BOOL LoadDesktopViewFuckItems(void)
{
HWND hDeskTop;
hDeskTop = ::FindWindow("progman",NULL);
hDeskTop = ::FindWindowEx(hDeskTop,0,"shelldll_defview",NULL);
hDeskTop = ::FindWindowEx(hDeskTop,0,"syslistview32",NULL);
int TotalNum = ListView_GetItemCount( hDeskTop );
int iNumSt = 5;
DWORD dwProcessId;
GetWindowThreadProcessId(hDeskTop,&dwProcessId); /* 取explorer.exe句柄. */
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE,dwProcessId);
if(hProcess != NULL)
{
char acBuffer[MAX_PATH] = {0};
for(int i = 0; i < TotalNum; i ++)
{
memset(acBuffer, 0, sizeof(acBuffer));
ListView_GetItemText(hDeskTop,i,0,acBuffer,MAX_PATH - 2);
}
CloseHandle(hProcess);
}
return TRUE;
}
uj5u.com熱心網友回復:
是這樣的吧,不能獲取其它行程的填到自己行程的記憶體塊里;可以通過 VirtualAllocEx() 在對方行程里分配塊記憶體,用來存放獲取的內容,然后 ReadProcessMemory() 再從那里復制到自己行程里來。網上有很多示例的,如 http://bbs.csdn.net/topics/360118263
uj5u.com熱心網友回復:
BOOL LoadDesktopViewFuckItems(void){
CoInitialize(NULL);
InitCommonControls();
HWND hDeskTop;
hDeskTop = ::FindWindow("progman",NULL);
hDeskTop = ::FindWindowEx(hDeskTop,0,"shelldll_defview",NULL);
hDeskTop = ::FindWindowEx(hDeskTop,0,"syslistview32",NULL);
int TotalNum = ListView_GetItemCount( hDeskTop );
int iNumSt = 5;
DWORD dwProcessId;
GetWindowThreadProcessId(hDeskTop,&dwProcessId); /* 取explorer.exe句柄. */
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE,dwProcessId);
char acBuffer[MAX_PATH] = {0};
LVITEM* pkLvitem = (LVITEM*)VirtualAllocEx(hProcess,NULL,sizeof(LVITEM),MEM_COMMIT,PAGE_READWRITE);
SIZE_T kSize;
for(int i = 0 ; i < TotalNum ; ++i)
{
_TCHAR *pkAcBuffer = (_TCHAR *)VirtualAllocEx(hProcess,NULL,sizeof(_TCHAR)*512,MEM_COMMIT,PAGE_READWRITE);
LVITEM _macro_lvi;
::memset(&_macro_lvi,0,sizeof(LVITEM));
_macro_lvi.iItem = i;
_macro_lvi.iSubItem = 1;
_macro_lvi.cchTextMax = sizeof(_TCHAR)*512;
_macro_lvi.pszText = (pkAcBuffer);
DWORD dwWriteBytes = 0;
::WriteProcessMemory(hProcess,pkLvitem,&_macro_lvi,sizeof(LVITEM),&dwWriteBytes);
::SendMessage((hDeskTop), LVM_GETITEMTEXT, (WPARAM)(i), (LPARAM)(LV_ITEM *)pkLvitem);
::memset(acBuffer,0,sizeof(acBuffer));
ReadProcessMemory(hProcess,pkAcBuffer,acBuffer,256,&kSize);
int iValue = 100;
iValue += 100;
::VirtualFreeEx(hProcess,pkAcBuffer,0,MEM_RELEASE);
}
::VirtualFreeEx(hProcess,pkLvitem,0,MEM_RELEASE);
CloseHandle(hProcess);
CoUninitialize();
return TRUE;
}
//我更改了代碼發現還是無法讀取里面的內容
uj5u.com熱心網友回復:
#include <Windows.h>#include <objbase.h>
#include <shlwapi.h>
#include <shlobj.h>
#include <shellapi.h>
#include <stdint.h>
#include <set>
#pragma comment(lib, "uuid.lib")
#pragma comment(lib, "ole32.lib")
#pragma comment(lib, "shell32.lib")
#pragma comment(lib, "shlwapi.lib")
#include <Commctrl.h>
#pragma comment(lib,"Comctl32.lib")
#include <commoncontrols.h>
#include <assert.h>
void LoadFuckSmaple(void)
{
HWND hwnd;
int iItem=0;
char ItemBuf[512];
DWORD PID;
HANDLE hProcess = NULL;
LVITEM lvitem = {0};
LVITEM *plvitem = NULL;
hwnd=::FindWindow("#32770","Windows 任務管理器");
hwnd=::FindWindowEx(hwnd,0,"#32770",0);
hwnd=::FindWindowEx(hwnd,0,"SysListView32",0);
char *pItem = NULL;
iItem = ListView_GetItemCount(hwnd);
if (!hwnd)
{
::MessageBox(NULL,"[Windows 任務管理器] 尚未啟動!","錯誤!",NULL);
return;
}
GetWindowThreadProcessId(hwnd, &PID);
hProcess=OpenProcess(PROCESS_ALL_ACCESS,false,PID);
if (hProcess != NULL)
{
plvitem=(LVITEM*)VirtualAllocEx(hProcess, NULL, sizeof(LVITEM), MEM_COMMIT, PAGE_READWRITE);
pItem=(char*)VirtualAllocEx(hProcess, NULL, 512, MEM_COMMIT, PAGE_READWRITE);
if (plvitem && pItem)
{
for(int i=0;i<iItem;i++)
{
lvitem.cchTextMax=512;
lvitem.iSubItem=1; //這個其實是項id
lvitem.pszText=pItem;
WriteProcessMemory(hProcess, plvitem, &lvitem, sizeof(LVITEM), NULL);
::SendMessage(hwnd, LVM_GETITEMTEXT, i, (LPARAM)plvitem);
ReadProcessMemory(hProcess, pItem, ItemBuf,256, NULL);
}
}
}
//釋放記憶體
CloseHandle(hProcess);
VirtualFreeEx(hProcess, plvitem, 0, MEM_RELEASE);
VirtualFreeEx(hProcess, pItem, 0, MEM_RELEASE);
}
int _tmain(int argc, _TCHAR* argv[])
{
LoadFuckSmaple();
return 0;
}
還是木有辦法讀取這個是網上的,聽說已經讀取了,是不是和我的系統有關,WINDOWS7
uj5u.com熱心網友回復:
逐個功能呼叫停下來看看結果是否成功,看看問題在哪個呼叫上uj5u.com熱心網友回復:
已經解決了,是64位程式問題,因為視窗行程是64位的,所以結構會有問題uj5u.com熱心網友回復:
非管理員級的不同用戶間的行程,這個代碼也是不行的,CreateProcess() 會被拒絕,因為沒有 debug 權限;通常只有管理員的才可以獲取其他用戶的行程的內容。你 3# 的這個代碼,xp 下是不行的吧,win7 應該可以的;因為默認地,vc 好像將 PROCESS_ALL_ACCESS 整成了 0x1FFFFF,但對 xp 來說,這個值得是 0x1F0FFF 。
uj5u.com熱心網友回復:
大神,64位怎么解決的,給個方案吧uj5u.com熱心網友回復:
確實 改成64位就可以了 謝謝
uj5u.com熱心網友回復:
#include <windows.h>
#include <commctrl.h>
#pragma comment(lib, "comctl32")
#include <stdio.h>
#include <string>
#include <sstream>
#include <iostream>
#include <stddef.h>
#include <stdlib.h>
#include <cstdlib>
#include <cstddef>
using namespace std;
HWND hwnd0,hwnd1,hwnd2,hwnd3;
int total;
int a=0;
int b=0;
TCHAR* ClassName = TEXT("MyWindow");
TCHAR* TitleName = TEXT("任務管理器測驗");
CHAR szText[100] = TEXT("總任務數:");
LRESULT CALLBACK WndProc(HWND hwnd,UINT message,WPARAM wParam,LPARAM lParam);
int WINAPI WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPTSTR lpszCmdLine,int nCmdShow)
{
HWND hwnd;
MSG msg;
WNDCLASS wndclass;
wndclass.hbrBackground =(HBRUSH)COLOR_WINDOW; //視窗背景
wndclass.hCursor = LoadCursor(NULL,IDC_ARROW); //滑鼠
wndclass.hIcon = LoadIcon(NULL,IDI_QUESTION); //圖示
wndclass.lpszClassName = ClassName;
wndclass.cbClsExtra = 0;
wndclass.cbWndExtra = 0;
wndclass.lpszMenuName = NULL;
wndclass.style = CS_HREDRAW | CS_VREDRAW; //視窗風格
wndclass.lpfnWndProc = WndProc;
wndclass.hInstance = hInstance;
if( !RegisterClass(&wndclass) )
return 0;
hwnd = CreateWindow(
ClassName, // 視窗類名
TitleName, //視窗標題
WS_OVERLAPPEDWINDOW, //視窗風格
CW_USEDEFAULT, //初始的x坐標
CW_USEDEFAULT,
400, //初始的寬度
600,
NULL,
NULL,
hInstance,
NULL
);
//視窗居中
RECT rect;
int xLeft,yTop;
GetWindowRect(hwnd,&rect);
xLeft = (GetSystemMetrics(SM_CXFULLSCREEN)-(rect.right-rect.left))/2;
yTop = (GetSystemMetrics(SM_CYFULLSCREEN)-(rect.bottom-rect.top))/2;
SetWindowPos(hwnd, HWND_TOPMOST, xLeft,yTop,-1,-1, SWP_NOSIZE | SWP_NOZORDER);
ShowWindow( hwnd,nCmdShow );
UpdateWindow( hwnd );
while( GetMessage(&msg,NULL,0,0) )
{
TranslateMessage(&msg);
DispatchMessage(&msg);
}
return msg.wParam;
}
DWORD WINAPI PBThreadProc( LPVOID lpParameter )
{
HWND hwndPB = (HWND) lpParameter; //進度條的視窗句柄
PBRANGE range; //進度條的范圍
hwnd1 = FindWindowEx(0,0,"#32770","Windows 任務管理器");
hwnd2 = FindWindowEx(hwnd1,NULL,"#32770","Processes");
hwnd3 = FindWindowEx(hwnd2,NULL,"SysListView32","行程");
/*
hwnd0 = FindWindowEx(0,0,"AfxMDIFrame42s","");
hwnd1 = FindWindowEx(hwnd0,NULL,"#32770","");
hwnd2 = FindWindowEx(hwnd1,NULL,"#32770","");
hwnd3 = FindWindowEx(hwnd2,NULL,"SysListView32","List1");
*/
if(!hwnd3)
{
HWND hwnd_box = FindWindowEx(0,0,ClassName,TitleName);
MessageBox(hwnd_box,"程式未啟動!","友情提示",MB_ICONEXCLAMATION);
}
//獲取總條數
total = SendMessage(hwnd3, LVM_GETITEMCOUNT, 0, 0);
SendMessage( hwndPB, PBM_SETRANGE ,
(WPARAM)0, (LPARAM)(MAKELPARAM(0,total)) );//設定進度條的范圍
SendMessage( hwndPB, PBM_GETRANGE,
(WPARAM)TRUE,
(LPARAM)&range );
while(TRUE)
{
SendMessage( hwndPB, PBM_DELTAPOS, //設定進度條的新位置為當前位置加上范圍的1/20
(WPARAM)1, (LPARAM)0 );//((range.iHigh-range.iLow)/20)
if( SendMessage( hwndPB, PBM_GETPOS, (WPARAM)0, (LPARAM)0 ) //取得進度條當前位置
== range.iHigh )
{
break;
}
}
//int number = ListView_GetItemCount(hwnd3);
}
DWORD WINAPI BeingCount()
{
}
LRESULT WINAPI WndProc( HWND hwnd,UINT message,WPARAM wParam,LPARAM lParam )
{
HDC hdc;
PAINTSTRUCT ps;
HFONT hFont;
static HWND hwndPB;
switch( message )
{
case WM_CREATE:
{
InitCommonControls(); //確保已注冊了進度條類PROGRESS_CLASS
hwndPB = CreateWindowEx(
0,
PROGRESS_CLASS,
NULL,
WS_CHILD | WS_VISIBLE,
0,0,0,0, //位置和大小在WM_SIZE中設定
hwnd,
(HMENU)0,
((LPCREATESTRUCT)lParam)->hInstance,
NULL);
CreateThread( //操作進度條的執行緒
NULL,
0,
(LPTHREAD_START_ROUTINE)PBThreadProc,
hwndPB,
0,
0
);
CreateThread( //回圈對比執行緒
NULL,
0,
(LPTHREAD_START_ROUTINE)BeingCount,
hwndPB,
0,
0
);
return 0;
}
case WM_SIZE:
{
RECT rc;
GetClientRect(hwnd, &rc);
MoveWindow(
hwndPB,
10,//rc.left 距離左邊距
35,//(rc.bottom - rc.top )/9 距離上邊距
(rc.right - rc.left)-20,// 進度條長度
25,//(rc.bottom - rc.top )/12 進度條高度
TRUE
);
return 0;
}
case WM_PAINT:
{
CHAR hint[10];
//開始繪圖并回傳環境句柄
hdc = BeginPaint (hwnd, &ps);
hFont=CreateFont(20,0,0,0,0,0,0,0,GB2312_CHARSET,0,0,0,0,TEXT("微軟雅黑"));
SetBkMode(hdc,TRANSPARENT);//字體背景不變
(HFONT)SelectObject(hdc,hFont);
TextOut(hdc, 10, 10, szText, lstrlen(szText));
TextOut(hdc, 80, 10, _itoa(total,hint,10), lstrlen(_itoa(total,hint,10)));
CHAR h[50] = TEXT("SYSTEM :");
TextOut(hdc, 10, 70, h, lstrlen(h));
CHAR h1[50] = TEXT("w_zhanghf :");
TextOut(hdc, 10, 95, h1, lstrlen(h1));
//if...else if...else
TCHAR szBuf[1024];
int i=0;
CHAR hint1[100] = TEXT("總任務數:");
CHAR system[100] = TEXT("SYSTEM");
DWORD PID ;
int iItem=0;
LV_ITEM lvitem, *plvitem;
char itemText[512],*pItem;
DWORD dword = GetWindowThreadProcessId(hwnd,&PID);
HANDLE hProcess=OpenProcess(PROCESS_ALL_ACCESS,false,PID);
if(hProcess != NULL)
{
for(i=0; i < total; i++)
{
lvitem.iItem = i;
lvitem.iSubItem = 1;
lvitem.pszText = szBuf;
lvitem.cchTextMax = 1024;
if(hwnd3 != NULL)
{
ListView_GetItem(hwnd3,&lvitem);
}else
{
HWND hwnd_box = FindWindowEx(0,0,ClassName,TitleName);
MessageBox(hwnd_box,"無法獲取目標程式句柄!","友情提示",MB_ICONEXCLAMATION);
}
string str = szBuf;
printf("%s",szBuf);
/**
memset(itemText, 0, sizeof(itemText));
ListView_GetItemText(hwnd3,i,1,itemText,1024);
//string str = itemText;
printf("%s\n",itemText);
**/
//char比較是否相等
if (strcmp(szBuf,system)==0)
{
b+=1;
}
//判斷char字串是否包含
if (strstr(szText,hint1) != NULL)
{
a+=1;
}
}
CloseHandle(hProcess);
}
/**
if(!hProcess)
{
HWND hwnd_box = FindWindowEx(0,0,ClassName,TitleName);
MessageBox(hwnd_box,"操作失敗!","友情提示",MB_ICONEXCLAMATION);
}else{
plvitem=(LVITEM*)VirtualAllocEx(hProcess, NULL, sizeof(LVITEM), MEM_COMMIT, PAGE_READWRITE);
pItem=(char*)VirtualAllocEx(hProcess, NULL, 512, MEM_COMMIT, PAGE_READWRITE);
if ((!plvitem)||(!pItem))
{
HWND hwnd_box = FindWindowEx(0,0,ClassName,TitleName);
MessageBox(hwnd_box,"無法分配記憶體!","友情提示",MB_ICONEXCLAMATION);
}else{
lvitem.cchTextMax=512;
lvitem.iItem=1;
//lvitem.iSubItem=1;//PID
lvitem.iSubItem=1; //ProcessName
lvitem.pszText=pItem;
WriteProcessMemory(hProcess, plvitem, &lvitem, sizeof(LVITEM), NULL);
//SendMessage(hwnd3, LVM_GETITEMTEXT, (WPARAM)iItem, (LPARAM)plvitem);
ListView_GetItem(hwnd3,&lvitem);
ReadProcessMemory(hProcess, pItem, itemText, 512, NULL);
MessageBox(NULL,itemText,"itemText",NULL);
}
//釋放記憶體
CloseHandle(hwnd3);
CloseHandle(hProcess);
VirtualFreeEx(hProcess, plvitem, 0, MEM_RELEASE);
VirtualFreeEx(hProcess, pItem, 0, MEM_RELEASE);
}
**/
TextOut(hdc, 82, 70,_itoa(b,hint,10), lstrlen(_itoa(b,hint,10)));
TextOut(hdc, 102, 95,_itoa(a,hint,10), lstrlen(_itoa(a,hint,10)));
EndPaint (hwnd, &ps) ;
return 0 ;
}
case WM_DESTROY:
PostQuitMessage(0);
return 0;
}
return DefWindowProc( hwnd,message,wParam,lParam );
}
麻煩問一下大神這段代碼為什么獲取不到SysListView32的item內容呢?
uj5u.com熱心網友回復:
DWORD PID ;int iItem=0;
LV_ITEM lvitem, *plvitem;
char itemText[512],*pItem;
DWORD dword = GetWindowThreadProcessId(hwnd,&PID);
HANDLE hProcess=OpenProcess(PROCESS_ALL_ACCESS,false,PID);
if(hProcess != NULL)
{
for(i=0; i < total; i++)
{
lvitem.iItem = i;
lvitem.iSubItem = 1;
lvitem.pszText = szBuf;
lvitem.cchTextMax = 1024;
if(hwnd3 != NULL)
{
ListView_GetItem(hwnd3,&lvitem);
}else
{
HWND hwnd_box = FindWindowEx(0,0,ClassName,TitleName);
MessageBox(hwnd_box,"無法獲取目標程式句柄!","友情提示",MB_ICONEXCLAMATION);
}
string str = szBuf;
printf("%s",szBuf);
/**
memset(itemText, 0, sizeof(itemText));
ListView_GetItemText(hwnd3,i,1,itemText,1024);
//string str = itemText;
printf("%s\n",itemText);
**/
//char比較是否相等
if (strcmp(szBuf,system)==0)
{
b+=1;
}
//判斷char字串是否包含
if (strstr(szText,hint1) != NULL)
{
a+=1;
}
}
CloseHandle(hProcess);
}
為什么獲取不到內容呢?
uj5u.com熱心網友回復:
DWORD PID ;
int iItem=0;
LV_ITEM lvitem, *plvitem;
char itemText[512],*pItem;
DWORD dword = GetWindowThreadProcessId(hwnd,&PID);
HANDLE hProcess=OpenProcess(PROCESS_ALL_ACCESS,false,PID);
if(hProcess != NULL)
{
for(i=0; i < total; i++)
{
lvitem.iItem = i;
lvitem.iSubItem = 1;
lvitem.pszText = szBuf;
lvitem.cchTextMax = 1024;
if(hwnd3 != NULL)
{
ListView_GetItem(hwnd3,&lvitem);
}else
{
HWND hwnd_box = FindWindowEx(0,0,ClassName,TitleName);
MessageBox(hwnd_box,"無法獲取目標程式句柄!","友情提示",MB_ICONEXCLAMATION);
}
string str = szBuf;
printf("%s",szBuf);
/**
memset(itemText, 0, sizeof(itemText));
ListView_GetItemText(hwnd3,i,1,itemText,1024);
//string str = itemText;
printf("%s\n",itemText);
**/
//char比較是否相等
if (strcmp(szBuf,system)==0)
{
b+=1;
}
//判斷char字串是否包含
if (strstr(szText,hint1) != NULL)
{
a+=1;
}
}
CloseHandle(hProcess);
}
為什么獲取不到內容呢?
uj5u.com熱心網友回復:
你這好像是想直接從其它行程的 LV控制元件里讀取啊,當然不行了,上面已經解釋過的。可以參考上面也提及的下面的這個帖子里的具體的操作方法;網上搜索下也行,有不少這方面內容的。
http://bbs.csdn.net/topics/360118263
轉載請註明出處,本文鏈接:https://www.uj5u.com/caozuo/91289.html
標籤:Windows客戶端使用