PE工具界面一
// ssssa.cpp : Defines the entry point for the application. // #include "stdafx.h" #include"resource.h" #include <commctrl.h> #pragma comment(lib,"comctl32.lib") HINSTANCE hAppInstance; VOID EnumProcess(HWND hListProcess) { LV_ITEM vitem; //初始化 memset(&vitem,0,sizeof(LV_ITEM)); vitem.mask = LVIF_TEXT; vitem.pszText = "csrss.exe"; //第几行 vitem.iItem = 0; //第几列 vitem.iSubItem = 0; //ListView_InsertItem(hListProcess, &vitem); SendMessage(hListProcess, LVM_INSERTITEM,0,(DWORD)&vitem); vitem.pszText = TEXT("448"); vitem.iItem = 0; vitem.iSubItem = 1; ListView_SetItem(hListProcess, &vitem); vitem.pszText = TEXT("56590000"); vitem.iItem = 0; vitem.iSubItem = 2; ListView_SetItem(hListProcess, &vitem); vitem.pszText = TEXT("000F0000"); vitem.iItem = 0; vitem.iSubItem = 3; ListView_SetItem(hListProcess, &vitem); vitem.pszText = TEXT("winlogon.exe"); vitem.iItem = 1; vitem.iSubItem = 0; //ListView_InsertItem(hListProcess, &vitem); SendMessage(hListProcess, LVM_INSERTITEM,0,(DWORD)&vitem); vitem.pszText = TEXT("456"); vitem.iSubItem = 1; ListView_SetItem(hListProcess, &vitem); vitem.pszText = TEXT("10000000"); vitem.iSubItem = 2; ListView_SetItem(hListProcess, &vitem); vitem.pszText = TEXT("000045800"); vitem.iSubItem = 3; ListView_SetItem(hListProcess, &vitem); } VOID InitProcessListView(HWND hDlg) { LV_COLUMN lv; HWND hListProcess; //初始化 memset(&lv,0,sizeof(LV_COLUMN)); //获取IDC_LIST_PROCESS句柄 hListProcess = GetDlgItem(hDlg,IDC_LIST_PROCESS); //设置整行选中 SendMessage(hListProcess,LVM_SETEXTENDEDLISTVIEWSTYLE,LVS_EX_FULLROWSELECT,LVS_EX_FULLROWSELECT); //第一列 lv.mask = LVCF_TEXT | LVCF_WIDTH | LVCF_SUBITEM; lv.pszText = TEXT("进程"); //列标题 lv.cx = 200; //列宽 lv.iSubItem = 0; //ListView_InsertColumn(hListProcess, 0, &lv); SendMessage(hListProcess,LVM_INSERTCOLUMN,0,(DWORD)&lv); //第二列 lv.pszText = TEXT("PID"); lv.cx = 100; lv.iSubItem = 1; //ListView_InsertColumn(hListProcess, 1, &lv); SendMessage(hListProcess,LVM_INSERTCOLUMN,1,(DWORD)&lv); //第三列 lv.pszText = TEXT("镜像基址"); lv.cx = 100; lv.iSubItem = 2; ListView_InsertColumn(hListProcess, 2, &lv); //第四列 lv.pszText = TEXT("镜像大小"); lv.cx = 100; lv.iSubItem = 3; ListView_InsertColumn(hListProcess, 3, &lv); EnumProcess(hListProcess); } VOID InitModuleListView(HWND hDlg) { LV_COLUMN lv; HWND hListProcess; //初始化 memset(&lv,0,sizeof(LV_COLUMN)); //获取IDC_LIST_PROCESS句柄 hListProcess = GetDlgItem(hDlg,IDC_LIST_MODULE); //设置整行选中 SendMessage(hListProcess,LVM_SETEXTENDEDLISTVIEWSTYLE,LVS_EX_FULLROWSELECT,LVS_EX_FULLROWSELECT); //第一列 lv.mask = LVCF_TEXT | LVCF_WIDTH | LVCF_SUBITEM; lv.pszText = TEXT("模块名称"); //列标题 lv.cx = 200; //列宽 lv.iSubItem = 0; //ListView_InsertColumn(hListProcess, 0, &lv); SendMessage(hListProcess,LVM_INSERTCOLUMN,0,(DWORD)&lv); //第二列 lv.pszText = TEXT("模块位置"); lv.cx = 300; lv.iSubItem = 1; //ListView_InsertColumn(hListProcess, 1, &lv); SendMessage(hListProcess,LVM_INSERTCOLUMN,1,(DWORD)&lv); } VOID EnumModules(HWND hListProcess, WPARAM wParam, LPARAM lParam) { DWORD dwRowId; TCHAR szPid[0x20]; LV_ITEM lv; //初始化 memset(&lv, 0, sizeof(LV_ITEM)); memset(szPid, 0, sizeof(szPid)); //获取选择行 dwRowId = SendMessage(hListProcess, LVM_GETNEXTITEM, -1, LVNI_SELECTED); if(dwRowId == -1) { MessageBox(NULL, TEXT("ERROR"), TEXT("ERROR"), MB_OK); return; } //获取PID lv.iSubItem = 1; lv.pszText = szPid; lv.cchTextMax = 0x20; SendMessage(hListProcess, LVM_GETITEMTEXT, dwRowId, (DWORD)&lv); MessageBox(NULL, szPid, TEXT("PID"), MB_OK); } BOOL CALLBACK DialogProc( HWND hwndDlg, // handle to dialog box UINT uMsg, // message WPARAM wParam, // first message parameter LPARAM lParam // second message parameter ) { switch(uMsg) { case WM_CLOSE: EndDialog(hwndDlg, 0); break; case WM_INITDIALOG : InitProcessListView(hwndDlg); InitModuleListView(hwndDlg); return TRUE ; case WM_NOTIFY: { NMHDR* pNMHDR = (NMHDR*)lParam; if(wParam == IDC_LIST_PROCESS && pNMHDR->code == NM_CLICK) { EnumModules(GetDlgItem(hwndDlg, IDC_LIST_PROCESS), wParam, lParam); } break; } case WM_COMMAND: switch (LOWORD (wParam)) { case IDC_BUTTON_PE : return TRUE; case IDC_BUTTON_ABOUT: return TRUE; case IDC_BUTTON_LOGOUT: EndDialog(hwndDlg, 0); return TRUE; } break ; } return FALSE ; } int APIENTRY WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow) { INITCOMMONCONTROLSEX icex; icex.dwSize = sizeof(INITCOMMONCONTROLSEX); icex.dwICC = ICC_WIN95_CLASSES; //包含大部分控件 InitCommonControlsEx(&icex); hAppInstance = hInstance; DialogBox(hInstance,MAKEINTRESOURCE(IDD_DIALOG_MAIN), NULL, DialogProc); return 0; }
在使用通用控件之前必须先加上
#include <commctrl.h>
#pragma comment(lib,"comctl32.lib")
INITCOMMONCONTROLSEX icex; icex.dwSize = sizeof(INITCOMMONCONTROLSEX); icex.dwICC = ICC_WIN95_CLASSES; InitCommonControlsEx(&icex);
通用控件应该使用WM_NOTIFY,而不是WM_COMMAND。WM_NOTIFY能够返回的信息更丰富。
WM_NOTIFY消息类型与WM_COMMAND类型相似,都是由子窗口向父窗口发送的消息。
程序界面如图:
。此外点击进程会显示进程的PID