1
I would like to know a way to monitor all processes that are using a service/ system functionality, more specifically want monitor processes requesting and modifying the position of mouse, I tried to find out how it works, but I can only find ways to change/view this data using ASM or C.
I looked at these two links [To] [B] on handling with ASM, but even so it seems that this system feature does not have a kernel control, I know that this is not so, all the resources have a kind of control.
In short: I want to know where I can directly consult the processes that are reading and writing in the addresses related to the mouse;
The language is the system are not important, any result is fine This does not leave my question too wide or out of scope, I’m questioning a way to access a system information.
That will depend fully of the operating system. The way that could be done on Windows, for example, is totally different from Linux or OS X. The tutorials you saw speak of BIOS interruptions.
– André Ribeiro
yes I imagined the difference between the two systems, about the tutorials, I imagined that it would be a form of direct access to the device ): I really wanted to know if, and how the systems control these calls
– Isvaldo Fernandes
You can write a lot about it :). An easy way to know which process is modifying the mouse position is through the function
GetCursorPos
to get the coordinates and useWindowFromPoint
to obtain the Handle from the window where the click was launched, and withGetWindowThreadProcessId
you get the id from this window and with and withOpenProcess
you recover the Handle process and finally, calls the functionQueryFullProcessImageName
with it you recover the executable that is doing this. If you are interested something for Linux, there is theptrace
– stderr
It seems Windows uses
Mouclass
to deal with mouse events and withHooking
is also possible using that call return coordinates can be obtained by theMSLLHOOKSTRUCT
.– stderr
Take a look at this page also.
– stderr
@Qmechanic73, I am looking at the links, unfortunately it would not be possible to pick up the pid by the current window, because the idea is to identify Who is manipulating the mouse, for example capture a bot that is manipulating the device.
– Isvaldo Fernandes