我们可以用SetWindowsHook 安装一个低级钩子,然后回调函数lParam是一个 MSLLHOOKSTRUCT结构指针结构体定义如下:
typedef struct tagMSLLHOOKSTRUCT {
POINT pt;
DWORD mouseData;
DWORD flags;
DWORD time;
ULONG_PTR dwExtraInfo;
} MSLLHOOKSTRUCT, FAR *LPMSLLHOOKSTRUCT, *PMSLLHOOKSTRUCT;
当使用sendmessage或sendinput发送的虚拟消息时,flags为1
这样就可以检测到模拟的键鼠消息。
参考: https://msdn.microsoft.com/en-us/library/windows/desktop/ms644986(v=vs.85).aspx
void InstallHook()
{
if (!(hook = SetWindowsHookEx(WH_MOUSE_LL, LLMP, NULL, 0)))
{
MessageBox(NULL, "failed to install hook", "fail", MB_ICONERROR);
}
}
void main()
{
InstallHook();
// Message loop to keep console alive/get messages.
MSG gmsg;
while (GetMessage(&gmsg, NULL, 0, 0))
{
}
}
LRESULT CALLBACK LLMP(int nCode, WPARAM wParam, LPARAM lParam)
{
if (nCode >= 0)
{
mouseStruct = *((MSLLHOOKSTRUCT*)lParam);
mouseStruct.flags = 1;
// LLMHF_INJECTED FLAG
if (mouseStruct.flags & 0x01)
{
MessageBox(NULL, "ss", "Detected!", MB_ICONINFORMATION);
}
}
return CallNextHookEx(hook, nCode, wParam, lParam);
}
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
