Well, for starters, the following statement is incorrect
Code:
SetWindowsHookEx(WH_CBT, (HOOKPROC)cbtProcAddr, hDll, (DWORD) hWnd);
The fourth parm should be a thread id not a handle to a window.
It should look like this:
Code:
SetWindowsHookEx(WH_CBT, (HOOKPROC)cbtProcAddr, hDll, GetThreadIDFromWindow("Form1"));
Code:
// FS:[0x18] points to a thread’s Thread Environment Block (or TEB).
//Offset 36 points to the thread id
unsigned long GetThreadIDFromWindow(char *pWindowName)
{
HWND hWnd;
HANDLE hProcess;
unsigned long ulProcess, ulTid, ulThreadID;
hWnd = FindWindow(0, pWindowName);
GetWindowThreadProcessId(hWnd, &ulProcess);
_asm {
mov eax, fs:[0x18]
add eax, 36
mov [ulTid], eax
}
hProcess = OpenProcess(PROCESS_VM_READ, false, ulProcess);
ReadProcessMemory(hProcess, (const void *)ulTid, &ulThreadID, 4, NULL);
CloseHandle(hProcess);
return ulThreadID;
}