Jump to content

Have anyone have an example of windows "Global Hook" procedure ?

Recommended Posts

Hello, I'm trying to create a Global Hook procedure to capture windows message WM_GETMESSAGE from any windows and any application in my desktop. What I have is sample code that only hook to GUI created by current running process itself. If you have such as code, could you share it here. I really need it.

Thank you.

Link to post
Share on other sites

Have a look at _WinAPI_SetWindowsHookEx.

Snips & Scripts

My Snips: graphCPUTemp ~ getENVvars
My Scripts: Short-Order Encrypter - message and file encryption V1.6.1 ~ AuPad - Notepad written entirely in AutoIt V1.9.4

Feel free to use any of my code for your own use.                                                                                                                                                           Forum FAQ


Link to post
Share on other sites

You must create a dll. then use it with _winapi_setwindowhookEx.

So maybe something like:

$pProAddress = _WinAPI_GetProcAddress($hLib,"yourhookprocedure")
$g_hHook = _WinAPI_SetWindowsHookEx($WH_GETMESSAGE, $pProAddress , $hLib)

;yourhookprocedure could look like

   ; MSG *lpmsg;

   ; if( ncode < 0 ) return CallNextHookEx( NULL, ncode, wParam, lParam );

    ;lpmsg = (MSG *)lParam;

    ;if((lpmsg ->message) == WM_KEYDOWN)
    ;Do Something
    ;  }

    ;return CallNextHookEx( NULL, ncode, wParam, lParam );




Link to post
Share on other sites

In my signature I have one example. Just find it using "hook" as the search term.

UDF List:

_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_ArrayFilter/_ArrayReduce_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 22/04/2018

Link to post
Share on other sites

@guinness  I'm almost sure that with RegisterWindowMessage will not handle WM_GETMESSAGE as suntisuka means.



Link to post
Share on other sites

Thanks for every replies,

MikahS, I modify code from _WinAPI_SetWindowsHookEx example to capture $WH_GETMESSAGE instead. I reduce code in _KeyProc function to show only word "_KeyProc". But it doesn't work. Error message "Cannot set nonlocal hook without a module handle." appears on line _WinAPI_SetWindowsHookEx( ). But I don't know why capture $WH_KEYBOARD_LL in original example works !

Danyfirex, This mean I must use other programming languages to create .DLL for Hook Procedure ? If so, and because Main function of my program is in that .DLL, I should use that language for whole of my program. It is better than use two languages for this project. But that is a hard work for me because I never use VB6, VB.NET or C++ :'(



Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...