还需要继续研究

include/Detours/detours.h

@@ -2,7 +2,7 @@
 //
 //  Core Detours Functionality (detours.h of detours.lib)
 //
-//  Microsoft Research Detours Package, Version 3.0 Build_343.
+//  Microsoft Research Detours Package, Version 4.0.1
 //
 //  Copyright (c) Microsoft Corporation.  All rights reserved.
 //
@@ -11,7 +11,7 @@
 #ifndef _DETOURS_H_
 #define _DETOURS_H_
 
-#define DETOURS_VERSION     30001   // 3.00.01
+#define DETOURS_VERSION     0x4c0c1   // 0xMAJORcMINORcPATCH
 
 //////////////////////////////////////////////////////////////////////////////
 //

include/Detours/detver.h

@@ -2,7 +2,7 @@
 //
 //  Common version parameters.
 //
-//  Microsoft Research Detours Package, Version 3.0 Build_343.
+//  Microsoft Research Detours Package, Version 4.0.1
 //
 //  Copyright (c) Microsoft Corporation.  All rights reserved.
 //

include/Detours/syelog.h

@@ -1,89 +0,0 @@
-//////////////////////////////////////////////////////////////////////////////
-//
-//  Detours Test Program (syelog.h of syelog.lib)
-//
-//  Microsoft Research Detours Package, Version 3.0.
-//
-//  Copyright (c) Microsoft Corporation.  All rights reserved.
-//
-#pragma once
-#ifndef _SYELOGD_H_
-#define _SYELOGD_H_
-#include <stdarg.h>
-
-#pragma pack(push, 1)
-#pragma warning(push)
-#pragma warning(disable: 4200)
-
-//////////////////////////////////////////////////////////////////////////////
-//
-//
-#define SYELOG_PIPE_NAMEA       "\\\\.\\pipe\\syelog"
-#define SYELOG_PIPE_NAMEW       L"\\\\.\\pipe\\syelog"
-#ifdef UNICODE
-#define SYELOG_PIPE_NAME        SYELOG_PIPE_NAMEW
-#else
-#define SYELOG_PIPE_NAME        SYELOG_PIPE_NAMEA
-#endif
-
-//////////////////////////////////////////////////////////////////////////////
-//
-#define SYELOG_MAXIMUM_MESSAGE  4086    // 4096 - sizeof(header stuff)
-
-typedef struct _SYELOG_MESSAGE
-{
-    USHORT      nBytes;
-    BYTE        nFacility;
-    BYTE        nSeverity;
-    DWORD       nProcessId;
-    FILETIME    ftOccurance;
-    BOOL        fTerminate;
-    CHAR        szMessage[SYELOG_MAXIMUM_MESSAGE];
-} SYELOG_MESSAGE, *PSYELOG_MESSAGE;
-
-
-// Facility Codes.
-//
-#define SYELOG_FACILITY_KERNEL          0x10            // OS Kernel
-#define SYELOG_FACILITY_SECURITY        0x20            // OS Security
-#define SYELOG_FACILITY_LOGGING         0x30            // OS Logging-internal
-#define SYELOG_FACILITY_SERVICE         0x40            // User-mode system daemon
-#define SYELOG_FACILITY_APPLICATION     0x50            // User-mode application
-#define SYELOG_FACILITY_USER            0x60            // User self-generated.
-#define SYELOG_FACILITY_LOCAL0          0x70            // Locally defined.
-#define SYELOG_FACILITY_LOCAL1          0x71            // Locally defined.
-#define SYELOG_FACILITY_LOCAL2          0x72            // Locally defined.
-#define SYELOG_FACILITY_LOCAL3          0x73            // Locally defined.
-#define SYELOG_FACILITY_LOCAL4          0x74            // Locally defined.
-#define SYELOG_FACILITY_LOCAL5          0x75            // Locally defined.
-#define SYELOG_FACILITY_LOCAL6          0x76            // Locally defined.
-#define SYELOG_FACILITY_LOCAL7          0x77            // Locally defined.
-#define SYELOG_FACILITY_LOCAL8          0x78            // Locally defined.
-#define SYELOG_FACILITY_LOCAL9          0x79            // Locally defined.
-
-// Severity Codes.
-//
-#define SYELOG_SEVERITY_FATAL           0x00            // System is dead.
-#define SYELOG_SEVERITY_ALERT           0x10            // Take action immediately.
-#define SYELOG_SEVERITY_CRITICAL        0x20            // Critical condition.
-#define SYELOG_SEVERITY_ERROR           0x30            // Error
-#define SYELOG_SEVERITY_WARNING         0x40            // Warning
-#define SYELOG_SEVERITY_NOTICE          0x50            // Significant condition.
-#define SYELOG_SEVERITY_INFORMATION     0x60            // Informational
-#define SYELOG_SEVERITY_AUDIT_FAIL      0x66            // Audit Failed
-#define SYELOG_SEVERITY_AUDIT_PASS      0x67            // Audit Succeeeded
-#define SYELOG_SEVERITY_DEBUG           0x70            // Debugging
-
-// Logging Functions.
-//
-VOID SyelogOpen(PCSTR pszIdentifier, BYTE nFacility);
-VOID Syelog(BYTE nSeverity, PCSTR pszMsgf, ...);
-VOID SyelogV(BYTE nSeverity, PCSTR pszMsgf, va_list args);
-VOID SyelogClose(BOOL fTerminate);
-
-#pragma warning(pop)
-#pragma pack(pop)
-
-#endif //  _SYELOGD_H_
-//
-///////////////////////////////////////////////////////////////// End of File.

zhipuzi_pay_plugin/wnd/CValueWnd.cpp

@@ -24,6 +24,44 @@ void CValueWnd::Init()
 	std::thread(&CValueWnd::ReadValue, this).detach();
 }
 
+void print_window2(HWND parent, int level)
+{
+	HWND child = NULL;
+	TCHAR buf[MAX_PATH];
+	DWORD pid = 0, tid = 0;
+	do {
+		child = FindWindowEx(parent, child, NULL, NULL);
+		int ret = GetWindowText(child, buf, MAX_PATH);
+		buf[ret] = 0;
+		tid = GetWindowThreadProcessId(child, &pid);
+		for (int i = 0; i < level; ++i)
+			LOG_INFO(L"\t");
+		LOG_INFO("buf:"<<buf<<" ,  pid:"<<pid<<", tid:"<<tid);
+		if (child)
+			print_window2(child, level + 1);
+	} while (child);
+}
+
+	void print_window()
+	{
+		HWND child = NULL;
+		TCHAR buf[MAX_PATH];
+		DWORD pid = 0, tid = 0;
+
+		do {
+			//查找 Explore 下的一个窗口,如果能找到则根据 Explore 下的child 继续找
+			child = FindWindowEx(NULL, child, NULL, NULL);
+			int ret = GetWindowText(child, buf, MAX_PATH);
+			buf[ret] = 0;
+			tid = GetWindowThreadProcessId(child, &pid);
+			_tprintf(L"%s ,  pid:%d, tid:%d\n", buf, pid, tid);
+
+			//遍历子窗口们
+			if (child)
+				print_window2(child, 1);
+		} while (child);
+	}
+
 void CValueWnd::ReadValue()
 {
 	//读取串口的模式
@@ -65,14 +103,16 @@ void CValueWnd::ReadValue()
 	//}
 	//} 
 
-	BOOL ret = InstallHook();
-	if (ret)
-	{
-		int a = 1;
-	}
+	//BOOL ret = InstallHook();
+	//if (ret)
+	//{
+	//	int a = 1;
+	//}
 
-	SetHwnd(m_hWnd);
-	int b = 1;
+	//SetHwnd(m_hWnd);
+	//int b = 1;
+	// 
+	print_window();
 }
 
 LRESULT CValueWnd::OnCreate(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL& bHandled)

zpzDll/Hook.cpp

@@ -45,7 +45,7 @@ HANDLE WINAPI Mine_CreateFileW(
 
 	if (wsFileName == L"COM1" || wsFileName == L"com1")
 	{
-		MessageBox(NULL, L"1111111111", L"2222", MB_OK);
+		MessageBox(NULL, L"1111111111", L"111111111111111111111", MB_OK);
 	}
 
 	return Real_CreateFileW(lpFileName, dwDesiredAccess, dwShareMode, lpSecurityAttributes, dwCreationDisposition, dwFlagsAndAttributes, hTemplateFile);

zpzDll/dllmain.cpp

@@ -16,14 +16,14 @@ BOOL APIENTRY DllMain(HMODULE hModule,
     {
     case DLL_PROCESS_ATTACH:
 	{
-		//Hook();
+		Hook();
 		break;
 	}
     case DLL_THREAD_ATTACH:
     case DLL_THREAD_DETACH:
     case DLL_PROCESS_DETACH:
 	{
-		//UnHook();
+		UnHook();
 		break;
 	}
     }

zpzDll/zpzDll.cpp

@@ -20,6 +20,7 @@ extern HINSTANCE g_Inst;
  **/
 LRESULT CALLBACK CBTProc(int nCode, WPARAM wParam, LPARAM lParam)
 {
+	//MessageBox(NULL, L"2222222222222", L"2222222222222222222", MB_OK);
 	return CallNextHookEx(g_Hook, nCode, wParam, lParam);
 }
 
@@ -30,7 +31,7 @@ BOOL InstallHook()
 {
 	if (g_Hook == NULL)
 	{
-		g_Hook = SetWindowsHookEx(WH_CBT, CBTProc, g_Inst, 0);
+		g_Hook = SetWindowsHookEx(WH_KEYBOARD, CBTProc, g_Inst, 0);
 
 		if (g_Hook != NULL)
 		{

zpzDll/zpzDll.vcxproj.user

@@ -5,4 +5,7 @@
     <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
     <LocalDebuggerWorkingDirectory>$(SolutionDir)bin\$(Platform)\$(Configuration)\$(ProjectName)\</LocalDebuggerWorkingDirectory>
   </PropertyGroup>
+  <PropertyGroup>
+    <ShowAllFiles>true</ShowAllFiles>
+  </PropertyGroup>
 </Project>