我昨天刚好写了一个例子。
这个例子是个键盘Hook,将按键显示在Memo中。
library Hook_Dll;
{ Important note about DLL memory management: ShareMem must be the
first unit in your library's USES clause AND your project's (select
Project-View Source) USES clause if your DLL exports any procedures or
functions that pass strings as parameters or function results. This
applies to all strings passed to and from your DLL--even those that
are nested in records and classes. ShareMem is the interface unit to
the BORLNDMM.DLL shared memory manager, which must be deployed along
with your DLL. To avoid using BORLNDMM.DLL, pass string information
using PChar or ShortString parameters. }
uses
SysUtils,
Windows,
messages,
Classes;
{$R *.RES}
const
CM_MYMessage = WM_USER + $1000;
var
HookKeyBoard : HHook;
FileM : THandle;
PReceptor : ^Integer;
function CallBackKeyHook(Code : Integer;
wParam : WPARAM;
lParam : LPARAM
) : LRESULT;
stdcall;
begin
if code = HC_ACTION then
begin
FileM := OpenFileMapping(FILE_MAP_READ,False,'LReceptor');
if FileM <> 0 then
begin
PReceptor := MapViewOfFile(FileM,FILE_MAP_READ,0,0,0);
PostMessage(PReceptor^,CM_MYMessage,wParam,lParam);
UnMapViewOfFile(PReceptor);
CloseHandle(FileM);
end;
end;
Result := CallNextHookEx(HookKeyBoard,Code,wParam,lParam);
end;
procedure HookOff;stdcall;
begin
UnHookWindowsHookEx(HookKeyBoard);
end;
procedure HookOn stdcall;
begin
HookKeyBoard := SetWindowsHookEx(WH_KEYBOARD,@CallBackKeyHook,HInstance,0);
end;
exports
HookOn, HookOff;
begin
end.
//////////////////////////
unit pas_KeySpy;
interface
uses
Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs,
StdCtrls;
const
HookDll ='Hook_Dll.dll';
CM_MYMessage = WM_USER + $1000;
type
THookDll = procedure;stdcall;
type
TForm1 = class(TForm)
Memo1: TMemo;
Button1: TButton;
procedure FormCreate(Sender: TObject);
procedure FormDestroy(Sender: TObject);
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
FileM : THandle;
PReceptor : ^Integer;
HandleDll : THandle;
HookOn,HookOff : THookDll;
procedure DoKeyBoardHook(var message: TMessage); Message CM_MYMessage;
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.DFM}
procedure TForm1.FormCreate(Sender: TObject);
begin
HandleDll := LoadLibrary(Pchar(ExtractFilePath(Application.ExeName)
+ HookDll));
if HandleDll = 0 then
raise Exception.Create(' Could Not found the DLL!');
@HookOn := GetProcAddress(HandleDll,'HookOn');
@HookOff := GetProcAddress(HandleDll,'HookOff');
if Not assigned(HookOn) or not assigned(HookOff) then
raise Exception.Create(' Couldn''t found the function'+#13+
' in the DLL file!');
FileM := CreateFileMapping($FFFFFFFF,nil,PAGE_READWRITE,0,
SizeOf(Integer),'LReceptor');
if FileM = 0 then
raise Exception.Create(' Create Map File ERROR!');
PReceptor := MapViewOfFile(FileM, FILE_MAP_WRITE, 0,0,0);
PReceptor^ := Handle;
hookOn;
end;
procedure TForm1.DoKeyBoardHook(var message: TMessage);
var
Numbers : array[0..100] of Char;
Action : string;
begin
GetKeyNameText(Message.LParam,@Numbers,100);
if ((message.Lparam shr 31) and 1) =1 then
Action := 'Released'
else
if ((message.Lparam shr 30) and 1) =1 then
Action := 'Repressed'
else Action := 'Pressed';
Memo1.Lines.Append(Action + ' Value: '
+ String(Numbers));
end;
procedure TForm1.FormDestroy(Sender: TObject);
begin
if Assigned(HookOff) then HookOff;
if HandleDll <> 0 then
FreeLibrary(HandleDLL);
if FileM <>0 then
begin
UnMapViewOfFile(Preceptor);
CloseHandle(FileM);
end;
end;
procedure TForm1.Button1Click(Sender: TObject);
begin
Memo1.Clear;
end;
end.
