那些遇到过的问题

CBTProc 回调不起作用,setEventHookEx

ele*_*8ed 4 c# powershell winapi winforms

我这里有一些针对 Windows 事件挂钩的代码,以便在触发时写入日志文件。我正在 powershell 中运行它。我已成功使用此代码来记录鼠标/键盘事件,但是当我使用 CBTProc 回调使用 WH_CBT 5 时,我没有收到任何事件。即使使用 WH_MOUSE_LL 14 的鼠标目标也可以正常工作......有人可以解释为什么吗?我是否错过了什么...或者由于某种原因不可能?

https://msdn.microsoft.com/en-us/library/windows/desktop/ms644990(v=vs.85).aspx

Add-Type -TypeDefinition @"
using System;
using System.IO;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Windows.Forms;

namespace MyLogger {

  public static class Program {
    private const int HOOK_CODE = 5;
    private const int CALLBACK_CODE = 9;
    private const string logPath = @"c:\MyTest.txt";

    private const string logFileName = "log.txt";

    private static StreamWriter logFile;

    private static HookProc hookProc = HookCallback;
    private static IntPtr hookId = IntPtr.Zero;

    public static void Main() {

      logFile = File.AppendText(logPath);
      logFile.AutoFlush = true;

      hookId = SetHook(hookProc);
      Application.Run();
      UnhookWindowsHookEx(hookId);
    }

    private static IntPtr SetHook(HookProc hookProc) {
      IntPtr moduleHandle = GetModuleHandle(Process.GetCurrentProcess().MainModule.ModuleName);
      return SetWindowsHookEx(HOOK_CODE, hookProc, moduleHandle, 0);
    }

    private delegate IntPtr HookProc(int nCode, IntPtr wParam, IntPtr lParam);

    private static IntPtr HookCallback(int nCode, IntPtr wParam, IntPtr lParam) {
      logFile.WriteLine("gg");


      return CallNextHookEx(hookId, nCode, wParam, lParam);
    }

    [DllImport("user32.dll")]
    private static extern IntPtr SetWindowsHookEx(int idHook, HookProc lpfn, IntPtr hMod, uint dwThreadId);

    [DllImport("user32.dll")]
    private static extern bool UnhookWindowsHookEx(IntPtr hhk);

    [DllImport("user32.dll")]
    private static extern IntPtr CallNextHookEx(IntPtr hhk, int nCode, IntPtr wParam, IntPtr lParam);

    [DllImport("kernel32.dll")]
    private static extern IntPtr GetModuleHandle(string lpModuleName);
  }
}
"@ -ReferencedAssemblies System.Windows.Forms

[MyLogger.Program]::Main();
Run Code Online (Sandbox Code Playgroud)

修改代码

Add-Type -TypeDefinition @"
using System;
using System.IO;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Windows.Forms;

namespace MyLogger {

  public static class Program {

    private const int WINEVENT_OUTOFCONTEXT = 0;
    private const int EVENT_OBJECT_FOCUS = 0x8005;

    private const string logPath = @"c:\MyTest.txt";

    private const string logFileName = "log.txt";

    private static StreamWriter logFile;

    private static HookProc hookProc = HookCallback;
    private static IntPtr hookId = IntPtr.Zero;

    public static void Main() {

      logFile = File.AppendText(logPath);
      logFile.AutoFlush = true;

      hookId = SetHook(hookProc);
      Application.Run();

    }

    private static IntPtr SetHook(HookProc hookProc) {

      return SetWinEventHook(EVENT_OBJECT_FOCUS, EVENT_OBJECT_FOCUS, null, hookProc, 0, 0, WINEVENT_OUTOFCONTEXT);
    }

    private delegate IntPtr HookProc(IntPtr hWinEventHook, int iEvent, IntPtr hWnd, int idObject, int idChild, int dwEventThread, int dwmsEventTime);

    private static IntPtr HookCallback(IntPtr hWinEventHook, int iEvent, IntPtr hWnd, int idObject, int idChild, int dwEventThread, int dwmsEventTime) {
      logFile.WriteLine("gg");



    }
    internal enum SetWinEventHookFlags
      {
          WINEVENT_INCONTEXT = 4,
          WINEVENT_OUTOFCONTEXT = 0,
          WINEVENT_SKIPOWNPROCESS = 2,
          WINEVENT_SKIPOWNTHREAD = 1
      } 

    [DllImport("user32.dll", SetLastError = true)]
    private static extern IntPtr SetWinEventHook(int eventMin, int eventMax, IntPtr hmodWinEventProc, HookProc lpfnWinEventProc, int idProcess, int idThread, int dwflags);
    private static extern int UnhookWinEvent(IntPtr hWinEventHook);


    [DllImport("user32.dll")]
    private static extern IntPtr CallNextHookEx(IntPtr hhk, int nCode, IntPtr wParam, IntPtr lParam);

    [DllImport("kernel32.dll")]
    private static extern IntPtr GetModuleHandle(string lpModuleName);
  }
}
"@ -ReferencedAssemblies System.Windows.Forms

[MyLogger.Program]::Main();
Run Code Online (Sandbox Code Playgroud)

Dav*_*ing 6

此代码记录具有焦点的 HWND。

Add-Type -TypeDefinition @"
using System;
using System.IO;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Windows.Forms;

namespace MyLogger {
    public static class Program {
        private const int WINEVENT_OUTOFCONTEXT = 0;
        private const int EVENT_OBJECT_FOCUS = 0x8005;
        private const int WM_GETTEXT = 0x000D;

        private const string logPath = @"c:\Temp\MyTest.txt";

        private static StreamWriter logFile;

        private static HookProc hookProc = HookCallback;
        private static IntPtr hookId = IntPtr.Zero;

        public static void Main() {
            logFile = File.AppendText(logPath);
            logFile.AutoFlush = true;

            hookId = SetHook(hookProc);
            Application.Run();
        }

        private static IntPtr SetHook(HookProc hookProc) {
            return SetWinEventHook(EVENT_OBJECT_FOCUS, EVENT_OBJECT_FOCUS, IntPtr.Zero, hookProc, 0, 0, WINEVENT_OUTOFCONTEXT);
        }

        private delegate void HookProc(IntPtr hWinEventHook, int iEvent, IntPtr hWnd, int idObject, int idChild, int dwEventThread, int dwmsEventTime);

        private static void HookCallback(IntPtr hWinEventHook, int iEvent, IntPtr hWnd, int idObject, int idChild, int dwEventThread, int dwmsEventTime) {
            logFile.WriteLine(string.Format("{0}", hWnd));
        }
        internal enum SetWinEventHookFlags
        {
            WINEVENT_INCONTEXT = 4,
            WINEVENT_OUTOFCONTEXT = 0,
            WINEVENT_SKIPOWNPROCESS = 2,
            WINEVENT_SKIPOWNTHREAD = 1
        } 

        [DllImport("user32.dll", SetLastError = true)]
        private static extern IntPtr SetWinEventHook(int eventMin, int eventMax, IntPtr hmodWinEventProc, HookProc lpfnWinEventProc, int idProcess, int idThread, int dwflags);

        [DllImport("user32.dll")]
        private static extern bool UnhookWinEvent(IntPtr hWinEventHook);
    }
}
"@ -ReferencedAssemblies System.Windows.Forms

[MyLogger.Program]::Main();
Run Code Online (Sandbox Code Playgroud)

传递hWnd到的HookCallback可以是子窗口(如列表控件或树控件等),它并不总是像您期望的 WH_CBT 那样是最外层的应用程序窗口。

如果您需要最外面的应用程序窗口,您可以简单地执行以下操作:

HWND hwnd = hWndPassedToHookCallback;
HWND hwndApp;
do
{
    hwndApp = hwnd;
    hwnd = GetParent(hwnd)
} while(hwnd);

// hwndApp now is the outermost application window
Run Code Online (Sandbox Code Playgroud)

归档时间:

查看次数:

1402 次

最近记录:

10 年,7 月 前
相关归档
如何使用Entity Framework选择单个列? 64
访问BindingContext [dataSource]和BindingContext [dataSource,dataMember]时有什么不同? 13
PowerShell:如何设置文化? 7
使用SHFileOperation:发生了什么错误 6
Powershell数组赋值赋值变量,而不是值? 5
ConvertFrom-Json:无法转换JSON字符串,因为从字符串转换的字典包含重复的键 4
如何使UserControl锁定到一定的高度? 3
如何在任何分辨率下找到屏幕中心 3
递归查找文件中的文本(PowerShell) 3
Powershell 中的 JavaScript 编码 URI 等效项? 3
难疑归档
使用__init __()方法理解Python super() 2366
如何使用JavaScript漂亮地打印JSON? 2222
如何在PHP中解析和处理HTML/XML? 2071
npm package.json文件中依赖项,devDependencies和peerDependencies之间有什么区别? 1872
如何从git repo中删除文件? 1795
在Git中撤消一个文件的工作副本修改? 1550
Dockerfile中CMD和ENTRYPOINT有什么区别? 1484
传输安全性阻止了明文HTTP 1425
type()和isinstance()之间有什么区别? 1163
如何列出包含给定提交的分支? 1029