看流星社区

 找回密码
 注册账号
楼主: 路飞

防偷基址, 反API HOOK 反HOOK,易语言工具源码

  [复制链接]

该用户从未签到

发表于 2013-1-27 13:34:28 | 显示全部楼层
回复 1# 路飞


    看看什么好东西

该用户从未签到

发表于 2013-1-31 22:36:24 | 显示全部楼层
封包基础详解.rar

该用户从未签到

发表于 2013-1-31 23:00:14 | 显示全部楼层
顶顶顶顶顶顶顶
  • TA的每日心情
    难过
    2021-8-16 19:35
  • 发表于 2013-2-3 22:28:03 | 显示全部楼层
    回复 1# 路飞


        。。。。。。。。。。。。。。。

    该用户从未签到

    发表于 2013-2-6 03:31:14 | 显示全部楼层
    来看看~

    该用户从未签到

    发表于 2013-2-6 16:09:27 | 显示全部楼层
    易语言教程)——封包基础详解 (你懂的)

    该用户从未签到

    发表于 2013-2-7 15:54:35 | 显示全部楼层
    vb hook怎么用
    2011-02-10 1652提问者: 高级法院法官 浏览次数:1035次
    写了个小程序,用键盘控制鼠标移动,但是mouse_event这个API在窗体关闭或最小化后就失去焦点了
    他们说让我用HOOK,怎么用啊,各位大虾,帮帮忙,感激不尽
    代码太长可以发我邮箱kongchao3581@126.com
    我来帮他解答
    精彩回答
    2011-02-11 1319
    '代码写得有些乱,凑合着看吧.

    '模块代码,里面有一些没用到的API可以删了.

    Option Explicit

    Public Declare Function MoveWindow Lib user32 (ByVal hwnd As Long, ByVal x As Long, ByVal y As Long, ByVal nWidth As Long, ByVal nHeight As Long, ByVal bRepaint As Long) As Long
    Public Declare Function FindWindow Lib user32 Alias FindWindowA (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
    Public Declare Function ShowWindow Lib user32 (ByVal hwnd As Long, ByVal nCmdShow As Long) As Long
    Public Declare Function CreateToolhelp32Snapshot Lib KERNEL32.DLL (ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long
    Public Declare Function Process32First Lib KERNEL32.DLL (ByVal hSnapshot As Long, ByRef lppe As PROCESSENTRY32) As Long
    Public Declare Function Process32Next Lib KERNEL32.DLL (ByVal hSnapshot As Long, ByRef lppe As PROCESSENTRY32) As Long
    Public Declare Sub CloseHandle Lib kernel32 (ByVal hPass As Long)
    Public Declare Function SetWinEventHook Lib user32.dll (ByVal eventMin As Long, ByVal eventMax As Long, ByVal hmodWinEventProc As Long, ByVal pfnWinEventProc As Long, ByVal IdProcess As Long, ByVal idThread As Long, ByVal dwFlags As Long) As Long
    Public Declare Function UnhookWinEvent Lib user32.dll (ByVal hWinEventHook As Long) As Long

    Public Const WINEVENT_OUTOFCONTEXT = &H0&
    Public Const WINEVENT_SKIPOWNPROCESS = &H2&
    Public Const EVENT_SYSTEM_MENUPOPUPSTART = &H6&

    Public Const TH32CS_SNAPHEAPLIST = &H1
    Public Const TH32CS_SNAPPROCESS = &H2
    Public Const TH32CS_SNAPTHREAD = &H4
    Public Const TH32CS_SNAPMODULE = &H8
    Public Const TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST Or TH32CS_SNAPPROCESS Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE)
    Public Const TH32CS_INHERIT = &H80000000
    Public Const MAX_PATH As Integer = 260

    Public Type PROCESSENTRY32
        dwSize As Long
        cntUsage As Long
        th32ProcessID As Long
        th32DefaultHeapID As Long
        th32ModuleID As Long
        cntThreads As Long
        th32ParentProcessID As Long
        pcPriClassBase As Long
        dwFlags As Long
        szExeFile As String  MAX_PATH
    End Type


    Dim hEventHook As Long

    Public Sub WINEVENTPROC(ByVal hWinEventHook As Long, _
                                 ByVal lngevent As Long, _
                                 ByVal hwnd As Long, _
                                 ByVal idObject As Long, _
                                 ByVal idChild As Long, _
                                 ByVal idEventThread As Long, _
                                 ByVal dwmsEventTime As Long)

        '这里的 hwnd 就是 菜单窗体的句柄
        Call MoveWindow(hwnd, 0, 0, 200, 200, -1) '测试
       
    End Sub

    Public Function SetHook(ByVal IdProcess As Long) As Long
        hEventHook = SetWinEventHook(EVENT_SYSTEM_MENUPOPUPSTART, EVENT_SYSTEM_MENUPOPUPSTART, 0&, AddressOf WINEVENTPROC, IdProcess&, 0&, WINEVENT_OUTOFCONTEXT Or WINEVENT_SKIPOWNPROCESS)
        SetHook = hEventHook
    End Function

    Public Sub UnSetHook()
        If hEventHook Then
            Call UnhookWinEvent(hEventHook)
            hEventHook = 0
        End If
    End Sub


    Function GetProcessID(ByVal sName As String) As Long
        Dim myhProcess As Long
        Dim mype       As PROCESSENTRY32
        Dim mybRet     As Long
        myhProcess = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)
        mype.dwSize = Len(mype)
        mybRet = Process32First(myhProcess, mype)
        Do While mybRet
            If InStr(LCase(mype.szExeFile), sName) Then
                GetProcessID = mype.th32ProcessID
                Call CloseHandle(myhProcess)
                Exit Function
            Else
                mybRet = Process32Next(myhProcess, mype)
            End If
        Loop
        Call CloseHandle(myhProcess)
    End Function

    '-------------------------------------

    '窗体代码

    Private Sub Command1_Click()
        Dim IdProcess As Long
        IdProcess = GetProcessID(notepad.exe)
        If IdProcess Then
            If SetHook(IdProcess) Then
                Command1.Enabled = False
                Command2.Enabled = True
            End If
        End If
    End Sub

    Private Sub Command2_Click()
        Call UnSetHook
        Command1.Enabled = True
        Command2.Enabled = False
    End Sub

    该用户从未签到

    发表于 2013-2-7 15:54:46 | 显示全部楼层
    vb hook怎么用
    2011-02-10 1652提问者: 高级法院法官 浏览次数:1035次
    写了个小程序,用键盘控制鼠标移动,但是mouse_event这个API在窗体关闭或最小化后就失去焦点了
    他们说让我用HOOK,怎么用啊,各位大虾,帮帮忙,感激不尽
    代码太长可以发我邮箱kongchao3581@126.com
    我来帮他解答
    精彩回答
    2011-02-11 1319
    '代码写得有些乱,凑合着看吧.

    '模块代码,里面有一些没用到的API可以删了.

    Option Explicit

    Public Declare Function MoveWindow Lib user32 (ByVal hwnd As Long, ByVal x As Long, ByVal y As Long, ByVal nWidth As Long, ByVal nHeight As Long, ByVal bRepaint As Long) As Long
    Public Declare Function FindWindow Lib user32 Alias FindWindowA (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
    Public Declare Function ShowWindow Lib user32 (ByVal hwnd As Long, ByVal nCmdShow As Long) As Long
    Public Declare Function CreateToolhelp32Snapshot Lib KERNEL32.DLL (ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long
    Public Declare Function Process32First Lib KERNEL32.DLL (ByVal hSnapshot As Long, ByRef lppe As PROCESSENTRY32) As Long
    Public Declare Function Process32Next Lib KERNEL32.DLL (ByVal hSnapshot As Long, ByRef lppe As PROCESSENTRY32) As Long
    Public Declare Sub CloseHandle Lib kernel32 (ByVal hPass As Long)
    Public Declare Function SetWinEventHook Lib user32.dll (ByVal eventMin As Long, ByVal eventMax As Long, ByVal hmodWinEventProc As Long, ByVal pfnWinEventProc As Long, ByVal IdProcess As Long, ByVal idThread As Long, ByVal dwFlags As Long) As Long
    Public Declare Function UnhookWinEvent Lib user32.dll (ByVal hWinEventHook As Long) As Long

    Public Const WINEVENT_OUTOFCONTEXT = &H0&
    Public Const WINEVENT_SKIPOWNPROCESS = &H2&
    Public Const EVENT_SYSTEM_MENUPOPUPSTART = &H6&

    Public Const TH32CS_SNAPHEAPLIST = &H1
    Public Const TH32CS_SNAPPROCESS = &H2
    Public Const TH32CS_SNAPTHREAD = &H4
    Public Const TH32CS_SNAPMODULE = &H8
    Public Const TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST Or TH32CS_SNAPPROCESS Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE)
    Public Const TH32CS_INHERIT = &H80000000
    Public Const MAX_PATH As Integer = 260

    Public Type PROCESSENTRY32
        dwSize As Long
        cntUsage As Long
        th32ProcessID As Long
        th32DefaultHeapID As Long
        th32ModuleID As Long
        cntThreads As Long
        th32ParentProcessID As Long
        pcPriClassBase As Long
        dwFlags As Long
        szExeFile As String  MAX_PATH
    End Type


    Dim hEventHook As Long

    Public Sub WINEVENTPROC(ByVal hWinEventHook As Long, _
                                 ByVal lngevent As Long, _
                                 ByVal hwnd As Long, _
                                 ByVal idObject As Long, _
                                 ByVal idChild As Long, _
                                 ByVal idEventThread As Long, _
                                 ByVal dwmsEventTime As Long)

        '这里的 hwnd 就是 菜单窗体的句柄
        Call MoveWindow(hwnd, 0, 0, 200, 200, -1) '测试
       
    End Sub

    Public Function SetHook(ByVal IdProcess As Long) As Long
        hEventHook = SetWinEventHook(EVENT_SYSTEM_MENUPOPUPSTART, EVENT_SYSTEM_MENUPOPUPSTART, 0&, AddressOf WINEVENTPROC, IdProcess&, 0&, WINEVENT_OUTOFCONTEXT Or WINEVENT_SKIPOWNPROCESS)
        SetHook = hEventHook
    End Function

    Public Sub UnSetHook()
        If hEventHook Then
            Call UnhookWinEvent(hEventHook)
            hEventHook = 0
        End If
    End Sub


    Function GetProcessID(ByVal sName As String) As Long
        Dim myhProcess As Long
        Dim mype       As PROCESSENTRY32
        Dim mybRet     As Long
        myhProcess = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)
        mype.dwSize = Len(mype)
        mybRet = Process32First(myhProcess, mype)
        Do While mybRet
            If InStr(LCase(mype.szExeFile), sName) Then
                GetProcessID = mype.th32ProcessID
                Call CloseHandle(myhProcess)
                Exit Function
            Else
                mybRet = Process32Next(myhProcess, mype)
            End If
        Loop
        Call CloseHandle(myhProcess)
    End Function

    '-------------------------------------

    '窗体代码

    Private Sub Command1_Click()
        Dim IdProcess As Long
        IdProcess = GetProcessID(notepad.exe)
        If IdProcess Then
            If SetHook(IdProcess) Then
                Command1.Enabled = False
                Command2.Enabled = True
            End If
        End If
    End Sub

    Private Sub Command2_Click()
        Call UnSetHook
        Command1.Enabled = True
        Command2.Enabled = False
    End Sub

    该用户从未签到

    发表于 2013-2-7 16:06:29 | 显示全部楼层
    看看.......................

    该用户从未签到

    发表于 2013-2-7 20:19:45 | 显示全部楼层
    谢谢 拿走了~~~~~~~~~
    点击按钮快速添加回复内容: 支持 高兴 激动 给力 加油 苦寻 生气 回帖 路过 感恩
    您需要登录后才可以回帖 登录 | 注册账号

    本版积分规则

    小黑屋|手机版|Archiver|看流星社区 |网站地图

    GMT+8, 2024-3-29 18:28

    Powered by Kanliuxing X3.4

    © 2010-2019 kanliuxing.com

    快速回复 返回顶部 返回列表