在python中调用user32.dll的SetWindowsHookExA,第二个参数用什么数据类型?
发布网友
发布时间:2022-04-19 02:18
我来回答
共1个回答
热心网友
时间:2022-04-19 03:48
不太记得了。 刚才查了一下。第二个是一个回调函数。我以前似乎用c++实现过。不过首先是拦载程序的系统调用,将程序做某个系统调用时,会自动调用到我们自己人的DLL。这个叫dll注入。
注入后就开始在windows上加载键盘与鼠标的hook。记着要调用next hook。
如果要用python实现。 可能道理是一样,如果你只是hook自己的程序没有问题,如果要hook别的程序还是需要dll注入。
你搜索一下“在python中控制鼠标”,这里有一段说明。或者是搜索“Windows hook with Python”
其中调用的callback函数是这样子的
def LowLevelMouseProc( nCode, wParam, lParam ):
还有这样的
def KeyboardProc(nCode, wParam, lParam):
我附一份在这里好了。
def run():
global KeyBdHook
global messages
KeyBdHook = HHook()
messages = []
start = time.time()
#Record keystrokes for 2 seconds.
while time.time() < (start + 2):
KeyBdHook.hook = SetWindowsHookEx(13, KeyboardProc,
GetMoleHandle(0), 0)
if KeyBdHook.hook == 0:
print 'ERROR: '+str(ctypes.windll.kernel32.GetLastError())
UnhookWindowsHookEx(KeyBdHook.hook)
print messages
def KeyboardProc(nCode, wParam, lParam):
"""http://msdn.microsoft.com/en-us/library/ms644985(v=vs.85).aspx"""
if nCode < 0:
return ctypes.windll.user32.GetNextHookEx(KeyBdHook.hook,
nCode, wParam, lParam)
else:
ctypes.windll.kernel32.RtlMoveMemory(ctypes.addressof(KeyBdHook.kStruct),
ctypes.c_void_p(lParam),
ctypes.sizeof(lParam))
messages.append(KeyBdHook.kStruct)
return ctypes.windll.user32.GetNextHookEx(KeyBdHook.hook,
nCode, wParam, lParam)
def SetWindowsHookEx(idHook, lpFn, hMod, dwThreadId):
WinFunc = ctypes.WINFUNCTYPE(c_ulong, c_ulong, c_ulong, c_ulong)
return ctypes.windll.user32.SetWindowsHookExA(idHook, WinFunc(lpFn), hMod, dwThreadId)
def GetMoleHandle(lpMoleName):
return ctypes.windll.kernel32.GetMoleHandleA(lpMoleName)
def UnhookWindowsHookEx(hHook):
return ctypes.windll.user32.UnhookWindowsHookEx(hHook)
class HHook():
def __init__(self):
self.hook = HHOOK
self.kStruct = KBLLHOOKSTRUCT()
class KBLLHOOKSTRUCT(Structure):
"""http://msdn.microsoft.com/en-us/library/ms644967(v=vs.85).aspx"""
_fields_ = [("vkCode", c_ulong),
("scanCode", c_ulong),
("flags", c_ulong),
("time", c_ulong),
("dwExtraInfo", POINTER(c_ulong))]