在Delphi中隐藏程序进程方法[1]
主要需要解决两个问题,即隐藏窗口和设定热键。
一. 隐藏窗口
通过API函数GETACTIVEWINDOW获取当前窗口;函数ShowWindow(HWND,nCmdShow)的参数nCmdShow取SW_HIDE时将之隐藏,取SW_SHOW时将之显示。例如:showwindow(getactivewindow,sw_hide)。隐藏好窗体后,须记住窗体句柄以便恢复。
二. 键盘监控
为了实现键盘监控须用到钩子。
一. 隐藏窗口
通过API函数GETACTIVEWINDOW获取当前窗口;函数ShowWindow(HWND,nCmdShow)的参数nCmdShow取SW_HIDE时将之隐藏,取SW_SHOW时将之显示。例如:showwindow(getactivewindow,sw_hide)。隐藏好窗体后,须记住窗体句柄以便恢复。
二. 键盘监控
为了实现键盘监控须用到钩子。
以下是程序的源文件:
一、创建一个动态链接库
unit HKHide; //链接库中的Unit文件
unit HKHide; //链接库中的Unit文件
interface
uses
Windows, Messages, sysutils;
Windows, Messages, sysutils;
var
hNextHookHide: HHook;
HideSaveExit: Pointer;
hbefore:longint;
hNextHookHide: HHook;
HideSaveExit: Pointer;
hbefore:longint;
function KeyboardHookHandler(iCode: Integer;wParam: WPARAM;
lParam: LPARAM): LRESULT; stdcall; export;
function EnableHideHook: BOOL; export;
function DisableHideHook: BOOL; export;
procedure HideHookExit; far;
lParam: LPARAM): LRESULT; stdcall; export;
function EnableHideHook: BOOL; export;
function DisableHideHook: BOOL; export;
procedure HideHookExit; far;
implementation
function KeyboardHookHandler(iCode: Integer;wParam: WPARAM;
lParam: LPARAM): LRESULT; stdcall; export;
const _KeyPressMask = $80000000;
var
f:textfile;
temp:string;
begin
Result := 0;
If iCode < 0 Then
begin
Result := CallNextHookEx(hNextHookHide, iCode, wParam, lParam);
Exit;
end;
//侦测 Ctrl + Alt + F12 组合键
if ((lParam and _KeyPressMask) = 0) //按下时生效
and (GetKeyState(vk_Control) < 0)
and (getkeystate(vk_menu)<0)
and (wParam = vk_F12) then
begin
Result := 1;
//文件不存在则创建
if not fileexists('c:\test.txt') then
begin
assignfile(f,'c:\test.txt');
rewrite(f);
writeln(f,0);
closefile(f);
end
else
begin
assignfile(f,'c:\test.txt');
reset(f);
readln(f,temp);
hbefore:=strtoint(temp);
begin
hbefore:=getactivewindow;
temp:=inttostr(hbefore);
rewrite(f);
writeln(f,temp);
closefile(f);
ShowWindow(hbefore, SW_HIDE);
end;
end; //end if FileExists(....)
end
else begin
showwindow(hbefore,SW_SHOW);
rewrite(f);
writeln(f,0);
closefile(f);
end;//end if Ctrl+Alt+F12按键
end;
lParam: LPARAM): LRESULT; stdcall; export;
const _KeyPressMask = $80000000;
var
f:textfile;
temp:string;
begin
Result := 0;
If iCode < 0 Then
begin
Result := CallNextHookEx(hNextHookHide, iCode, wParam, lParam);
Exit;
end;
//侦测 Ctrl + Alt + F12 组合键
if ((lParam and _KeyPressMask) = 0) //按下时生效
and (GetKeyState(vk_Control) < 0)
and (getkeystate(vk_menu)<0)
and (wParam = vk_F12) then
begin
Result := 1;
//文件不存在则创建
if not fileexists('c:\test.txt') then
begin
assignfile(f,'c:\test.txt');
rewrite(f);
writeln(f,0);
closefile(f);
end
else
begin
assignfile(f,'c:\test.txt');
reset(f);
readln(f,temp);
hbefore:=strtoint(temp);
begin
hbefore:=getactivewindow;
temp:=inttostr(hbefore);
rewrite(f);
writeln(f,temp);
closefile(f);
ShowWindow(hbefore, SW_HIDE);
end;
end; //end if FileExists(....)
end
else begin
showwindow(hbefore,SW_SHOW);
rewrite(f);
writeln(f,0);
closefile(f);
end;//end if Ctrl+Alt+F12按键
end;
function EnableHideHook: BOOL; export;
begin
Result := False;
if hNextHookHide <> 0 then Exit;
// 挂上 WH_KEYBOARD 这型的 HOOK, 同时, 传回值必须保留下
// 来, 免得 HOOK 呼叫链结断掉
hNextHookHide := SetWindowsHookEx(WH_KEYBOARD,
KeyboardHookHandler,HInstance,0);
Result := hNextHookHide <> 0;
end;
begin
Result := False;
if hNextHookHide <> 0 then Exit;
// 挂上 WH_KEYBOARD 这型的 HOOK, 同时, 传回值必须保留下
// 来, 免得 HOOK 呼叫链结断掉
hNextHookHide := SetWindowsHookEx(WH_KEYBOARD,
KeyboardHookHandler,HInstance,0);
Result := hNextHookHide <> 0;
end;
function DisableHideHook: BOOL; export;
begin
if hNextHookHide <> 0 then
begin
Result:=True;
UnhookWindowshookEx(hNextHookHide); // 解除 Keyboard Hook
hNextHookHide:=0;
end
else
Result:=False;
end;
begin
if hNextHookHide <> 0 then
begin
Result:=True;
UnhookWindowshookEx(hNextHookHide); // 解除 Keyboard Hook
hNextHookHide:=0;
end
else
Result:=False;
end;
procedure HideHookExit;
begin
// 如果忘了解除 HOOK, 自动代理解除的动作
if hNextHookHide <> 0 then DisableHideHook;
ExitProc := HideSaveExit;
end;
begin
// 如果忘了解除 HOOK, 自动代理解除的动作
if hNextHookHide <> 0 then DisableHideHook;
ExitProc := HideSaveExit;
end;
end.
library HKPHide; //动态链接库工程文件
uses
HKHide in HKHide.pas;
HKHide in HKHide.pas;
exports
EnableHideHook,
DisableHideHook;
EnableHideHook,
DisableHideHook;
begin
hNextHookHide := 0;
hbefore:=0;
HideSaveExit := ExitProc;
ExitProc := @HideHookExit;
end.
hNextHookHide := 0;
hbefore:=0;
HideSaveExit := ExitProc;
ExitProc := @HideHookExit;
end.
//
文件制作好后先Build All编译成HKPHide.dll。
二、新建一个测试工程TestPrj
unit Unit1;//这是测试工程的窗体单元
unit Unit1;//这是测试工程的窗体单元
interface
uses
Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs, StdCtrls;
Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs, StdCtrls;
type
TForm1 = class(TForm)
Button1: TButton;
Button2: TButton;
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
TForm1 = class(TForm)
Button1: TButton;
Button2: TButton;
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
Form1: TForm1;
implementation
{$R *.DFM}
function EnableHideHook: BOOL; external 'HKPHide.DLL';
function DisableHideHook: BOOL; external 'HKPHide.DLL';
function DisableHideHook: BOOL; external 'HKPHide.DLL';
procedure TForm1.Button1Click(Sender: TObject);
begin
if EnableHideHook then
ShowMessage('HotKey Testing...');
end;
begin
if EnableHideHook then
ShowMessage('HotKey Testing...');
end;
procedure TForm1.Button2Click(Sender: TObject);
begin
if DisableHideHook then
ShowMessage('HotKey Testing..., DONE!);
end;
begin
if DisableHideHook then
ShowMessage('HotKey Testing..., DONE!);
end;
end.
转载于:https://blog.51cto.com/bigpower/69223
767
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
