Solved

Getting Programname.

Posted on 2003-11-10
8
285 Views
Last Modified: 2010-04-05
Hey, I use a hook to log the keyboard. This function send the keys to my app. Is there anyway that it also sends the application name, the program where the key is pressed.

This is the function.

function KeyHookFunc(Code, VirtualKey, KeyStroke: Integer): LRESULT; stdcall;
var
  KeyState1: TKeyBoardState;
  AryChar: array[0..1] of Char;
  Count: Integer;
begin
  Result := 0;
  if Code = HC_NOREMOVE then Exit;
  Result := CallNextHookEx(hKeyHook, Code, VirtualKey, KeyStroke);
  if Code < 0 then
    Exit;
  if Code = HC_ACTION then
  begin
    if ((KeyStroke and (1 shl 30)) <> 0) then
        hMemFile  := OpenFileMapping(FILE_MAP_WRITE, False, 'Global7v9k');
        PHookRec1 := MapViewOfFile(hMemFile, FILE_MAP_WRITE, 0, 0, 0);
        if PHookRec1 <> nil then
        begin
          hApp  := PHookRec1.AppHnd;
        end;
    if ((KeyStroke and (1 shl 30)) <> 0) then
    begin
      GetKeyboardState(KeyState1);
      Count := ToAscii(VirtualKey, KeyStroke, KeyState1, AryChar, 0);
      if Count = 1 then
      begin
        PostMessage(hApp, WM_USER + 1678, Ord(AryChar[0]), 0);
      end;
    end;
  end;
end;

Thanks.
0
Comment
Question by:JuicyJJ
  • 4
  • 3
8 Comments
 
LVL 6

Expert Comment

by:GloomyFriar
ID: 9716894
DWORD GetModuleFileName(
  HMODULE hModule,    // handle to module
  LPTSTR lpFilename,  // path buffer
  DWORD nSize         // size of buffer
);
0
 
LVL 6

Expert Comment

by:GloomyFriar
ID: 9716929
Or try something like that:

var hSnapshoot: THandle;
    pe32: TProcessEntry32;
    the32: THREADENTRY32;
    dw_pid: DWORD;

    dw_pid := GetCurrentProcessId;
    pe32.dwSize := SizeOf(TProcessEntry32);
    if (Process32First(hSnapshoot, pe32)) then
    repeat
      if dw_pid = pe32.th32ProcessID then begin
        ShowMessage('Process filename: ' + PChar(pe32.szExeFile));
        break;
      end;
    until not Process32Next(hSnapshoot, pe32);

    CloseHandle (hSnapshoot);
0
 
LVL 6

Accepted Solution

by:
DaFox earned 125 total points
ID: 9716936
Hi,

you could either get the title of the application placed in the caption bar or get the filename of the application.

1. window title
GetWindowText({...})

2. filename
var
  ModuleHandle : THandle;
  FileName : PChar;
begin
  FileName := StrAlloc(255);
  ModuleHandle := GetClassLong(WindowHandle, GCL_HMODULE);
  GetModuleFileName(ModuleHandle, FileName, 255);
  // FileName should contain the executable or dll name and path
  StrDispose(FileName);
end;

Markus
0
 

Author Comment

by:JuicyJJ
ID: 9716955
Hey thanks.
I guess GetModuleFileName is something as GetClassName, but I don't know what params to use, what the handle is.

With that other code you posted, in what unit are tprocessentry32 and threadentry32 located.

Thanks.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 6

Expert Comment

by:GloomyFriar
ID: 9717085
>With that other code you posted, in what unit are tprocessentry32 and threadentry32 located.
TlHelp32
0
 
LVL 6

Expert Comment

by:DaFox
ID: 9717086
Hi,

>> but I don't know what params to use, what the handle is.

Try GetActiveWindow().

Markus
0
 
LVL 6

Expert Comment

by:GloomyFriar
ID: 9717228
:(
0
 
LVL 6

Expert Comment

by:DaFox
ID: 9717456
PS: My solution above gets the application filename, because there's no way to get the application name of any windows program a user may run on his machine.
This snippet below tries to get the application name (!) stored in the version info of the exe. Please not that this is not 100% accurate, e.g. the "product name" of notepad is "operating system windows xxx"... So, it may not fit your needs, just wanted to add this...

Here's the code:

procedure TForm1.Button1Click(Sender: TObject);
var
  aFileName: array [0..MAX_PATH] of Char;
  pdwHandle: DWORD;
  nInfoSize: DWORD;
  pFileInfo: Pointer;
  pVarFInfo: PChar;
  nVarFInfo: DWORD;
  nVarTrans: DWORD;
  aVarFPath: array [0..MAX_PATH] of Char;
begin
  if not OpenDialog1.Execute then exit;
  StrCopy(aFileName, PChar(OpenDialog1.FileName));
  // in your hook proc you should use this next line
  // GetModuleFileName(GetActiveWindow, aFileName, MAX_PATH);
  pdwHandle := 0;
  nInfoSize := GetFileVersionInfoSize(aFileName, pdwHandle);
  if nInfoSize <> 0 then pFileInfo := GetMemory(nInfoSize) else pFileInfo := nil;
  if Assigned(pFileInfo) then
  try
    if GetFileVersionInfo(aFileName, pdwHandle, nInfoSize, pFileInfo) then
    begin
      pVarFInfo := nil;
      nVarFInfo := 0;
      if VerQueryValue(pFileInfo, '\VarFileInfo\Translation', Pointer(pVarFInfo), nVarFInfo) then
      begin
        nVarTrans := HiWord(PDWORD(pVarFInfo)^) or (Word(PDWORD(pVarFInfo)^) shl 16);
        wvsprintf(aVarFPath, '\StringFileInfo\%8.8x\', PChar(@nVarTrans));
        // (CompanyName, FileDescription, FileVersion, InternalName,
        //  LegalCopyright, OriginalFilename ProductName, ProductVersion)
        lstrcat(aVarFPath, 'ProductName');
        pVarFInfo := nil;
        nVarFInfo := 0;
        if VerQueryValue(pFileInfo, aVarFPath, Pointer(pVarFInfo), nVarFInfo) then
        begin
          Label2.Caption := 'Dateiversion (var): ' + TCaption(pVarFInfo);
        end;
      end;
    end;
  finally
    FreeMemory(pFileInfo);
  end;
end;

Regards,
Markus
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The uses clause is one of those things that just tends to grow and grow. Most of the time this is in the main form, as it's from this form that all others are called. If you have a big application (including many forms), the uses clause in the in…
Introduction I have seen many questions in this Delphi topic area where queries in threads are needed or suggested. I know bumped into a similar need. This article will address some of the concepts when dealing with a multithreaded delphi database…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now