1. 首頁
  2. 問答
  3. SetWinEventHook僅掛鉤來自「olemainthreadwndclass」的事件

SetWinEventHook僅掛鉤來自「olemainthreadwndclass」的事件

2016-01-21 121 views
0

我有一個掛鉤所有應用程序事件的程序。我的程序總是以管理員身份運行。 每當我試圖獲得事件它只會涉及來自類的事件 「olemainthreadwndclass」。它在用戶模式和管理員模式下均適用於示例應用程序。 複製到我的項目中的相同代碼不起作用。代碼在下面提到。SetWinEventHook僅掛鉤來自「olemainthreadwndclass」的事件

這裏是CMainFrame.cpp ..

IMPLEMENT_DYNAMIC(CMainFrame, CFrameWnd) 

BEGIN_MESSAGE_MAP(CMainFrame, CFrameWnd) 
    ON_WM_CREATE() 
END_MESSAGE_MAP() 

void ShutdownMSAA() 
{ 
    UnhookWinEvent(hook); 
    UnhookWinEvent(HookCreateToHide); 
    UnhookWinEvent(HookNameChange); 
    UnhookWinEvent(HookFocus); 
    UnhookWinEvent(HookSysCapEnd); 
    UnhookWinEvent(HookSysForeGrnd); 
    CoUninitialize(); 
} 

void CALLBACK HandleWinEvent(HWINEVENTHOOK tEmphook, DWORD event, HWND hwnd, 
          LONG idObject, LONG idChild, 
          DWORD dwEventThread, DWORD dwmsEventTime) 
{ 
    if(hwnd) 
    { 
     TCHAR szWinClassName[256]; 
     if(GetClassName(hwnd, szWinClassName, sizeof(szWinClassName)/sizeof(TCHAR)-1)) 
     { 
      CString szGetWindowsClass(szWinClassName); 
      if(szGetWindowsClass.CollateNoCase("SysTreeView32") != 0 && 
       szGetWindowsClass.CollateNoCase("SysListView32") != 0 && 
       szGetWindowsClass.CollateNoCase("msctls_statusbar32") != 0 && 
       szGetWindowsClass.CollateNoCase("#32770") != 0 && 
       szGetWindowsClass.CollateNoCase("OleMainThreadWndClass") != 0) 
      { 
       OutputDebugString("#########################"); 
       CString szdwEventThread = ""; 
       szdwEventThread.Format(": %ld",dwEventThread); 
       szGetWindowsClass += szdwEventThread; 
       OutputDebugString(szGetWindowsClass); 
      } 
     } 
    } 
} 

void InitializeMSAA() 
{ 
    CoInitialize(NULL); 

    g_hook = SetWinEventHook( 
     EVENT_SYSTEM_MENUSTART, EVENT_SYSTEM_MENUEND, 0, HandleWinEvent, 0, 0, WINEVENT_OUTOFCONTEXT | WINEVENT_SKIPOWNPROCESS); 

    HookCreateToHide = SetWinEventHook(EVENT_OBJECT_CREATE,EVENT_OBJECT_HIDE, 0, 
      HandleWinEvent, 0, 0, WINEVENT_OUTOFCONTEXT | WINEVENT_SKIPOWNPROCESS); 

    HookNameChange = SetWinEventHook(EVENT_OBJECT_NAMECHANGE, EVENT_OBJECT_NAMECHANGE, 0, 
      HandleWinEvent, 0, 0, WINEVENT_OUTOFCONTEXT | WINEVENT_SKIPOWNPROCESS); 

    HookFocus = SetWinEventHook(EVENT_OBJECT_FOCUS, EVENT_OBJECT_FOCUS, 0, 
      HandleWinEvent, 0, 0, WINEVENT_OUTOFCONTEXT | WINEVENT_SKIPOWNPROCESS); 

    HookSysCapEnd = SetWinEventHook(EVENT_SYSTEM_CAPTUREEND, EVENT_SYSTEM_CAPTUREEND, 0, 
      HandleWinEvent, 0, 0, WINEVENT_OUTOFCONTEXT | WINEVENT_SKIPOWNPROCESS); 

    HookSysForeGrnd = SetWinEventHook(EVENT_SYSTEM_FOREGROUND, EVENT_SYSTEM_FOREGROUND, 0, 
      HandleWinEvent, 0, 0, WINEVENT_OUTOFCONTEXT | WINEVENT_SKIPOWNPROCESS); 
} 
CMainFrame::CMainFrame():Obj_SecondaryClass(NULL) 
{ 
    AfxGetApp()->LoadIcon(IDI_ICON); 
    Obj_SecondaryClass = new SecondaryClass(); 
    Obj_SecondaryClass->SetActive(TRUE); 
} 

CMainFrame::~CMainFrame() 
{ 
    Obj_SecondaryClass->SetActive(FALSE); 
    delete Obj_SecondaryClass; 
} 

int CMainFrame::OnCreate(LPCREATESTRUCT lpCreateStruct) 
{ 
    try 
    { 
     if(CFrameWnd::OnCreate(lpCreateStruct) == -1) 
     { 
      return -1; 
     } 
     EnterCriticalSection(&FirstCSec); 
     InitializeMSAA(); 
     LeaveCriticalSection(&FirstCSec); 
    } 
    catch(...) 
    { 
     return -1; 
    } 
    return 0; 
} 

BOOL CMainFrame::PreCreateWindow(CREATESTRUCT& cs) 
{ 
    if(!CFrameWnd::PreCreateWindow(cs)) 
     return FALSE; 

    cs.style = WS_OVERLAPPED | WS_CAPTION | FWS_ADDTOTITLE; 

    cs.dwExStyle &= ~WS_EX_CLIENTEDGE; 
    cs.lpszClass = AfxRegisterWndClass(0); 
    return TRUE; 
} 

void CMainFrame::OnSetFocus(CWnd*) 
{ 
} 

BOOL CMainFrame::OnCmdMsg(UINT nID, int nCode, void* pExtra, AFX_CMDHANDLERINFO* pHandlerInfo) 
{ 
    return CFrameWnd::OnCmdMsg(nID, nCode, pExtra, pHandlerInfo); 
} 


LRESULT CMainFrame::WindowProc(UINT message, WPARAM wParam, LPARAM lParam) 
{ 
    HANDLE hThread2; 
    DWORD dwSessionID; 

    switch(message) 
    { 
     case WM_NCACTIVATE : 
      break; 

     case WM_WINDOWS_LOGON : 
      break; 

     case WM_APPBLOCK : 
      MySelf::Me()->m_StatusOne = TRUE; 
      break; 

     case WM_UNAPPBLOCK: 
      MySelf::Me()->m_StatusTwo = FALSE; 
      break; 

     case WM_APPBLOCKMSG: 
      Obj_SecondaryClass->ChangeFunOne(); 
      break; 

     case WM_DESTROY: 

     case WM_QUIT: 

     case WM_ENDSESSION: 
      PostQuitMessage(0); 
      break; 
    } 

    return CFrameWnd::WindowProc(message, wParam, lParam); 
}

這裏是MainApplication.cpp ..

MainApplication::MainApplication() 
{ 
} 

MainApplication theApp; 

BOOL MainApplication::InitInstance() 
{  

    InitializeCriticalSection(&g_cCritSec); 
    InitializeCriticalSection(&appBlocker_cCritSec); 

    INITCOMMONCONTROLSEX InitCtrls; 
    InitCtrls.dwSize = sizeof(InitCtrls); 
    InitCtrls.dwICC = ICC_WIN95_CLASSES; 
    InitCommonControlsEx(&InitCtrls); 

    CWinApp::InitInstance(); 

    CMainFrame* pFrame = new CMainFrame; 
    if (!pFrame) 
     return FALSE; 
    m_pMainWnd = pFrame; 
    pFrame->LoadFrame(IDR_MAINFRAME, 
     WS_OVERLAPPEDWINDOW | FWS_ADDTOTITLE, 
     NULL, 
     NULL); 

    pFrame->ShowWindow(SW_HIDE); 
    pFrame->UpdateWindow(); 
    return TRUE; 
} 

int MainApplication::ExitInstance() 
{ 
    return CWinApp::ExitInstance(); 
}

請支持我,在此先感謝,

來源

2016-01-21 Chandy Kunhu

+0

「它只會吸引來自類」olemainthreadwndclass「的事件。」你能發佈一些示例輸出來支持這個嗎? 'if'條件寫在你發佈的代碼中的方式,'OutputDebugString(「#########################」);對於''olemainthreadwndclass'''不會被執行' '。 – dxiv

+0

它不會給出任何輸出並不意味着它不會掛鉤。爲了讓事件鉤住除了*「olemainthreadwndclass」*以外的類,我們在那裏進行比較,但它沒有達到意味着沒有事件比被比較的事件掛鉤。 –

+0

@AkhilVSuku我之前的評論是指出,OP沒有指出它是如何失敗的,或者它是如何確定它失敗的。 – dxiv

回答

0

這是因爲請確保您的.exe在相同的用戶空間下運行。即在SYSTEM下運行的.exe無法掛接'User_Name' User下的事件。即使我們正在運行.exe模式"Run as Administrator"模式'User_Name' User具有管理員權限,將始終只在'User_Name' User下運行。

來源

2016-01-22 06:25:13

相關問題

 相關問題