume it'll return 0; It's right up there on the list of things to never do next to 'system("Pause")' or 'delete this'

Thread: Some sort of hook

Thread Tools

Display

Some sort of hook

Similar Threads

i need some sort of tut

some sort of AIM bot, I think

some sort of pirate native

proxy of some sort?

Some sort of riddle

Tags for this Thread