马上加入TC
您需要 登录 才可以下载或查看,没有帐号?立即注册
x
【hook】钩子类型MSDN翻译整理
HOOK钩子机制学习笔记(2) - 钩子类型MSDN翻译整理
转载 2010年02月03日 10:52:00 阅读
作者:MaybeHelios
http://blog。csdn。net/maybehelios/
从现在开始,介绍全部钩子类型,一共有15种。由于本人现在使用C#,所以将原文中的Function都翻译为了“方法”,实际上翻译为“函数”可能更准确。原文中的”callback function”翻译为“回调函数”。
Each type of hook enables an application to monitor a different aspect of the system's message-handling mechanism.
每种类型的钩子使应用程序能够监视系统的消息处理机制的不同方面。
钩子类型1-2:WH_CALLWNDPROC and WH_CALLWNDPROCRET Hooks
The WH_CALLWNDPROC and WH_CALLWNDPROCRET hooks enable you to monitor messages sent to window procedures. The system calls a WH_CALLWNDPROC hook procedure before passing the message to the receiving window procedure, and calls the WH_CALLWNDPROCRET hook procedure after the window procedure has processed the message.
WH_CALLWNDPROC 和 WH_CALLWNDPROCRET钩子使你能够监视发送到window程序的消息。系统在将消息传递给正在接收的window程序之前,调用WH_CALLWNDPROC钩子子程;在window程序处理完消息之后,调用WH_CALLWNDPROCRET钩子子程。
The WH_CALLWNDPROCRET hook passes a pointer to a CWPRETSTRUCT structure to the hook procedure. The structure contains the return value from the window procedure that processed the message, as well as the message parameters associated with the message. Subclassing the window does not work for messages set between processes.
WH_CALLWNDPROCRET钩子将一个指向CWPRETSTRUCT结构的的指针传递给钩子子程。该结构包含有来自处理该消息的window程序的返回值,以及消息中的参数。子类窗体不能处理进程间的消息集。
钩子类型3:WH_CBT Hook
The system calls a WH_CBT hook procedure before activating, creating, destroying, minimizing, maximizing, moving, or sizing a window; before completing a system command; before removing a mouse or keyboard event from the system message queue; before setting the input focus; or before synchronizing with the system message queue. The value the hook procedure returns determines whether the system allows or prevents one of these operati**. The WH_CBT hook is intended primarily for computer-based training (CBT) applicati**.
在以下事件发生之前,系统会调用WH_CBT 钩子子程:
1、窗台被激活、创建、销毁、最小化、最大化、移动或者改变大小;
2、执行完系统命令;
3、从系统消息队列中移除鼠标或者键盘事件;
4、设置输入焦点;
5、同步系统消息队列;
钩子子程的返回值决定了系统是允许了还是阻止了这些操作中的一个。WH_CBT钩子主要是用在基于计算机的练习(CBT) 程序中。
钩子类型4:WH_DEBUG Hook
The system calls a WH_DEBUG hook procedure before calling hook procedures associated with any other hook in the system. You can use this hook to determine whether to allow the system to call hook procedures associated with other types of hooks.
在调用与系统中任何其他钩子关联的钩子子程之前,系统会调用WH_DEBUG 钩子子程。使用该钩子来决定是否允许系统调用与其他类型的钩子相关联的钩子子程。
钩子类型5:WH_FOREGROUNDIDLE Hook
The WH_FOREGROUNDIDLE hook enables you to perform low priority tasks during times when its foreground thread is idle. The system calls a WH_FOREGROUNDIDLE hook procedure when the application's foreground thread is about to become idle.
WH_FOREGROUNDIDLE 钩子允许当前台线程空闲时,执行低权限的任务。系统在应用程序的前台线程即将空闲时,调用WH_FOREGROUNDIDLE钩子子程。
钩子类型6:WH_GETMESSAGE Hook
The WH_GETMESSAGE hook enables an application to monitor messages about to be returned by the GetMessage or PeekMessage function. You can use the WH_GETMESSAGE hook to monitor mouse and keyboard input and other messages posted to the message queue.
WH_GETMESSAGE程序允许应用程序监视即将由方法GetMessage 或者PeekMessage返回的消息。可以使用WH_GETMESSAGE钩子监视鼠标和键盘输入,以及其他传递给消息队列的消息。
钩子类型7:WH_JOURNALPLAYBACK Hook
The WH_JOURNALPLAYBACK hook enables an application to insert messages into the system message queue. You can use this hook to play back a series of mouse and keyboard events recorded earlier by using the WH_JOURNALRECORD Hook. Regular mouse and keyboard input is disabled as long as a WH_JOURNALPLAYBACK hook is installed. A WH_JOURNALPLAYBACK hook is a global hook — it cannot be used as a thread-specific hook.
The WH_JOURNALPLAYBACK hook returns a time-out value. This value tells the system how many milliseconds to wait before processing the current message from the playback hook. This enables the hook to control the timing of the events it plays back.
WH_JOURNALPLAYBACK钩子允许应用程序将消息插入到系统消息队列中。使用该钩子回放先前使用WH_JOURNALRECORD 钩子记录的一系列鼠标和键盘事件。在WH_JOURNALPLAYBACK被安装后,常规的鼠标和键盘输入被禁用。WH_JOURNALPLAYBACK钩子是全局钩子,不能被用作线程钩子。WH_JOURNALPLAYBACK钩子返回一个超时值。该值告诉系统在处理来自回放钩子的当前消息之前等待了多少毫秒。这允许该钩子控制回放事件的速度。
钩子类型8:WH_JOURNALRECORD Hook
The WH_JOURNALRECORD hook enables you to monitor and record input events. Typically, you use this hook to record a sequence of mouse and keyboard events to play back later by using the WH_JOURNALPLAYBACK Hook. The WH_JOURNALRECORD hook is a global hook — it cannot be used as a thread-specific hook.
WH_JOURNALRECORD钩子允许监视并且记录输入事件。典型的,使用该钩子来记录顺序的的鼠标和键盘事件,以后可以使用WH_JOURNALPLAYBACK.钩子进行回放。 该钩子是全局钩子,不能被用作进程钩子。
钩子类型9:WH_KEYBOARD_LL Hook
The WH_KEYBOARD_LL hook enables you to monitor keyboard input events about to be posted in a thread input queue.
WH_KEYBOARD_LL钩子监视在线程输入队列中,即将被传递的键盘输入事件。
钩子类型10:WH_KEYBOARD Hook
The WH_KEYBOARD hook enables an application to monitor message traffic for WM_KEYDOWN and WM_KEYUP messages about to be returned by the GetMessage or PeekMessage function. You can use the WH_KEYBOARD hook to monitor keyboard input posted to a message queue.
WH_KEYBOARD钩子允许应用程序监视即将被GetMessage 或者 PeekMessage方法返回的WM_KEYDOWN 或者 WM_KEYUP消息。使用WH_KEYBOARD钩子可以监视传递到消息队列中的键盘输入。
钩子类型11:WH_MOUSE_LL Hook
The WH_MOUSE_LL hook enables you to monitor mouse input events about to be posted in a thread input queue.
WH_MOUSE_LL钩子监视在线程输入队列中,即将被传递的鼠标输入事件。
钩子类型12:WH_MOUSE Hook
The WH_MOUSE hook enables you to monitor mouse messages about to be returned by the GetMessage or PeekMessage function. You can use the WH_MOUSE hook to monitor mouse input posted to a message queue.
WH_MOUSE钩子允许监视即将被GetMessage或者 PeekMessage方法返回的鼠标消息。使用该钩子监视传递到线程输入队列的鼠标输入。
|
/2 
发表于 2018-3-22 18:42:56
楼主
