Mega Code Archive

 

Categories / Delphi / System

 

Shell wide system hook

Title: Shell wide system hook Question: Capture new windows creations, closes, activations,, etc, at system level. Answer: In this article, you have an example of installation of a hook type Shell at system level. With it, you will have an event that it will inform you of what window it has been activated, created or destroyed in all Windows. For example, we could create an application that it goes recording in a file the windows that the user has gone opening up... As it is a hook at system level, this must go separated in a DLL. To know more than the operation of the hook, the DLL and the communication between the DLL and our application, take a look to the article: http://www.delphi3000.com/articles/article_883.asp since it is similar to this article, and I won't repeat the explanations here. h3 Hook's DLL /h3 library HookShell; {Demo de Hook de Shell a nivel de sistema, Radikal.} uses Windows, Messages; const CM_CHIVATO = WM_USER + $1000; var HookDeShell : HHook; FicheroM : THandle; PReceptor : ^Integer; function CallBackDelHook( Code : Integer; wParam : WPARAM; lParam : LPARAM ) : LRESULT; stdcall; {Esta es la funcion CallBack a la cual llamar el hook.} {This is the CallBack function called by he Hook} begin if code =0 then begin {Miramos si existe el fichero} {if the mapfile exists} FicheroM:=OpenFileMapping(FILE_MAP_READ,False,'ElReceptor'); {Si no existe, no enviamos nada a la aplicacion receptora} {If dont, send nothing to receiver application} if FicheroM0 then begin PReceptor:=MapViewOfFile(FicheroM,FILE_MAP_READ,0,0,0); PostMessage(PReceptor^,CM_CHIVATO,wParam,Code); UnmapViewOfFile(PReceptor); CloseHandle(FicheroM); end; end; {Llamamos al siguiente hook de la cadena} {call to next hook of the chain} Result := CallNextHookEx(HookDeShell, Code, wParam, lParam) end; procedure HookOn; stdcall; {Procedure que instala el hook} {procedure for install the hook} begin HookDeShell:=SetWindowsHookEx(WH_SHELL, @CallBackDelHook, HInstance , 0); end; procedure HookOff; stdcall; begin {procedure para desinstalar el hook} {procedure to uninstall the hook} UnhookWindowsHookEx(HookDeShell); end; exports {Exportamos las procedures...} {Export the procedures} HookOn, HookOff; begin end. h3Demo application/h3 ul liPut a TMemo (Memo1) in your form/li liPut this code in the form's unit/li /ul unit Unit1; interface uses Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs, StdCtrls; const NombreDLL = 'HookShell.dll'; CM_CHIVATO = WM_USER + $1000; type THookTeclado=procedure; stdcall; type TForm1 = class(TForm) Label1: TLabel; Memo1: TMemo; Button1: TButton; procedure FormCreate(Sender: TObject); procedure FormDestroy(Sender: TObject); private { Private declarations } FicheroM : THandle; PReceptor : ^Integer; HandleDLL : THandle; HookOn, HookOff : THookTeclado; procedure LlegaDelHook(var message: TMessage); message CM_CHIVATO; public { Public declarations } end; var Form1: TForm1; implementation {$R *.DFM} procedure TForm1.FormCreate(Sender: TObject); begin {No queremos que el Memo maneje el teclado...} {We dont want that the memo read the keyboard...} Memo1.ReadOnly:=TRUE; HandleDLL:=LoadLibrary( PChar(ExtractFilePath(Application.Exename)+ NombreDLL ) ); if HandleDLL = 0 then raise Exception.Create('No se pudo cargar la DLL'); @HookOn :=GetProcAddress(HandleDLL, 'HookOn'); @HookOff:=GetProcAddress(HandleDLL, 'HookOff'); if not assigned(HookOn) or not assigned(HookOff) then raise Exception.Create('No se encontraron las funciones en la DLL'+#13+ 'Cannot find the required DLL functions'); {Creamos el fichero de memoria} FicheroM:=CreateFileMapping( $FFFFFFFF, nil, PAGE_READWRITE, 0, SizeOf(Integer), 'ElReceptor'); {Si no se cre el fichero, error} if FicheroM=0 then raise Exception.Create( 'Error al crear el fichero'+ '/Error while create file'); {Direccionamos nuestra estructura al fichero de memoria} PReceptor:=MapViewOfFile(FicheroM,FILE_MAP_WRITE,0,0,0); {Escribimos datos en el fichero de memoria} PReceptor^:=Handle; HookOn; end; procedure TForm1.LlegaDelHook(var message: TMessage); function PillaTituloVentana(Mango:integer):string; var Titulo : string; begin Titulo:=StringOfChar(' ',200); GetWindowText( Message.WParam, PChar(Titulo),200); Result:=Titulo; end; var sTemp : string; begin sTemp:='Nada'; case message.LParam of HSHELL_TASKMAN: sTemp:='Activada la barra de tareas'; HSHELL_WINDOWACTIVATED: sTemp:= 'Activada la ventana: '+ PillaTituloVentana(Message.wParam); HSHELL_WINDOWCREATED: sTemp:= 'Creada la ventana: '+ PillaTituloVentana(Message.wParam); HSHELL_WINDOWDESTROYED: sTemp:= 'Destruida la ventana: '+ PillaTituloVentana(Message.wParam); end; if sTemp'Nada' then Memo1.Lines.Append( sTemp ); end; procedure TForm1.FormDestroy(Sender: TObject); begin {Desactivamos el Hook} {Uninstall the Hook} if Assigned(HookOff) then HookOff; {Liberamos la DLL} {Free the DLL} if HandleDLL0 then FreeLibrary(HandleDLL); {Cerramos la vista del fichero y el fichero} {Close the memfile and the View} if FicheroM0 then begin UnmapViewOfFile(PReceptor); CloseHandle(FicheroM); end; end; end. Make the DLL and compile it, and then make and compile the demo application. Try to put everything in the same directory, so that the application demo can finds the DLL. If everything goes well, in the Memo1 it will go appearing a list of the windows that you go creating, closing and activating. I will go putting more applications of this hook type in successive tricks. IMPORTANT: Dont forget to set the event handlers (if you copy & paste the source code)