NASM - The Netwide Assembler
NASM Forum => Programming with NASM => Topic started by: ngochuan1st on September 16, 2012, 09:38:06 AM
-
Hello all, I don't know how to Set Up The KeyBoard Hook by SetWindowsHookExA in nasm... :(
-
First, don't cross post. Having multiple topics with the same question doesn't improve your chances of getting your question answered, it just makes more work for the moderators who have to clean up after you.
As for the code, SetWindowsHookExA is pretty straight forward. I was going to refer you to Iczelion's site, but it seems it's no longer online (pitty). IIRC it should be something like this:
;; Translates to the C expression:
;; SetWindowsHookA(WH_MOUSE,SomeStdCallProcedure,GetModuleHandle(NULL), NULL);
;;
xor eax, eax ; eax = 0
push eax
push eax
call GetModuleHandleA
push eax ; eax = hInstance
push dword SomeStdCallProcedure
push dword 7 ; WH_MOUSE
call SetWindowsHookExA
;; At this point, EAX contains your hooked handle. Save it for use with UnhookWindowsHookExA
-
This is full code, that's not work!!!
i'm using NASM and ALINK (on Windows 7 32bit Professional)
; nasm -fobj dllHook.asm
; alink -oPE -dll dllHook.obj win32.lib
and
; nasm -fobj Call.asm
; alink -oPE Call.obj
dllHook.asm (dllHook.dll)
global dllstart
export dllstart
global KeyBoardHook
export KeyBoardHook
global SetHook
export SetHook
global hHook
;--------------------------------------------
%include 'win32.inc'
[extern GetModuleHandleA]
[extern SetWindowsHookExA]
[extern CallNextHookEx]
[extern MessageBoxA]
segment data public use32 class=DATA
Module db 'dllHook',0
lpText db 'Key A is Pressed',0
lpCaption db 'Key A',0
lpErrorC db 'Error',0
lpErrorT db 'Cannot Set Hook',0
hHook dd 0
hHandle dd 0
segment .code use32
;DLL entry point - do nothing, but flag success
;This is a STDCALL entrypoint, so remove 3 params from stack on return
..start:
dllstart:
mov eax,1
ret 12
;exported procedure
KeyBoardHook:
%define nCode ebp+8
%define wParam ebp+0Ch
%define lParam ebp+10h
;--------------------------------------
mov eax, [nCode]
cmp eax, 0
je .reCallNextHookEx
cmp eax, HC_ACTION
jne .reCallNextHookEx
xor eax,eax
mov eax, [wParam]
cmp eax, 41h ; if wParam= 'A' then show messagebox
je .MsgBox
jmp .reCallNextHookEx
.MsgBox:
push 0
push dword lpCaption
push dword lpText
push 0
call MessageBoxA
jmp .RetProcHook
.reCallNextHookEx:
push dword [lParam]
push dword [wParam]
push dword [nCode]
push dword [hHook]
call CallNextHookEx
;-----------------------------------------
.RetProcHook:
ret
SetHook:
push dword Module
call GetModuleHandleA
cmp eax, 0
je .notHook
mov [hHandle], eax
push 0
push dword [hHandle]
push dword KeyBoardHook
push WH_KEYBOARD
call SetWindowsHookExA
cmp eax,0
je .notHook
mov [hHook], eax
jmp .RetProcSet
.notHook:
push byte 0
push dword lpErrorC
push dword lpErrorT
push byte 0
call MessageBoxA
.RetProcSet:
ret
;-----------------------------
Call.asm (Call function in dllHook.dll)
extern SetHook
import SetHook dllHook.dll
extern ExitProcess
import ExitProcess kernel32.dll
extern _getch
import _getch msvcrt.dll
segment .data USE32
lpText db 'Hello',0
lpCaption db 'Welcome',0
..start:
;-------------------------------
call [SetHook]
call [_getch]
;-------------------------------
push dword 0
call [ExitProcess]
;-------------------------------
-
I can't test this (not running Windows), but according to the bizzare theory that "code is code", these minor changes might possibly help...
global dllstart
export dllstart
global KeyBoardHook
export KeyBoardHook
global SetHook
export SetHook
global hHook
;--------------------------------------------
%include 'win32.inc'
[extern GetModuleHandleA]
[extern SetWindowsHookExA]
[extern CallNextHookEx]
[extern MessageBoxA]
segment data public use32 class=DATA
Module db 'dllHook',0
lpText db 'Key A is Pressed',0
lpCaption db 'Key A',0
lpErrorC db 'Error',0
lpErrorT db 'Cannot Set Hook',0
hHook dd 0
hHandle dd 0
segment .code use32
;DLL entry point - do nothing, but flag success
;This is a STDCALL entrypoint, so remove 3 params from stack on return
..start:
dllstart:
mov eax,1
ret 12
;exported procedure
KeyBoardHook:
%define nCode ebp+8
%define wParam ebp+0Ch
%define lParam ebp+10h
;--------------------------------------
; in order for above to make sense...
push ebp
mov ebp, esp
mov eax, [nCode]
cmp eax, 0
je .reCallNextHookEx
cmp eax, HC_ACTION
jne .reCallNextHookEx
xor eax,eax
mov eax, [wParam]
cmp eax, 41h ; if wParam= 'A' then show messagebox
je .MsgBox
jmp .reCallNextHookEx
.MsgBox:
push 0
push dword lpCaption
push dword lpText
push 0
call MessageBoxA
jmp .RetProcHook
.reCallNextHookEx:
push dword [lParam]
push dword [wParam]
push dword [nCode]
push dword [hHook]
call CallNextHookEx
;-----------------------------------------
.RetProcHook:
; unwind stack frame
leave
; and probably...
ret 12
SetHook:
push dword Module
call GetModuleHandleA
cmp eax, 0
je .notHook
mov [hHandle], eax
push 0
push dword [hHandle]
push dword KeyBoardHook
push WH_KEYBOARD
call SetWindowsHookExA
cmp eax,0
je .notHook
mov [hHook], eax
jmp .RetProcSet
.notHook:
push byte 0
push dword lpErrorC
push dword lpErrorT
push byte 0
call MessageBoxA
.RetProcSet:
ret
;-----------------------------
Bryant sez:
I was going to refer you to Iczelion's site, but it seems it's no longer online (pitty).
Ouch! Bummer! What are we gonna do?
Best,
Frank
-
I wasn't able to get your code to work, so I rewrote it. I broke this up into several files and ported a NASMX build.bat file. Since the windows system that I have access to uses NASMX, I used the tools available with it (nasm.exe, gorc.exe, golink.exe). If you look into the build.bat file, you'll notice this computer used the default NASM installation location (C:\Program Files\nasm) and if you have NASM installed elsewhere, that will need to be changed.
-
Bryant sez:
I was going to refer you to Iczelion's site, but it seems it's no longer online (pitty).
Ouch! Bummer! What are we gonna do?
You could try:
http://www.asmcommunity.net/book/tutorials/iczelion/
Though it's not yet finished being updated..
-
i'm hooked in masm32, but i want to hook in nasm.
Thanks Frank Kotler, i'm trying...
-
i think this code have a problem in SetHook function...
-
i'm hooked in masm32, but i want to hook in nasm.
Check out the attachment I posted. It was written for NASM, it just uses golink instead of alink (and gorc for the call.asm test program's dialog).
-
i'm checked but it's not work !!! :(
-
Could you give me a little more information? What errors are you getting?
-
it's not show a messagebox when i press 'A'.
-
This code should show a dialog that, when in focus, it shows a message box every time you hit a key. I run the build.bat script and tested it again, it seems to be working on this XP/32 system. This zip file contains the binaries. Try running them and see if you get the results I describe, if so, then it's a problem in how you're building the project, if not then it seems there is something on your system preventing it from working correctly. :-\
-
my computer not have Golink.exe???
-
Both GoRC and GoLINK can be obtained from Jeremy Gordon's Site (http://www.godevtool.com/#rc). You should put them in the same directory that nasm.exe is in.
-
i have run build.bat, it's show error...
-
GoRC is available at the same URL it's the "Resource Compiler". It should also go in the same directory as NASM. The warnings are because I use a slightly unconventional (yet not completely unsupported) method of declaring the procedure label before I use the "global" directive to specify it's properties. Those warnings can be ignored, it doesn't hurt anything.
-
ok, i'm try to rebuild it..., thanks.
-
This code worked, thanks Bryant Keller.
-
No problem. ;D
-
If you were treading on thin ice before, you've just fell in the water. Virus coding isn't something that anyone is going to help you with.
Topic Locked