有什么出路在C ++ / CLI上钩过程返回自定义对象或自定义列表对象?

我简单的挂钩管理的过程和注入活力SPY DLL到theat过程中从中收集信息,需要将此信息发送到其他进程。

为此我使用一个注射器库,可以将消息发送给管理进程的主窗口过程。 我需要它们是大呼过瘾过程中的所有控件列表清单。 对于我的钩子程序不能返回一些“对象”时除外。 这里是我的喷油器钩子程序代码和呼叫者这个钩子程序。

Object^ MessageHookProc(int nCode, WPARAM wParam, LPARAM lParam) { try { if (nCode == HC_ACTION) { if (pCW->message == WM_INVOKEREMOTE) { // NOTE: This libary is probably loaded by Windows using some "LoadFrom" // resembling approach when the hook is installed. Appearantly, this causes // the CLR to be unable to find it when deserializing (even though we are // actually executing it in this moment!), so we need to help it. See // http://discuss.develop.com/archives/wa.exe?A2=ind0303a&L=dotnet-clr&D=0&T=0&P=10291 AppDomain^ currentDomain = AppDomain::CurrentDomain; currentDomain->AssemblyResolve += gcnew ResolveEventHandler(HelperClass::ResolveRequestMessageAssembly); RequestMessage^ msg = (RequestMessage^)Deserialize(); currentDomain->AssemblyResolve -= gcnew ResolveEventHandler(HelperClass::ResolveRequestMessageAssembly); // We need the path, otherwise the assembly have to be in the search path for the application in which it is injected String^ assemblyFile = Path::Combine(Path::GetDirectoryName(Assembly::GetExecutingAssembly()->Location), msg->AssemblyFile); Assembly^ assembly = Assembly::LoadFrom(assemblyFile); Type^ type = assembly->GetType(msg->TypeName); Object^ retVal = type->InvokeMember(msg->MethodName, BindingFlags::Static | BindingFlags::Public | BindingFlags::InvokeMethod, nullptr, nullptr, msg->Args); //Serialize(retVal); } } } catch(Object^ ex) { // No need to make a reference to System.Windows.Forms assembly just to show a // messagebox, we just need to make a string conversion IntPtr ptr = Marshal::StringToHGlobalUni(ex->ToString()); LPCTSTR error = reinterpret_cast<LPCTSTR>(ptr.ToPointer()); ::MessageBox(NULL, error, L"InvokeRemote Failed", MB_ICONERROR | MB_OK); Marshal::FreeHGlobal(ptr); Serialize(nullptr); } return CallNextHookEx(NULL, nCode, wParam, lParam); }

呼叫者MessageHookProc

====================

Object^ Injector::InvokeRemote(IntPtr hWnd, String^ assemblyFile, String^ typeName, String^ methodName, array<Object^>^ args) { RequestMessage^ msg = gcnew RequestMessage(); msg->AssemblyFile = assemblyFile; msg->TypeName = typeName; msg->MethodName = methodName; msg->Args = args; ::Serialize(msg); HINSTANCE hinstDLL = LoadLibrary((LPCTSTR) _T("InjectLib.dll")); DWORD threadID = GetWindowThreadProcessId((HWND)hWnd.ToPointer(), NULL); HOOKPROC procAddress = (HOOKPROC)GetProcAddress(hinstDLL, "MessageHookProc"); HHOOK messageHookHandle = SetWindowsHookEx(WH_CALLWNDPROC, procAddress, hinstDLL, threadID); // This forces it to be loaded into the target adress space // CALLS ACTUALLY THE HOOK PROCEDURE BY SENDING MESSAGE TO MAIN WINDOW OF HOOKED PROCESSS. // ========================================================================== SendMessage((HWND)hWnd.ToPointer(), WM_INVOKEREMOTE, 0, 0); ::UnhookWindowsHookEx(messageHookHandle); // Object^ retVal = Deserialize(); return retVal; }

所以在这里我不想以这种方式被序列化对象,他们必须从钩子程序被RETUNRED然后呼叫方应该能够对这些对象转移到其他模块或PROCESSS。

商祺
乌斯曼

--------------解决方案-------------

您需要将数据序列化到一些编码,不使用指针,因为这些指针有任何其他进程没有任何意义。 然后你可以使用任何形式的IPC,如命名管道,将编码数据转移到其他进程。

分类:。净 时间:2015-03-15 人气:0
分享到:

相关文章

Copyright (C) 55228885.com, All Rights Reserved.

55228885 版权所有 京ICP备15002868号

processed in 1.587 (s). 10 q(s)