?
Solved

Unable to set a hook to a process created in winlogon

Posted on 2004-10-18
7
Medium Priority
?
546 Views
Last Modified: 2013-12-03
Hi,

I am having a problem not being able to hook into a process created by CreateProcess:

    STARTUPINFO si;
    PROCESS_INFORMATION pi;

    ZeroMemory( &si, sizeof(si) );
    si.cb = sizeof(si);
    si.lpDesktop = "Winsta0\\Winlogon";
    ZeroMemory( &pi, sizeof(pi) );

    if(!CreateProcess( NULL,
        TEXT("Notepad.exe"),
        NULL,
        NULL,
        TRUE,
        0,
        NULL,
        NULL,
        &si,
        &pi )
    )
    return false;

    if(!g_hHook_Keyboard)
    {
      g_lpHookProc_Keyboard = (HOOKPROC) HookProcKeyboard;
      b_Success_Keyboard = (NULL != (g_hHook_Keyboard = ::SetWindowsHookEx (WH_KEYBOARD, g_lpHookProc_Keyboard, (HINSTANCE)pi.hProcess, NULL)));
    }

It returns "false" for "b_Success_Keyboard"

Any help will be appreciated..
Thanks a lot.
0
Comment
Question by:ewong_111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 86

Expert Comment

by:jkr
ID: 12343463
You need to change your process'/threads window station and desktop using the appropriate APIs ('SetProcessWindowStation()'/'SetThreadDesktop()') to the one the process that you want to hook is using, otherwise it won't work.
0
 
LVL 2

Author Comment

by:ewong_111
ID: 12349287
jkr..

I have inserted the follow code before the "if(!g_hHook_Keyboard)"

      HWINSTA h_Winsta = OpenWindowStation((LPCTSTR)"Winsta0", TRUE, GENERIC_ALL);
      if (!SetProcessWindowStation(h_Winsta)) AfxMessageBox("SetProcessWindowStation Failed");

      HDESK h_Desk = OpenDesktop((LPCTSTR)"Winlogon", 0, TRUE, GENERIC_ALL);
      if (!SetThreadDesktop(h_Desk)) AfxMessageBox("SetThreadDesktop Failed");

but unfortunately it still returns "false" for "b_Success_Keyboard"

      if (b_Success_Keyboard) AfxMessageBox("Success on Keyboard Hook");
      else AfxMessageBox("Failed on Keyboard Hook");

but now the AfxMessageBox is showing up in the "Winlogon" desktop now.
Any more ideas?
Thanks a lot.
0
 
LVL 86

Accepted Solution

by:
jkr earned 2000 total points
ID: 12349343
Ay, wasn't paying attention to the term 'Keyboard Hook' - you will not be allowed to install such a hook on the winlogon desktop for security reasons, since that would enable you to grab the passwords that are entered there...
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 2

Author Comment

by:ewong_111
ID: 12349361
so, what kind of hook will be allowed there?
and is it true for Screen-saver also?
Thanks again..
0
 
LVL 86

Expert Comment

by:jkr
ID: 12354378
Actually, what is it that you have to hook the logon desktop for? To know the purpose might help to find a suggestion around that :o)
0
 
LVL 2

Author Comment

by:ewong_111
ID: 12360615
jkr,

Thanks a lot for your help, but you have already answered this question in another question I posted.
http://www.experts-exchange.com/Programming/Programming_Platforms/Win_Prog/Q_21174306.html
I guess you just have too many questions each day to answer that you didn't notice it right?
Thanks again for your motivation for helping..

:D
0
 
LVL 86

Expert Comment

by:jkr
ID: 12360863
Well, I thought these were two completely separate issues :o)
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

zlib is a free compression library (a DLL) on which the popular gzip utility is built.  In this article, we'll see how to use the zlib functions to compress and decompress data in memory; that is, without needing to use a temporary file.  We'll be c…
For most people, the WrapPanel seems like a magic when they switch from WinForms to WPF. Most of us will think that the code that is used to write a control like that would be difficult. However, most of the work is done by the WPF engine, and the W…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question