retrieve the global hook chain in windows

I need to get the list of functions in global hook chain in Windows and get their corresponding application if it's possible. I don't know how to retrieve information from the global hook chain however.

As far as I know there is no windows API for doing this so I think I have to find them by parsing the hook chain link l开发者_如何学JAVAist. The problem is that I don't know the data structure of this link list and it's begin address.

Does anyone know how windows manages its global hook chain?

One approach I've seen is shown in this blog post. It was referenced by this code (beware of slow server). Crazy stuff of course, no idea how well this will port between different Windows versions.

Instead of trying to walk an internal Windows structure, you know that all Window hooks must have a loaded module associated with them that has been injected into the target process; if you're trying to ensure that your own application isn't being hooked, enumerate the loaded module list and look for modules that shouldn't be there.