注入技术--消息hook注入

1.简介

消息钩子注入. 对有窗口的进程. 容易被检测
SetWindowsHookExW的参数1如果空,则卸载钩子

2.代码

HHOOK hook = 0;
DWORD msgInject(WCHAR* dllpath,WCHAR* className, WCHAR* windowName)
{
    if (!dllpath)
    {
        if (hook)
        {
            UnhookWindowsHookEx(hook);
        }
        return 0;
    }
    HMODULE hd = LoadLibraryW(dllpath);
    LPVOID func = (LPVOID)GetProcAddress(hd, "hook");
    if (!func)
    {
        FreeLibrary(hd);
        return 0;
    }
    HWND wind = FindWindowW(className, windowName);
    if (wind == INVALID_HANDLE_VALUE || wind == 0)
    {
        FreeLibrary(hd);
        return 0;
    }
    DWORD tid = GetWindowThreadProcessId(wind, 0);
    if (!tid)
    {
        FreeLibrary(hd);
        return 0;
    }
    hook = SetWindowsHookExW(WH_GETMESSAGE, (HOOKPROC)func,hd,tid);
    if (!hook)
    {
        FreeLibrary(hd);
        return 0;
    }
    return 1;
}

未完待续...