GDI Hooking

[acid]

Any sample code or article for systemwide GDI hooking ? It seems to me the techniques are kept in secret since all Remote Controlling softwares are using them in commercial purposes

[BlackMoon]

mojesh utochnit?
u menia koechto est napisanoe

[acid]

I have an application executable, which is not developed by myself, simply - I don't have the source code of that application. It has some GDI text output which I need to capture with my application whenever text output funtion is called.

[BlackMoon]

At home I have sources of keyboard hook by myself
I will post them today evening or tomorrow morning
if it can help you in VC 6.0 or 7.0
with GDI shold be tha same

[acid]

Thanks, but I can have many sources with keyboard hooking myself it's not same at all. Win32 API provides keyboard hooking mechanism.

Thanks anyway.

[greka]

is windows messaging used during console input/output ?

What about tracing system-wide all WM_SETTEXT/WM_GETTEXT messages?

The most suitable decision I see in a system-wide hook set on every "CreateFont()"+"WM_SETTEXT" pair.

I.e. somehow (?) traced CreateFont API, then upon appearance - started to trace EVERY WM_SETTEXT sent by specified application untill "DeleteObject" called.

h-m..?

[Agregat]

Касательно консольного ввода/вывода - то ReadConsole позволяет отслеживать keyboard, mouse events.

[acid]

Quote:

Originally Posted by greka

is windows messaging used during console input/output ?

What about tracing system-wide all WM_SETTEXT/WM_GETTEXT messages?

The most suitable decision I see in a system-wide hook set on every "CreateFont()"+"WM_SETTEXT" pair.

I.e. somehow (?) traced CreateFont API, then upon appearance - started to trace EVERY WM_SETTEXT sent by specified application untill "DeleteObject" called.

h-m..?

What console input/output has to do with my question ?

As well as I am concerned WS_SET/GETTEXT are not GDI functions.

Can you tell me in details how to set system-wide hook on CreateFont? If yes the problem is solved !

GDI text output is performed using *TextOut functions. I want to capture exactly that one.

Thank you.

[armeng]

Quote:

Originally Posted by acid

What console input/output has to do with my question ?
GDI text output is performed using *TextOut functions. I want to capture exactly that one.

Меняешь ExtTextOut, ExtTextOutA, ExtTextOutW функции в gdi32.dll на свои.
Как реализовать это? Ищи в интернете "DLL Injection API Hooking".

[armeng]

Но учти что эти ф-и будут вызываться при каждой WM_PAINT.

[Agregat]

Джеффри Рихтер, если что

[acid]

Quote:

Originally Posted by armeng

Меняешь ExtTextOut, ExtTextOutA, ExtTextOutW функции в gdi32.dll на свои.
Как реализовать это? Ищи в интернете "DLL Injection API Hooking".

Это уже поближе к делу! Гоогле мне в руки и вперед.

П.С.
Неужели заразы типа Remote Control applcations тоже меняют gdi32.dll... больше не буду такие гадости ставить(PCAnywhere, Remote Admin...)

Спасибо.

[armeng]

Quote:

Originally Posted by acid

Неужели заразы типа Remote Control applcations тоже меняют gdi32.dll...

Почти они все (которые я знаю RemoteAdmin, VNC...) передают разницы screenshot-ов, а вот родной Window Terminal Server делает настоящий перехват всей API + Messages. Отсюда вывод (может ошибаюсь), что скорей всего механизм перехвата ф-й API реализована где то в недрах Windows-a и спрятана так глубоко, что качественый Remote Control осуществляет только Terminal Server.

Кстати не объязательно на диске менять gdi32.dll. Можно его менять в ОЗУ (CreateRemoteThread?, OpenProcess, ReadProcessMemory ....). Рихтера тоже смотри, там есть хорошие примеры.

[sukhodolin]

Quote:

Originally Posted by armeng

а вот родной Window Terminal Server делает настоящий перехват всей API + Messages.

Мы (DemoForge) тоже это умеем, что именно интересует?