Hooking into the keyboard message queue

Print This Post Print This Post

Although undocumented keyboard hooking is possible. I read an article at CodeProject about hooking and wrote some applications that uses this great possibility. One result is iHook, an application that will do something like the button shortcuts applet in windows mobile. You can define keys and what application they should start.

iHook3

This application provides the user with key shortcuts to applications. All keystrokes or hot keys are transparent, this means, they are not lost and will reach the application just running in foreground. iHook2 can be started by placing a link to the exe in \Windows\Startup, by a batch file or some other AutoStart feature of the device OS.

iHook3 Version 1.3

This versions uses the registry to read the assigned keys and applications. Additionally the app is now safe and will only load once. The only argument supported is “-writereg” to write a default registry (see below).

Sample registry:

[HKEY_LOCAL_MACHINE\SOFTWARE\Intermec\iHook2]
"arg4"="iRun2.exe"
"exe4"="\\windows\\iKill2.exe"
"key4"=hex:\
      1b
"arg3"=""
"exe3"="explorer.exe"
"key3"=hex:\
      71
"arg2"=""
"exe2"="\\windows\\iSIP2.exe"
"key2"=hex:\
      74
"arg1"="-toggle"
"exe1"="\\windows\\LockTaskBar.exe"
"key1"=hex:\
      73
"arg0"=""
"exe0"="\\windows\\iRotateCN2.exe"
"key0"=hex:\
      72

New in version iHook3 (version 2.0)
recognizes CK60
adds Notification icon in taskbar

New in iHook3 (version 3.1)
recognizes CN3
supports consuming/forwarding switch for hot-keys. Use “ForwardKey” registry binary value 0 to disable forwarding hot-keys, 1 to enable forwarding hotkeys.
This new option is usefull if you have a phone device and hook the number keys. In this case disable forwarding with 0, otherwise the phone app will come in front for the number keys.

REGEDIT4
[HKEY_LOCAL_MACHINE\Software\Intermec\iHook3]
"arg0"=""
"exe0"="\\Windows\\iRotate.exe"
"key0"=hex:\
      26
"ForwardKey"=hex:\
      00

The main functionality is in here:
#pragma data_seg(".HOOKDATA")									//	Shared data (memory) among all instances.
	HHOOK g_hInstalledLLKBDhook = NULL;						// Handle to low-level keyboard hook
	//HWND hWnd	= NULL;											// If in a DLL, handle to app window receiving WM_USER+n message
#pragma data_seg()

#pragma comment(linker, "/SECTION:.HOOKDATA,RWS")		//linker directive

// The command below tells the OS that this EXE has an export function so we can use the global hook without a DLL
__declspec(dllexport) LRESULT CALLBACK g_LLKeyboardHookCallback(
   int nCode,      // The hook code
   WPARAM wParam,  // The window message (WM_KEYUP, WM_KEYDOWN, etc.)
   LPARAM lParam   // A pointer to a struct with information about the pressed key
) 
{
	/*	typedef struct {
	    DWORD vkCode;
	    DWORD scanCode;
	    DWORD flags;
	    DWORD time;
	    ULONG_PTR dwExtraInfo;
	} KBDLLHOOKSTRUCT, *PKBDLLHOOKSTRUCT;*/

	// Get out of hooks ASAP; no modal dialogs or CPU-intensive processes!
	// UI code really should be elsewhere, but this is just a test/prototype app
	// In my limited testing, HC_ACTION is the only value nCode is ever set to in CE
	static int iActOn = HC_ACTION;
	PROCESS_INFORMATION pi;
	int i;
	bool processed_key=false;
	if (nCode == iActOn) 
	{ 
		PKBDLLHOOKSTRUCT pkbhData = (PKBDLLHOOKSTRUCT)lParam;
		if ( (wParam == WM_KEYUP) && (processed_key==false) )
		{
			for (i=0; i<=lastKey; i++) 
			{
				if (pkbhData->vkCode == kMap[i].keyCode)
				{

Below is the download of the source code as done with embedded visual c 4.
DOWNLOAD:iHook3 Embedded Visual C++ 4 source code -  (Hits: 615, size: 90.75 KB)

2 Comments

  1. dale bieker says:

    Thank you Josef.

    I have been wondering if there was a way to stop keyboard events from reaching the forground application to stop keystrokes from being queued.

    This may prove to be exactly what I am looking for.

  2. BlueHornet says:

    What’s up, is there anybody else here?
    If it’s not just all bots here, let me know. I’m looking to network
    Oh, and yes I’m a real person LOL.

    Later,

Leave a Reply