J
Jack Daw
And any other C-for-Windows experts on this group!
I am writing a system wide hooking program for intercepting the
keyboard messages for windows 95
I am facing a problem in interpreting the keys pressed.
As this is a system wide application i have an executable HK.EXE
and a dll TESTHOOKDLL.DLL. I am using API calls
BOOL GetKeyboardState( PBYTE lpKeyState
// address of array to receive status data
);
for geting the state of the keys before converting the key
into its ascii equivalent using another API call
int ToAscii( UINT uVirtKey,
// virtual-key code
UINT uScanCode,
// scan code
PBYTE lpKeyState,
// address of key-state array
LPWORD lpChar,
// buffer for translated key
UINT uFlags
// active-menu flag
);
The problem is that when the GetKeyboardState function is called it
causes an illegal operation with the following errors. The
following is the stack dump for the errors.
i)HK caused an exception 03H in module MFC42D.DLL at 0137:5f42ea06.
Registers:
EAX=ffffffff CS=0137 EIP=5f42ea06 EFLGS=00000286
EBX=0063b338 SS=013f ESP=0063b2a8 EBP=0063b2b8
ECX=00000000 DS=013f ESI=0000835c FS=48df
EDX=00000000 ES=013f EDI=0063b2ec GS=0000
Bytes at CS:EIP:
33 c9 85 c9 75 e0 8b 55 fc 8b 42 20 3b 45 08 74
Stack dump:
0063b2ec 0000835c 0063b338 00000000 0063b2e4 5f486ef2 000005e4 0000001f
00000000 00000000 00000117 00000000 0063b320 5f49da10 00000000 0063b304
ii) HK caused a general protection fault
in module KEYBOARD.DRV at 0009:0000083c.
Registers:
EAX=04cc0055 CS=0237 EIP=0000083c EFLGS=00000246
EBX=00110468 SS=47ef ESP=0000d282 EBP=0000d294
ECX=04090000 DS=023f ESI=00000000 FS=132f
EDX=00010001 ES=0000 EDI=0000013f GS=0000
Bytes at CS:EIP:
ab 8b c2 66 5f 66 5e 0f a1 1f 8d 66 fe 1f 5d ca
Stack dump:
0000013f 00003537 023f3537 00025500 d2ec013f 016f0028 04090409 013f0000
00000000 0001132f 00000055 00000000 000a0000 00000000 35370000 013f0000
iii) HK caused an exception 03H in module KERNEL32.DLL at 0137:bff767d8.
Registers:
EAX=00000000 CS=0137 EIP=bff767d8 EFLGS=00000212
EBX=0063b338 SS=013f ESP=0063821c EBP=00638220
ECX=00000000 DS=013f ESI=0000835c FS=48df
EDX=00000000 ES=013f EDI=0063b258 GS=0000
Bytes at CS:EIP:
c3 cc cc cc 55 8b ec 56 57 68 30 fa fb bf e8 45
Stack dump:
10211c79 0063b258 10211e98 0063b2ec 00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000 bff60000 00000000 00000000 00000000
iv) HK caused an exception 03H in module TESTHOOKDLL.DLL at 0137:100011f4.
Registers:
EAX=00000001 CS=0137 EIP=100011f4 EFLGS=00000202
EBX=0063f406 SS=013f ESP=0063f398 EBP=0063f3ac
ECX=ffffffff DS=013f ESI=00022214 FS=34e7
EDX=8009b8b0 ES=013f EDI=00020000 GS=0000
Bytes at CS:EIP:
33 d2 85 d2 75 d9 eb 28 6a 00 6a 00 68 d8 44 00
Stack dump:
00020000 00022214 0063f406 00000000 00650098 0063f3ec bff7241d 00000000
00000041 c81e0001 840a336f 3d6b336f 336f16e7 788cb3c8 000c843a 10190003
I am not able to understand why this error is coming. I have also tried to
allocate the memory on the heap for the PBYTE argument using new operator
but no use. I am stuck at this point as i need to interpret all the keys
correctly before i proceed.
I am also giving the code for the dll along with this mail...
CODE FOR THE TESTHOOKDLL.CPP
----------------------------
// testhookdll.cpp : Defines the initialization routines for the DLL.
//
#include "stdafx.h"
#include <afxdllx.h>
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
HINSTANCE hInstance1; // global instance of the dll
extern "C" __declspec(dllexport)LRESULT CALLBACK KeyBoardProc(int code,
WPARAM wParam, LPARAM lParam );
HHOOK hck; // hook handle
static AFX_EXTENSION_MODULE TesthookdllDLL = { NULL, NULL };
extern "C" int APIENTRY
DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID lpReserved)
{
// Remove this if you use lpReserved
UNREFERENCED_PARAMETER(lpReserved);
hInstance1=hInstance; // storing the handle of the dll
if (dwReason == DLL_PROCESS_ATTACH)
{
TRACE0("TESTHOOKDLL.DLL Initializing!\n");
// Extension DLL one-time initialization
if (!AfxInitExtensionModule(TesthookdllDLL, hInstance))
return 0;
// Insert this DLL into the resource chain
// NOTE: If this Extension DLL is being implicitly linked to by
// an MFC Regular DLL (such as an ActiveX Control)
// instead of an MFC application, then you will want to
// remove this line from DllMain and put it in a separate
// function exported from this Extension DLL. The Regular DLL
// that uses this Extension DLL should then explicitly call
that
// function to initialize this Extension DLL. Otherwise,
// the CDynLinkLibrary object will not be attached to the
// Regular DLL's resource chain, and serious problems will
// result.
new CDynLinkLibrary(TesthookdllDLL);
}
else if (dwReason == DLL_PROCESS_DETACH)
{
TRACE0("TESTHOOKDLL.DLL Terminating!\n");
// Terminate the library before destructors are called
AfxTermExtensionModule(TesthookdllDLL);
}
return 1; // ok
}
/////// Exported functions...
extern "C" __declspec(dllexport)int InstallKeyBoardHook(){
HINSTANCE hMod;
HOOKPROC hkprc;
hMod =hInstance1; // handle to the dll
hkprc= KeyBoardProc; // hook keyboard procedure
hck = SetWindowsHookEx(WH_KEYBOARD,hkprc , hMod, 0); // fourth argument =0
::AfxMessageBox(" HK set "); // for system wide hook
return 0;
}
extern "C" __declspec(dllexport)LRESULT CALLBACK KeyBoardProc(int code, WPARAM
wParam, LPARAM lParam )
{
:: AfxMessageBox ( "KEY PRESSED");
if (code >= 0)
if( code == HC_ACTION){
:: AfxMessageBox ( "HC_ACTION");
PBYTE *lpKeyState = new PBYTE[256];
VERIFY (GetKeyboardState(*lpKeyState)); //*here is the problem*
LPWORD lpChar;
ToAscii( wParam, lParam,*lpKeyState, lpChar, 0);
CString str;
str.Format("%s", lpChar);
:: AfxMessageBox(str);
}
else {
:: AfxMessageBox ( "NO HC_ACTION");
}
return CallNextHookEx( hck, code, wParam,lParam);
}
I am writing a system wide hooking program for intercepting the
keyboard messages for windows 95
I am facing a problem in interpreting the keys pressed.
As this is a system wide application i have an executable HK.EXE
and a dll TESTHOOKDLL.DLL. I am using API calls
BOOL GetKeyboardState( PBYTE lpKeyState
// address of array to receive status data
);
for geting the state of the keys before converting the key
into its ascii equivalent using another API call
int ToAscii( UINT uVirtKey,
// virtual-key code
UINT uScanCode,
// scan code
PBYTE lpKeyState,
// address of key-state array
LPWORD lpChar,
// buffer for translated key
UINT uFlags
// active-menu flag
);
The problem is that when the GetKeyboardState function is called it
causes an illegal operation with the following errors. The
following is the stack dump for the errors.
i)HK caused an exception 03H in module MFC42D.DLL at 0137:5f42ea06.
Registers:
EAX=ffffffff CS=0137 EIP=5f42ea06 EFLGS=00000286
EBX=0063b338 SS=013f ESP=0063b2a8 EBP=0063b2b8
ECX=00000000 DS=013f ESI=0000835c FS=48df
EDX=00000000 ES=013f EDI=0063b2ec GS=0000
Bytes at CS:EIP:
33 c9 85 c9 75 e0 8b 55 fc 8b 42 20 3b 45 08 74
Stack dump:
0063b2ec 0000835c 0063b338 00000000 0063b2e4 5f486ef2 000005e4 0000001f
00000000 00000000 00000117 00000000 0063b320 5f49da10 00000000 0063b304
ii) HK caused a general protection fault
in module KEYBOARD.DRV at 0009:0000083c.
Registers:
EAX=04cc0055 CS=0237 EIP=0000083c EFLGS=00000246
EBX=00110468 SS=47ef ESP=0000d282 EBP=0000d294
ECX=04090000 DS=023f ESI=00000000 FS=132f
EDX=00010001 ES=0000 EDI=0000013f GS=0000
Bytes at CS:EIP:
ab 8b c2 66 5f 66 5e 0f a1 1f 8d 66 fe 1f 5d ca
Stack dump:
0000013f 00003537 023f3537 00025500 d2ec013f 016f0028 04090409 013f0000
00000000 0001132f 00000055 00000000 000a0000 00000000 35370000 013f0000
iii) HK caused an exception 03H in module KERNEL32.DLL at 0137:bff767d8.
Registers:
EAX=00000000 CS=0137 EIP=bff767d8 EFLGS=00000212
EBX=0063b338 SS=013f ESP=0063821c EBP=00638220
ECX=00000000 DS=013f ESI=0000835c FS=48df
EDX=00000000 ES=013f EDI=0063b258 GS=0000
Bytes at CS:EIP:
c3 cc cc cc 55 8b ec 56 57 68 30 fa fb bf e8 45
Stack dump:
10211c79 0063b258 10211e98 0063b2ec 00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000 bff60000 00000000 00000000 00000000
iv) HK caused an exception 03H in module TESTHOOKDLL.DLL at 0137:100011f4.
Registers:
EAX=00000001 CS=0137 EIP=100011f4 EFLGS=00000202
EBX=0063f406 SS=013f ESP=0063f398 EBP=0063f3ac
ECX=ffffffff DS=013f ESI=00022214 FS=34e7
EDX=8009b8b0 ES=013f EDI=00020000 GS=0000
Bytes at CS:EIP:
33 d2 85 d2 75 d9 eb 28 6a 00 6a 00 68 d8 44 00
Stack dump:
00020000 00022214 0063f406 00000000 00650098 0063f3ec bff7241d 00000000
00000041 c81e0001 840a336f 3d6b336f 336f16e7 788cb3c8 000c843a 10190003
I am not able to understand why this error is coming. I have also tried to
allocate the memory on the heap for the PBYTE argument using new operator
but no use. I am stuck at this point as i need to interpret all the keys
correctly before i proceed.
I am also giving the code for the dll along with this mail...
CODE FOR THE TESTHOOKDLL.CPP
----------------------------
// testhookdll.cpp : Defines the initialization routines for the DLL.
//
#include "stdafx.h"
#include <afxdllx.h>
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
HINSTANCE hInstance1; // global instance of the dll
extern "C" __declspec(dllexport)LRESULT CALLBACK KeyBoardProc(int code,
WPARAM wParam, LPARAM lParam );
HHOOK hck; // hook handle
static AFX_EXTENSION_MODULE TesthookdllDLL = { NULL, NULL };
extern "C" int APIENTRY
DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID lpReserved)
{
// Remove this if you use lpReserved
UNREFERENCED_PARAMETER(lpReserved);
hInstance1=hInstance; // storing the handle of the dll
if (dwReason == DLL_PROCESS_ATTACH)
{
TRACE0("TESTHOOKDLL.DLL Initializing!\n");
// Extension DLL one-time initialization
if (!AfxInitExtensionModule(TesthookdllDLL, hInstance))
return 0;
// Insert this DLL into the resource chain
// NOTE: If this Extension DLL is being implicitly linked to by
// an MFC Regular DLL (such as an ActiveX Control)
// instead of an MFC application, then you will want to
// remove this line from DllMain and put it in a separate
// function exported from this Extension DLL. The Regular DLL
// that uses this Extension DLL should then explicitly call
that
// function to initialize this Extension DLL. Otherwise,
// the CDynLinkLibrary object will not be attached to the
// Regular DLL's resource chain, and serious problems will
// result.
new CDynLinkLibrary(TesthookdllDLL);
}
else if (dwReason == DLL_PROCESS_DETACH)
{
TRACE0("TESTHOOKDLL.DLL Terminating!\n");
// Terminate the library before destructors are called
AfxTermExtensionModule(TesthookdllDLL);
}
return 1; // ok
}
/////// Exported functions...
extern "C" __declspec(dllexport)int InstallKeyBoardHook(){
HINSTANCE hMod;
HOOKPROC hkprc;
hMod =hInstance1; // handle to the dll
hkprc= KeyBoardProc; // hook keyboard procedure
hck = SetWindowsHookEx(WH_KEYBOARD,hkprc , hMod, 0); // fourth argument =0
::AfxMessageBox(" HK set "); // for system wide hook
return 0;
}
extern "C" __declspec(dllexport)LRESULT CALLBACK KeyBoardProc(int code, WPARAM
wParam, LPARAM lParam )
{
:: AfxMessageBox ( "KEY PRESSED");
if (code >= 0)
if( code == HC_ACTION){
:: AfxMessageBox ( "HC_ACTION");
PBYTE *lpKeyState = new PBYTE[256];
VERIFY (GetKeyboardState(*lpKeyState)); //*here is the problem*
LPWORD lpChar;
ToAscii( wParam, lParam,*lpKeyState, lpChar, 0);
CString str;
str.Format("%s", lpChar);
:: AfxMessageBox(str);
}
else {
:: AfxMessageBox ( "NO HC_ACTION");
}
return CallNextHookEx( hck, code, wParam,lParam);
}