CallWndProc Example

不能用C#这样的托管语言编写WH_CALLWNDPROC挂钩。因此，您需要的不仅仅是一个外部DLL，您还需要一个用可编译为本机代码的语言编写的外部DLL，如C或C++。

MSDN文档实际上相当不错，尤其是概述。甚至在"使用挂钩"页面上也有一个例子。

我并不是说这听起来令人沮丧，但如果你觉得这太令人沮丧了，你会很难把它做好。钩子是Windows编程中一种非常先进的技术。在进行这样的项目之前，您需要了解窗口过程、消息循环和Windows应用程序的其他基础知识。很明显，熟悉C或C++语言也会有所帮助，因为这就是你将要使用的语言！

无论如何，我只是碰巧手头有一个用C编写的钩子DLL，所以我会尝试提取一些相关的代码。它实际上安装了一个WH_CALLWNDRETPROC挂钩，但两者非常相似。在窗口过程处理完消息后，此程序的钩子过程被称为；在窗口过程处理消息之前，您正在讨论的消息被称为。

/* The handle to the hook is stored as a shared global variable and is the
 * same for all hooked processes. We achieve that by placing it in the
 * shared data segment of the DLL.
 *
 * Note that shared global variables must be explicitly initialized.
 *
 * And also note that this is really not the ideal way of doing this; it's just
 * an easy way to get going. The better solution is to use a memory-mapped file.
 * See Also: http://msdn.microsoft.com/en-us/library/h90dkhs0.aspx
 */
#pragma comment(linker, "/section:.SHARED,rws")
#pragma data_seg(".SHARED") /* begin the shared data segment */
   HHOOK g_hhkCallWndProcRet = NULL;
#pragma data_seg()          /* end the shared data segment and default back to normal behavior */

LRESULT CALLBACK CallWndRetProc(int nCode, WPARAM wParam, LPARAM lParam)
{
   /* If nCode is greater than or equal to HC_ACTION,
    * we should process the message. */
   if (nCode >= HC_ACTION)
   {
      /* Retrieve a pointer to the structure that contains details about
       * the message, and see if it is one that we want to handle. */
      const LPCWPRETSTRUCT lpcwprs = (LPCWPRETSTRUCT)lParam;
      switch (lpcwprs->message)
      {
         /* ...SNIP: process the messages we're interested in ... */
      }
   }
   /* At this point, we are either not processing the message
    * (because nCode is less than HC_ACTION),
    * or we've already finished processing it.
    * Either way, pass the message on. */
   return CallNextHookEx(g_hhkCallWndProcRet, nCode, wParam, lParam);
}

BOOL __stdcall InstallHook(void)
{
   /* Try to install the WH_CALLWNDPROCRET hook,
    * if it is not already installed. */
   if (!g_hhkCallWndProcRet)
   {
      g_hhkCallWndProcRet = SetWindowsHookEx(WH_CALLWNDPROCRET,
                                             CallWndRetProc,
                                             g_hinstDLL,
                                             0);
      if (!g_hhkCallWndProcRet)
      {
         /* ...SNIP: handle failure condition ... */
         return FALSE;
      }
   }
   return TRUE;  /* return success */
}
BOOL __stdcall RemoveHook(void)
{
   /* Try to remove the WH_CALLWNDPROCRET hook, if it is installed. */
   if (g_hhkCallWndProcRet)
   {
      if (!UnhookWindowsHookEx(g_hhkCallWndProcRet))
      {
         /* ...SNIP: handle failure condition ... */
         return FALSE;
      }
      g_hhkCallWndProcRet = NULL;
   }
   return TRUE;  /* return success */
}

我写了一段关于Windows Hook类型WH_CALLWNDPROC的代码。我想和你分享。

LRESULT Widget::HookMessageProc(int nCode, WPARAM wParam, LPARAM lParam)
{
    
    if (nCode >= HC_ACTION)
    {
        tagCWPSTRUCT* tagCwp = (tagCWPSTRUCT*)lParam;
        QString str = QString("handle =%1,message=%2,lp=%3,lw=%4").arg(QString::number((int)tagCwp->hwnd)).arg(QString::number(tagCwp->message)).arg(QString::number(tagCwp->lParam)).arg(QString::number(tagCwp->wParam));
        QFile file("d:''text.txt");
        file.open(QIODevice::WriteOnly | QIODevice::Text|QIODevice::Append);
        file.write(str.toUtf8()+"'n");
        file.close();
        return 0;
    }
    return CallNextHookEx(g_wndHook, nCode, wParam, lParam);
}
HMODULE hApp1 = GetModuleHandle(0); //Get Self Handler .
SetWindowsHookEx(WH_CALLWNDPROC, HookProc, hApp1 , GetCurrentThreadId());

    **after i run it , it shows 'n:
    handle =2426644,message=36,lp=368934118416,lw=0
    handle =2426644,message=129,lp=368934118336,lw=0
    handle =2426644,message=70,lp=368934114496,lw=0
    handle =2426644,message=131,lp=368934114448,lw=1 
    handle =2426644,message=71,lp=368934114496,lw=0
    handle =2426644,message=3,lp=29950894,lw=0
    handle =2426644,message=5,lp=32506532,lw=0
    handle =2426644,message=127,lp=0,lw=2
    handle =2426644,message=127,lp=0,lw=0
    handle =2426644,message=127,lp=0,lw=1
    handle =199294,message=129,lp=368934118336,lw=0
    handle =199294,message=131,lp=368934118448,lw=0
    handle =199294,message=1,lp=368934118336,lw=0
    handle =199294,message=5,lp=0,lw=0
    So i am very confused now ,what does these data mean , how to PARSE the 
    parameters of lParam,and wParam .**