Obtaining HWND in system wide hook DLL? 
Author Message
 Obtaining HWND in system wide hook DLL?

Hello,

      I'm writing keylogger that logs not only pressed keys but also window
titles and application fullpaths.
The architecture is simple - I've created a DLL that hooks keyboard input
and redirects all chars to my window application that logs them into file.
All goes fine (chars are being written, window titles are being written)
before I try to get application's full path.
Window titles are being obtained in DLL via:

      HWND hwndToTrack = GetActiveWindow();

      while(::GetParent(hwndToTrack) != NULL)
        hwndToTrack = ::GetParent(hwndToTrack);

      PostMessage(hwndOfReceiver, WM_SWHDLL_KEY_MSG, (long)hwndToTrack,
lparam);

And then in my windows application:
    ::GetWindowText(hwndToTrack, szTitleToTrack, 999);

Then, I'm trying to get full path:
GetWindowModuleFileName(hwndToTrack, szPathToTrack, MAX_PATH+1);

But it constantly returns fullpath of my window application! :(

So, the only thing that I've managed to do is to get processid by this
hwndToTrack, to take a processes snapshot and than to find this process and
extract the executable name. It's slow and gives only name, not full path :(

Could you advise something?

--
Andrey A. Belkin



Sat, 30 Apr 2005 18:24:40 GMT  
 Obtaining HWND in system wide hook DLL?
See KB Article Q228469 "INFO: GetWindowModuleFileName &
GetModuleFileName Work Only with the Calling Process". You'll need to
call it from inside the hook DLL.
--
With best wishes,
    Igor Tandetnik

"For every complex problem, there is a solution that is simple, neat,
and wrong." H.L. Mencken



Quote:
> Hello,

>       I'm writing keylogger that logs not only pressed keys but also
window
> titles and application fullpaths.
> The architecture is simple - I've created a DLL that hooks keyboard
input
> and redirects all chars to my window application that logs them into
file.
> All goes fine (chars are being written, window titles are being
written)
> before I try to get application's full path.
> Window titles are being obtained in DLL via:

>       HWND hwndToTrack = GetActiveWindow();

>       while(::GetParent(hwndToTrack) != NULL)
>         hwndToTrack = ::GetParent(hwndToTrack);

>       PostMessage(hwndOfReceiver, WM_SWHDLL_KEY_MSG,
(long)hwndToTrack,
> lparam);

> And then in my windows application:
>     ::GetWindowText(hwndToTrack, szTitleToTrack, 999);

> Then, I'm trying to get full path:
> GetWindowModuleFileName(hwndToTrack, szPathToTrack, MAX_PATH+1);

> But it constantly returns fullpath of my window application! :(

> So, the only thing that I've managed to do is to get processid by this
> hwndToTrack, to take a processes snapshot and than to find this
process and
> extract the executable name. It's slow and gives only name, not full
path :(

> Could you advise something?

> --
> Andrey A. Belkin




Sun, 01 May 2005 00:09:43 GMT  
 Obtaining HWND in system wide hook DLL?
Thank you :-)
I retrieve it from my DLL and sendmessage with WM_COPYDATA to my window
application :-))
And it works just fine!

--
Andrey A. Belkin


Quote:
> See KB Article Q228469 "INFO: GetWindowModuleFileName &
> GetModuleFileName Work Only with the Calling Process". You'll need to
> call it from inside the hook DLL.
> --
> With best wishes,
>     Igor Tandetnik

> "For every complex problem, there is a solution that is simple, neat,
> and wrong." H.L. Mencken



> > Hello,

> >       I'm writing keylogger that logs not only pressed keys but also
> window
> > titles and application fullpaths.
> > The architecture is simple - I've created a DLL that hooks keyboard
> input
> > and redirects all chars to my window application that logs them into
> file.
> > All goes fine (chars are being written, window titles are being
> written)
> > before I try to get application's full path.
> > Window titles are being obtained in DLL via:

> >       HWND hwndToTrack = GetActiveWindow();

> >       while(::GetParent(hwndToTrack) != NULL)
> >         hwndToTrack = ::GetParent(hwndToTrack);

> >       PostMessage(hwndOfReceiver, WM_SWHDLL_KEY_MSG,
> (long)hwndToTrack,
> > lparam);

> > And then in my windows application:
> >     ::GetWindowText(hwndToTrack, szTitleToTrack, 999);

> > Then, I'm trying to get full path:
> > GetWindowModuleFileName(hwndToTrack, szPathToTrack, MAX_PATH+1);

> > But it constantly returns fullpath of my window application! :(

> > So, the only thing that I've managed to do is to get processid by this
> > hwndToTrack, to take a processes snapshot and than to find this
> process and
> > extract the executable name. It's slow and gives only name, not full
> path :(

> > Could you advise something?

> > --
> > Andrey A. Belkin




Mon, 02 May 2005 20:36:33 GMT  
 
 [ 3 post ] 

 Relevant Pages 

1. Obtaining HWND in system wide hook DLL?

2. System wide Message Hook not working when caller app loses focus

3. Creating system wide keyboard Hooks with c#

4. system wide hook

5. How to setup system-wide hook for Common Dialogs

6. System wide hook problem...

7. Hooking system wide

8. ShellExecute() seems to unhook system wide hook...

9. System wide hook question...

10. How to install System Wide Hooks, Sample code included working for installing app

11. system-wide hook?

12. System-wide mouse hook

 

 
Powered by phpBB® Forum Software