在 C++ 中隐藏键盘记录器的控制台 window
Hiding a console window for Keylogger in C++
任何人都可以解释以下代码,该代码用于隐藏控制台windows,同时在 c++
中执行 Keylogger 项目
void hide();
int main()
{
hide();
MSG Msg;
//IO::MKDir(IO::GetOurPath(true));
//InstallHook();
while (GetMessage(&Msg, NULL, 0, 0))
{
TranslateMessage(&Msg);
DispatchMessage(&Msg);
}
//MailTimer.Stop();
return 0;
}
void hide()
{
HWND stealth;
AllocConsole();
stealth = FindWindowA("ConsoleWindowClass", NULL);
ShowWindow(stealth, 0);
}
让我们把它分解成更小的部分:
void hide();
int main()
{
hide();
MSG Msg;
//IO::MKDir(IO::GetOurPath(true));
//InstallHook();
while (GetMessage(&Msg, NULL, 0, 0))
{
TranslateMessage(&Msg);
DispatchMessage(&Msg);
}
上面的循环就是所谓的message pump. As windows GUI programs are event-driven, such a loop is the pattern to handle incoming windows messages for your windows process. As your program will be receiving the WM_QUIT message, GetMessage() will return FALSE and the loop will exit. TranslateMessage() is just there to translates virtual-key messages to character messages, for further handling down the pipeline in case you need that. DispatchMessage() is there to make sure messages being sent to specific windows will find their way to that window's WindowProc callback.
//MailTimer.Stop();
return 0;
}
void hide()
{
HWND stealth;
AllocConsole();
上面最后一行是allocating a new console for the process.。如果您的进程已经有一个控制台,则此调用失败,由 returning 零指示。
stealth = FindWindowA("ConsoleWindowClass", NULL);
FindWindowA() 所做的是 return 具有指定 class 名称的 window 的 window 句柄 (HWND) 和window 姓名。这里使用它时省略名称(第二个参数)并仅指定 class,在控制台 window 的这种情况下,只有一个 window 可以存在,[=38] =] 其中 "ConsoleWindowClass".
ShowWindow(stealth, 0);
}
All this line does 隐藏了由传递的句柄标识的 window,这是我们的控制台 window,正如我们在代码片段中此时已经知道的那样。在这种情况下,第二个参数 0 是 SW_HIDE 的枚举值,因此在这一行之后,控制台 window 被隐藏。
任何人都可以解释以下代码,该代码用于隐藏控制台windows,同时在 c++
中执行 Keylogger 项目void hide();
int main()
{
hide();
MSG Msg;
//IO::MKDir(IO::GetOurPath(true));
//InstallHook();
while (GetMessage(&Msg, NULL, 0, 0))
{
TranslateMessage(&Msg);
DispatchMessage(&Msg);
}
//MailTimer.Stop();
return 0;
}
void hide()
{
HWND stealth;
AllocConsole();
stealth = FindWindowA("ConsoleWindowClass", NULL);
ShowWindow(stealth, 0);
}
让我们把它分解成更小的部分:
void hide();
int main()
{
hide();
MSG Msg;
//IO::MKDir(IO::GetOurPath(true));
//InstallHook();
while (GetMessage(&Msg, NULL, 0, 0))
{
TranslateMessage(&Msg);
DispatchMessage(&Msg);
}
上面的循环就是所谓的message pump. As windows GUI programs are event-driven, such a loop is the pattern to handle incoming windows messages for your windows process. As your program will be receiving the WM_QUIT message, GetMessage() will return FALSE and the loop will exit. TranslateMessage() is just there to translates virtual-key messages to character messages, for further handling down the pipeline in case you need that. DispatchMessage() is there to make sure messages being sent to specific windows will find their way to that window's WindowProc callback.
//MailTimer.Stop();
return 0;
}
void hide()
{
HWND stealth;
AllocConsole();
上面最后一行是allocating a new console for the process.。如果您的进程已经有一个控制台,则此调用失败,由 returning 零指示。
stealth = FindWindowA("ConsoleWindowClass", NULL);
FindWindowA() 所做的是 return 具有指定 class 名称的 window 的 window 句柄 (HWND) 和window 姓名。这里使用它时省略名称(第二个参数)并仅指定 class,在控制台 window 的这种情况下,只有一个 window 可以存在,[=38] =] 其中 "ConsoleWindowClass".
ShowWindow(stealth, 0);
}
All this line does 隐藏了由传递的句柄标识的 window,这是我们的控制台 window,正如我们在代码片段中此时已经知道的那样。在这种情况下,第二个参数 0 是 SW_HIDE 的枚举值,因此在这一行之后,控制台 window 被隐藏。