wh_callwndProc hook problem
Sridhar
I am trying to hook notepad and i want to get which menu items in
notepad is clicked etc..i wrote one simple dll.i am using wh_callwndproc
hook. the problem is.. it is running fine for some time..after that showing
notepad encounter a problem..message i am getting then i have to close
notepad.
here is my dll code where i am hooking..
DECLDIR bool InstallMsgHookProc()
{
hWnd=FindWindow("NotePad",NULL);
/*
if(NULL==hWnd)
{
hWnd=GetForegroundWindow();
}
*/
processId=GetWindowThreadProcessId(hWnd,&processId);
bool bSuccess=false;
if(!ghKeyHook)
{
//ghWndMain=hWnd;
glpfnHookProc=(HOOKPROC)MsgHookProc;
bSuccess=(NULL!= (ghKeyHook=
::SetWindowsHookEx(WH_CALLWNDPROC,glpfnHookProc,ghInstance,processId)));
}
return bSuccess;
}
please tell me what i am doing wrong..from two weeks i am trying for this...
i put one break point in filter function but it is not hitting..
and also if you know plz tell me using which books or site to learn windows
hooking is best.
Thanks in advance..
--
--------------------------------------------
At last i learned something for today...:)
xiaosi
I think subclassing notepad main window is better than hooking.
For me, msdn is enough for learning windows hooking.
Sridhar
notepad...after that i have to extend it for all applications..
here is the code for hook filter function i am using..when i execute the
program is writing classname==iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii
etc..
but i am not getting the original classname..it is not entering into the if
condition.
DECLDIR LRESULT CALLBACK MsgHookProc(int nCode,WPARAM wParam,LPARAM lParam)
{
char window_class_name[250];
CWPSTRUCT *msg_str = NULL;
bool bHandleMsg=false;
if(nCode<0)
return CallNextHookEx(ghKeyHook,nCode,wParam,lParam);
if(HC_ACTION==nCode)
{
OutputDebugStringA("MsgHookProc() has been called\n");
bHandleMsg=true;
msg_str = (CWPSTRUCT *) lParam;
//HWND hWnd= hHook.hwnd;
//HMENU hMenuHandle=GetMenu(hWnd);
//handleMenus(hMenuHandle);
if (msg_str->message == WM_CREATE)
{
GetClassName(msg_str->hwnd, window_class_name, sizeof(window_class_name) -
1);
}
FILE *fp;
fp=fopen("C:\\Logdll.txt","ab");
fprintf(fp,"\nClassName==%s\n ",window_class_name);
if (strcmp(window_class_name, "Notepad") == 0)
{
fprintf(fp,"\nSTART RECORDING....\n ");
fprintf(fp,"\nClassName==%s\n ",window_class_name);
}
}
return (bHandleMsg?true:
::CallNextHookEx(ghKeyHook,nCode,wParam,lParam));
}
if i put break point in this function it is not hitting while debugging(F5)
my application (not dll). it is giving some out put but why it is not hitting
the break point and why it is not writing callname.
please help me on this..
--
--------------------------------------------
At last i learned something for today...:)
patrick
> HI Friends,
> Â Â Â Â I am trying to hook notepad and i want to get which menu items in
> notepad is clicked etc..i
Hooking notepad (or calc) is the most classic Win32 hook sample on
Usenet archives
(see on Win32 ng for example http://tinyurl.com/cmhb5g, first C code
must be in early 90's...)
Sridhar
--
--------------------------------------------
At last i learned something for today...:)
Sridhar
running the program the notepad is givind error and closing. what is the
problem.
i am not able to find where the problem is?
--
--------------------------------------------
At last i learned something for today...:)
xiaosi
The problem is caused by MsgHookProc:
1) You forgot to fclose(fp), so after MsgHookProc is called (and HC_ACTION==nCode) 510 times, fopen() will fail (EMFILE Too many
open files) and return null (fp=null), then fprintf(null) will crash the notepad app.
2) What you got in the Logdll.txt is fake classname. You hook the notepad window, so the window is already created, and will never
receive WM_CREATE. All of the fprintf(fp,"\nClassName==%s\n ",window_class_name) are uninitialized window_class_name[250] (which is
random content).
xiaosi
When menus popup, hook can ceive WM_CREATE of class_name "#32768" and "SysShadow" of menus.
When openfile dialogbox popup, hook can ceive WM_CREATE of class_name "Static", "ComboBox", "OleMainThreadWndClass",
"ToolbarWindow32", "ListBox", "Edit", "ComboBoxEx32", "ComboLBox", "Button", "ScrollBar", "#32770", "SysListView32", "SysHeader32",
"tooltips_class32", "Auto-Suggest Dropdown", "SHELLDLL_DefView", "CLIPBRDWNDCLASS" of dialogbox.
All of the fprintf are uninitialized window_class_name[250] plus above class_names.
Sridhar
Thank you for your valuable suggestions xiaosi ,
i modified the code..according to your suggestions..
by using spy++(visual studio6.0) i monitor the messages and i came to know
that when i click on the "File" menu of the notepad it generating WM_CREATE
message and if i move cursor to File->New then it generating WM_MENUSELECT
and when i click the new menuitem it generating WH_COMMAND.
i changed my code to monitor WM_MENUSELECT. but now what problem i am
getting is when i open the notepad it is not giving error..if i click on the
menu..notepad is asking to close. if i see in the text file it showing the
following output(this is happening only after closing of notepad).
START RECORDING....
ClassName==Notepad
MenuHandle==
really i am not understanding what is going on...if the message is not
WM_MENUSELELCT it should not do any thing right..but why notepad encountering
the problem(i tried with mspaint also..same problem).
i am posting the modified code of my filter funtion here.
DECLDIR LRESULT CALLBACK MsgHookProc(int nCode,WPARAM wParam,LPARAM lParam)
{
char window_class_name[250]={0};
CWPSTRUCT *msg_str = NULL;
if(nCode<0)
return CallNextHookEx(ghKeyHook,nCode,wParam,lParam);
if(HC_ACTION==nCode)
{
msg_str = (CWPSTRUCT *) lParam;
HWND hWndMenu= msg_str->hwnd;
HMENU hMenuHandle=GetMenu(hWndMenu);
if (msg_str->message == WM_MENUSELECT)
{
GetClassName(msg_str->hwnd, window_class_name, sizeof(window_class_name) -
1);
}
FILE *fp;
fp=fopen("C:\\Logdll.txt","ab");
if (strcmp(window_class_name, "Notepad") == 0)
{
fprintf(fp,"\nSTART RECORDING....\n ");
fprintf(fp,"\nClassName==%s\n ",window_class_name);
fprintf(fp,"\nMenuHandle==%s\n ",hMenuHandle);
}
fclose(fp);
}
if(ghKeyHook)
return CallNextHookEx(ghKeyHook,nCode,wParam,lParam);
else
return (LRESULT)NULL;
}
My motive is to know which menu item is selected...like "File" is
selected.."New" is selected..like that.
Please help me on this...
--
--------------------------------------------
At last i learned something for today...:)
xiaosi
1) This sample log WM_MENUSELECT, no matter whether the menuitem is clicked (WM_COMMAND) or not.
2) This sample can only log MIIM_STRING (not MF_OWNERDRAW) type menu.
3) This sample can not log Internet Explorer-style menu bar.
4) This sample is designed to log only one process, if you want to log multi-processes in one log file, you need to share and
synchronize logging.
Sridhar
Thank you very much for providing the code..i didnt find your code in this
link but when i search in google groups i find..how this thread is transfered
to google groups? i not understand? :-)
when i add your code in place of my code in dll..it is giving errors saying
_dllMain already defined...what is the problem? is it win32 application or
something else..
anyhow thank you..i found the way to solve my problem..
--
--------------------------------------------
At last i learned something for today...:)
xiaosi
Google local web groups).
2) If you use win32 api DllMain, merge my codes of DllMain with that of yours. If you use MFC, I cant help you, I'm not familiar
with MFC Dll.
Sridhar
Thank you xiaosi,
i resolved all the errors..it is working fine now.Mine is
win32 dll.
If i change WM_MENUSELECT to WM_COMMAND ( bcoz i want to record which menu
item user is clicked..i mean used for his application) it is not recording
anything.
you said that owner-drawn and internet explorer type menus not logged..why?
are they diffrent from normal menu ( i am asking this just becoz of
curiosity :-) ).
i have another doubt please dont mind this may be silly doubt..when i put a
breakpoint in my hook filter function( in dll)..and debugging(F5) my
application which uses that dll, why my break point is not
hitting..eventhough my program working fine? ( i not found answer for this
question anywhere). can't we debug filter functions step by step?
--
--------------------------------------------
At last i learned something for today...:)
xiaosi
different meaning of lParam (and wParam).
2) The owner-drawn menuitem does not store menu string in standard format, so it's menu string cant be gotten with standard api
(GetMenuItemInfo).
3) Internet Explorer-style menu bar is not normal menu bar.
4) The hook dll is mapped to two processes, one is the app you call InstallMsgHookProc, another is the notpad you hook to. When you
F5, you only debug the dll in the app. Then you "Attatch to Process..." (on VS debug menu), select notepad.exe, you can debug the
dll in the hooked notepad. Since MsgHookProc is called by many WM_xx (mouse move, window active), if you breakpoint MsgHookProc on
the first line, the breakpoint is hit so frequently that you cant do anything else about notepad. You should breakpoint MsgHookProc
on the line that is nested in "if (HC_ACTION == nCode && WM_MENUSELECT == cwp->message) {}" block which is hit not so frequently.
Sridhar
We have been in long conversation right :-). you replies are
so helpful to me and i am sure so many people find this thread helpful. i
have been struggled to learn all this..but i dint find any good tutorial
about win32 programming.
Do you know any sites or books that are good to learn all this topics with
sample codes. i am new to vc++, i want to have good knowledg on this.
--
--------------------------------------------
At last i learned something for today...:)
xiaosi
"Programming Windows"[1] of Charles Petzold is a famous tutorial book about win32 programming.
"Windows Internals"[2] of Mark Russinovich can help you to understand win32 systems better.
"Windows via C/C++"[3] of Jeffrey Richter talks about some "advance" tips of win32 programming.
[1] http://www.charlespetzold.com/pw5/index.html
http://dl-sh-ocn-1.pchome.net/09/p2/ProgramWin0817.zip
[2] http://www.microsoft.com/learning/en/us/book.aspx?ID=12069
http://stud.usv.ro/~ctodosi/mwi.pdf
[3] http://www.microsoft.com/learning/en/us/books/11241.aspx
http://books.05sun.com/downinfo/13859.html
"Sridhar" <Sri...@discussions.microsoft.com> wrote:
> Thank you xiaosi,
Sridhar
I tried to debug my application as you said. it is coming upto
SetwindowsHookEx() (this function is in my dll)after that even i press F11 it
is not entering in to MsgHookProc(). You said "attach to new process....(on
VS debug menu)" i not found that option(i am using vc++6.0. is it available
in this software?). Even i press F11 it is going to next statement.. Help me
on this..
Thanks in advance..
--
--------------------------------------------
At last i learned something for today...:)
xiaosi
SetEindowsHookEx() return, F5, MsgHookProc breakpoit will be hit when you click Notepad menu.
2) VC6 has "attach to process", but it is not same as "attach to new process" of VC9, it seems not suitable for debugging hook.
3) You can download WinDbg[1]. It's more powerful than VC9 debuger, but more difficult to use than VC9 debuger.
In WinDbg, you "attach to a process...", select notepad.exe (you should run only one notepad to avoid confusion), write "bu
hookdll!MsgHookProc" in command box, hookdll is your dll name. F5. Then run you app to set hook.
MsgHookProc will be hit in WinDbg. Then in WinDbg you can F9 to clear this breakpoint, and F9 set breakpoint on other line.
[1] http://www.microsoft.com/whdc/devtools/debugging/default.mspx
http://msdl.microsoft.com/download/symbols/debuggers/dbg_x86_6.11.1.404.msi
Sridhar
I downloaded WinDbg and debug as you said.when i click on menu of
notepad the function(MsgHookProc) getting hit..upto now it is fine and i put
one breakpoing(F9) in WM_MOUSESELECT block pressing F10 to see how the code
executing ..it is fine..
But where i get the problem is after hitting the end of MsgHookProc() the
cursor is still in that function itself. i mean it is not giving chance to
click or select other menu item(notepad is not opening it is in minimized
state).even though i hit F10 repeteadly the cursor moving in the same
function.
My doubt is.. in general applications if a breakpoint hit and if
it reaches end of function it will return to the funcition from where it is
called and wait for next call,but why it is not happening in this case i mean
after processing one message why it is not allowing me to click next menu
item etc.
My other request is ,could you give me the idea what is best way to
know which menu item user clicked. is it possible to know by the program
which i developed previously..i tried to cought and process WM_COMMAND (
FYI:bcoz it is generating when i click menu item with LPARAM value as zero.
Notepad will generate so many WM_COMMANDs but those LPARAM values are not
zero).i put one condition like this
if(cwp->lParam==0)
{
WORD menuIdentifier=LOWORD(cwp->wParam);
fprintf(gfp,"Menu identifier is===%d",menuIdentitier);
}
but there is no output in my file..if i remove "if" conditiion out put is like
Menu Identifier is==1148
Menu Identifier is==1148
Menu Identifier is==1148 like 4 or 5 times appearing..(i thought these are
non menu item clicked WM_COMMAND msgs).
i got the doubt that is this msg(WM_COMMAND generated by menu item click) is
send by SendMessage() function or some other function?. is it possible to
hook using WH_CALLWNDPROC or we have to use some other hook?
Please dont mind i am asking many quesiton..as i am getting these doubts
bcoz i am new to this tech. :-) ( for the clarification i want to say that i
am not posting these questions directly when i get the doubt...i tryied to
solve by searching in google..i am posting here as a last option..) :-)
Thanks in advance..
--
--------------------------------------------
At last i learned something for today...:)
Sree
i am using wm_getmessage hook to know which menu item
is clicked.
i am using the follwing code to get identifier of the menu
WORD identifier=LOWORD(pMsg->wParam);
it is giving integer value..up to now is fine...
my problem is how to know which menu item is clicked by using this
identifier? is it possible by this? or is there any other way to know which
menu item clicked? i again stuck with this problem....plz help me...
please explain with code if possible..
Thanks in advance...
--
--------------------------------------------
At last i learned something for today...:)