Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
433 views
in Technique[技术] by (71.8m points)

c++ - Is it possible to hook the creation of windows globally so I can control where the windows are placed on the screen?

I can inject a hook into running processes to catch when they create, destroy, max/min. But I haven't come up with a way to catch the creation of a new process so that I can inject my hook into that one. Does anyone know the best way to accomplish this?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

SetWindowsHookEx is your easiest solution.

If you don't mind upsetting the anti-virus software, you can also inject a DLL into each process that will then hook CreateProcess (to inject the DLL into further processes) and CreateWindowEx (for your purposes).

EDIT: I just read your question completely. Yes, you'll want to just hook CreateProcessW and inject your hook into future processes.

EDIT #2: I was actually working on something like this yesterday, so some code which does what you want.

#include <windows.h>

// call GetModuleFileNameto get the full path of the module before installing the hook
static LPWSTR lpszDllName;

HMODULE LoadModuleEx(__in HANDLE hProcess, __in_z LPCTSTR lpcszDll)
{
  DWORD   cdwSize;
  LPVOID  lpvAllocation;
  HANDLE  hThread;
  HMODULE hRet;

  cdwSize = lstrlen(lpcszDll) + 1;
  cdwSize *= sizeof(TCHAR);

  lpvAllocation = VirtualAllocEx(hProcess, NULL, cdwSize, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
  if (lpvAllocation != NULL)
  {
    if (WriteProcessMemory(hProcess, lpvAllocation, lpcszDll, cdwSize, NULL))
    {
      hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)LoadLibrary, lpvAllocation, 0, NULL);
      if (hThread != NULL)
      {
        GetExitCodeThread(hThread, (LPDWORD)&hRet);
        CloseHandle(hThread);
      }
    }
    VirtualFreeEx(hProcess, lpvAllocation, cdwSize, MEM_DECOMMIT);
  }
  return hRet;
}

// hook future process creation - install this hook on top of CreateProcessW
// I'd suggest using Microsoft Detours [http://research.microsoft.com/en-us/projects/detours/]
BOOL WINAPI CreateProcessWHook(__in_opt LPCWSTR lpApplicationName, __inout_opt LPWSTR lpCommandLine, __in_opt LPSECURITY_ATTRIBUTES lpProcessAttributes, __in_opt LPSECURITY_ATTRIBUTES lpThreadAttributes, __in BOOL bInheritHandles, __in DWORD dwCreationFlags, __in_opt LPVOID lpEnvironment, __in_opt LPCWSTR lpCurrentDirectory, __in LPSTARTUPINFO lpStartupInfo, __out LPPROCESS_INFORMATION lpProcessInformation)
{
  // create the process suspended
  if (dwCreationFlags & CREATE_SUSPENDED != CREATE_SUSPENDED)
    dwCreationFlags |= CREATE_SUSPENDED;

  // call original CreateProcessW
  BOOL bRet = _CreateProcessW(lpApplicationName, lpCommandLine, lpProcessAttributes, lpThreadAttributes, bInheritHandles, dwCreationFlags, lpEnvironment, lpCurrentDirectory, lpStartupInfo, lpProcessInformation);
  if (bRet)
  {
    // inject DLL
    LoadModuleEx(lpProcessInformation->hProcess, lpszDllName);

    // resume thread
    ResumeThread(lpProcessInformation->hThread);
  }

  return bRet;
}

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...