#include "stdafx.h"
#include"resource.h"
#include <psapi.h>
#include <Tlhelp32.h>
#include <commctrl.h>
#include <string.h>
#include<stdlib.h>
#include<stdio.h>
#include<commdlg.h>
#pragma comment(lib,"psapi.lib")
#pragma comment(lib,"comctl32.lib")
TCHAR szFileName1[128];
HINSTANCE hAppInstance;
VOID EnumProcess(HWND hListProcess)
{
LV_ITEM vitem;
TCHAR TempBase[128] = {0};
TCHAR TempSize[128] = {0};
//初始化
memset(&vitem,0,sizeof(LV_ITEM));
vitem.mask = LVIF_TEXT;
//进程遍历
MODULEENTRY32 me;
PROCESSENTRY32 pe32;
me.dwSize = sizeof(MODULEENTRY32);
pe32.dwSize = sizeof(pe32);
HANDLE hSnapshot_proc = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hSnapshot_proc != INVALID_HANDLE_VALUE)
{
BOOL check = Process32First(hSnapshot_proc, &pe32);
while (check)
{
Module32First(hSnapshot_proc, &me);
sprintf(TempBase, "%08X", me.modBaseAddr);
sprintf(TempSize, "%08X", me.modBaseSize);
TCHAR szBuff[128];
vitem.pszText = pe32.szExeFile;
//第几行
vitem.iItem = 0;
//第几列
vitem.iSubItem = 0;
//ListView_InsertItem(hListProcess, &vitem);
SendMessage(hListProcess, LVM_INSERTITEM,0,(DWORD)&vitem);
wsprintf(szBuff, TEXT("%d"), pe32.th32ProcessID);
vitem.pszText = szBuff;
vitem.iItem = 0;
vitem.iSubItem = 1;
ListView_SetItem(hListProcess, &vitem);
// sprintf(szBuff, "%x", pe32.modBaseAddr);
vitem.pszText = TempBase;
vitem.iItem = 0;
vitem.iSubItem = 2;
ListView_SetItem(hListProcess, &vitem);
// sprintf(szBuff, "%x", pe32.modBaseSize);
vitem.pszText = TempSize;
vitem.iItem = 0;
vitem.iSubItem = 3;
ListView_SetItem(hListProcess, &vitem);
// printf("进程PID = %d 进程名 = %s
", pe32.th32ProcessID, pe32.szExeFile);
check = Process32Next(hSnapshot_proc, &pe32);
}
}
CloseHandle(hSnapshot_proc);
}
VOID InitProcessListView(HWND hDlg)
{
LV_COLUMN lv;
HWND hListProcess;
//初始化
memset(&lv,0,sizeof(LV_COLUMN));
//获取IDC_LIST_PROCESS句柄
hListProcess = GetDlgItem(hDlg,IDC_LIST_PROCESS);
//设置整行选中
SendMessage(hListProcess,LVM_SETEXTENDEDLISTVIEWSTYLE,LVS_EX_FULLROWSELECT,LVS_EX_FULLROWSELECT);
//第一列
lv.mask = LVCF_TEXT | LVCF_WIDTH | LVCF_SUBITEM;
lv.pszText = TEXT("进程"); //列标题
lv.cx = 200; //列宽
lv.iSubItem = 0;
//ListView_InsertColumn(hListProcess, 0, &lv);
SendMessage(hListProcess,LVM_INSERTCOLUMN,0,(DWORD)&lv);
//第二列
lv.pszText = TEXT("PID");
lv.cx = 100;
lv.iSubItem = 1;
//ListView_InsertColumn(hListProcess, 1, &lv);
SendMessage(hListProcess,LVM_INSERTCOLUMN,1,(DWORD)&lv);
//第三列
lv.pszText = TEXT("镜像基址");
lv.cx = 100;
lv.iSubItem = 2;
ListView_InsertColumn(hListProcess, 2, &lv);
//第四列
lv.pszText = TEXT("镜像大小");
lv.cx = 100;
lv.iSubItem = 3;
ListView_InsertColumn(hListProcess, 3, &lv);
EnumProcess(hListProcess);
}
VOID InitModuleListView(HWND hDlg)
{
LV_COLUMN lv;
HWND hListProcess;
//初始化
memset(&lv,0,sizeof(LV_COLUMN));
//获取IDC_LIST_PROCESS句柄
hListProcess = GetDlgItem(hDlg,IDC_LIST_MODULE);
//设置整行选中
SendMessage(hListProcess,LVM_SETEXTENDEDLISTVIEWSTYLE,LVS_EX_FULLROWSELECT,LVS_EX_FULLROWSELECT);
//第一列
lv.mask = LVCF_TEXT | LVCF_WIDTH | LVCF_SUBITEM;
lv.pszText = TEXT("模块名称"); //列标题
lv.cx = 200; //列宽
lv.iSubItem = 0;
//ListView_InsertColumn(hListProcess, 0, &lv);
SendMessage(hListProcess,LVM_INSERTCOLUMN,0,(DWORD)&lv);
//第二列
lv.pszText = TEXT("模块位置");
lv.cx = 300;
lv.iSubItem = 1;
//ListView_InsertColumn(hListProcess, 1, &lv);
SendMessage(hListProcess,LVM_INSERTCOLUMN,1,(DWORD)&lv);
}
BOOL SetProcessPrivilege(char *lpName, BOOL opt)
{
HANDLE tokenhandle;
TOKEN_PRIVILEGES NewState;
if (OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &tokenhandle))
{
LookupPrivilegeValue(NULL, lpName, &NewState.Privileges[0].Luid);
NewState.PrivilegeCount = 1;
NewState.Privileges[0].Attributes = opt != 0 ? 2 : 0;
AdjustTokenPrivileges(tokenhandle, FALSE, &NewState, sizeof(NewState), NULL, NULL);
CloseHandle(tokenhandle);
return 1;
}
else
{
return 0;
}
}
VOID EnumModules(HWND hListModule, HWND hListProcess, WPARAM wParam, LPARAM lParam)
{
LV_ITEM vitem;
TCHAR szBuff1[128];
//初始化
memset(&vitem,0,sizeof(LV_ITEM));
vitem.mask = LVIF_TEXT;
DWORD dwRowId;
TCHAR szPid[0x20];
TCHAR szBuf[0x20];
TCHAR szBuff[128];
LV_ITEM lv;
//初始化
memset(&lv, 0, sizeof(LV_ITEM));
memset(szPid, 0, sizeof(szPid));
//获取选择行
dwRowId = SendMessage(hListProcess, LVM_GETNEXTITEM, -1, LVNI_SELECTED);
if(dwRowId == -1)
{
MessageBox(NULL, TEXT("ERROR"), TEXT("ERROR"), MB_OK);
return;
}
//获取PID
lv.iSubItem = 1;
lv.pszText = szPid;
lv.cchTextMax = 0x20;
SendMessage(hListProcess, LVM_GETITEMTEXT, dwRowId, (DWORD)&lv);
//遍历进程模块
PROCESSENTRY32 pe32;
MODULEENTRY32 me32;
HANDLE hProcess, hSnapshot_proc, hSnapshot_mod;
pe32.dwSize = sizeof(pe32);
SetProcessPrivilege("SeDebugPrivilege", 1);
hSnapshot_proc = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (Process32First(hSnapshot_proc, &pe32))
{
do
{
hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, pe32.th32ProcessID);
if (pe32.th32ProcessID && pe32.th32ProcessID != 4 && pe32.th32ProcessID != 8)
{
wsprintf(szBuf, TEXT("%d"), pe32.th32ProcessID);
// printf("PID: %d >>> ProcName: %s
", pe32.th32ProcessID, pe32.szExeFile);
me32.dwSize = sizeof(me32);
hSnapshot_mod = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pe32.th32ProcessID);
Module32First(hSnapshot_mod, &me32);
do
{
if(strcmp(szBuf, szPid) == 0)
{
vitem.pszText = me32.szModule;
//第几行
vitem.iItem = 0;
//第几列
vitem.iSubItem = 0;
//ListView_InsertItem(hListProcess, &vitem);
SendMessage(hListModule, LVM_INSERTITEM,0,(DWORD)&vitem);
// wsprintf(szBuff, TEXT("%d"), pe32.th32ProcessID);
vitem.pszText = me32.szExePath;
vitem.iItem = 0;
vitem.iSubItem = 1;
ListView_SetItem(hListModule, &vitem);
}
// printf("ModName: %s -> Path: %s
", me32.szModule, me32.szExePath);
} while (Module32Next(hSnapshot_mod, &me32));
printf("------
");
CloseHandle(hSnapshot_mod);
}
CloseHandle(hProcess);
} while (Process32Next(hSnapshot_proc, &pe32));
}
SetProcessPrivilege("SeDebugPrivilege", 0);
CloseHandle(hSnapshot_proc);
// MessageBox(NULL, szPid, TEXT("PID"), MB_OK);
}
DWORD ReadPEFile(IN LPSTR lpszFile, OUT LPVOID* pFileBuffer)
{
FILE* fp = fopen(lpszFile, "rb");
DWORD fileSize = 0;
if (!fp)
{
printf("无法打开exe文件!");
return 0;
}
fseek(fp, 0, SEEK_END);
fileSize = ftell(fp);
fseek(fp, 0, SEEK_SET);
*pFileBuffer = malloc(fileSize);
if (!(*pFileBuffer))
{
printf("分配空间失败!");
fclose(fp);
return 0;
}
size_t n = fread(*pFileBuffer, fileSize, 1, fp);
if (!n)
{
printf("读取数据失败!");
free(*pFileBuffer);
fclose(fp);
return 0;
}
fclose(fp);
return n;
}
VOID FixHeaderInfomation(HWND hwndDlg)
{
PIMAGE_DOS_HEADER pDosHeader = NULL;
PIMAGE_NT_HEADERS pNTHeader = NULL;
PIMAGE_FILE_HEADER pFileHeader = NULL;
PIMAGE_OPTIONAL_HEADER32 pOptionalHeader = NULL;
PIMAGE_SECTION_HEADER pSectionHeader = NULL, flag = NULL;
LPVOID pImageBuffer = NULL;
ReadPEFile(szFileName1, &pImageBuffer);
if ((*(PWORD)pImageBuffer) != IMAGE_DOS_SIGNATURE)
{
printf("不是有效的MZ标志!");
free(pImageBuffer);
return;
}
pDosHeader = (PIMAGE_DOS_HEADER)pImageBuffer;
if (*((PDWORD)((DWORD)pImageBuffer + pDosHeader->e_lfanew)) != IMAGE_NT_SIGNATURE)
{
printf("不是有效的PE标志!");
free(pImageBuffer);
return;
}
pNTHeader = (PIMAGE_NT_HEADERS)((DWORD)pImageBuffer + pDosHeader->e_lfanew);
pFileHeader = (PIMAGE_FILE_HEADER)((DWORD)pNTHeader + 4);
pOptionalHeader = (PIMAGE_OPTIONAL_HEADER32)((DWORD)pFileHeader + IMAGE_SIZEOF_FILE_HEADER);
pSectionHeader = flag = (PIMAGE_SECTION_HEADER)((DWORD)pOptionalHeader + pFileHeader->SizeOfOptionalHeader);
TCHAR szBuffer[128];
sprintf(szBuffer, "%x", pOptionalHeader->AddressOfEntryPoint);
SendDlgItemMessage(hwndDlg, IDC_EDIT_ENTRYPOINT, WM_SETTEXT, 0, (DWORD)szBuffer);
sprintf(szBuffer, "%x", pOptionalHeader->ImageBase);
SendDlgItemMessage(hwndDlg, IDC_EDIT_IMAGEBASE, WM_SETTEXT, 0, (DWORD)szBuffer);
}
VOID FixDirectoryInfomation(HWND hwndDlg)
{
PIMAGE_DOS_HEADER pDosHeader = NULL;
PIMAGE_NT_HEADERS pNTHeader = NULL;
PIMAGE_FILE_HEADER pFileHeader = NULL;
PIMAGE_OPTIONAL_HEADER32 pOptionalHeader = NULL;
PIMAGE_SECTION_HEADER pSectionHeader = NULL, flag = NULL;
LPVOID pImageBuffer = NULL;
ReadPEFile(szFileName1, &pImageBuffer);
if ((*(PWORD)pImageBuffer) != IMAGE_DOS_SIGNATURE)
{
printf("不是有效的MZ标志!");
free(pImageBuffer);
return;
}
pDosHeader = (PIMAGE_DOS_HEADER)pImageBuffer;
if (*((PDWORD)((DWORD)pImageBuffer + pDosHeader->e_lfanew)) != IMAGE_NT_SIGNATURE)
{
printf("不是有效的PE标志!");
free(pImageBuffer);
return;
}
pNTHeader = (PIMAGE_NT_HEADERS)((DWORD)pImageBuffer + pDosHeader->e_lfanew);
pFileHeader = (PIMAGE_FILE_HEADER)((DWORD)pNTHeader + 4);
pOptionalHeader = (PIMAGE_OPTIONAL_HEADER32)((DWORD)pFileHeader + IMAGE_SIZEOF_FILE_HEADER);
pSectionHeader = flag = (PIMAGE_SECTION_HEADER)((DWORD)pOptionalHeader + pFileHeader->SizeOfOptionalHeader);
TCHAR szBuffer[128];
sprintf(szBuffer, "%x", pOptionalHeader->DataDirectory[0].VirtualAddress);
SendDlgItemMessage(hwndDlg, IDC_EDIT_EXPORT1, WM_SETTEXT, 0, (DWORD)szBuffer);
sprintf(szBuffer, "%x", pOptionalHeader->DataDirectory[0].Size);
SendDlgItemMessage(hwndDlg, IDC_EDIT_EXPORT2, WM_SETTEXT, 0, (DWORD)szBuffer);
sprintf(szBuffer, "%x", pOptionalHeader->DataDirectory[1].VirtualAddress);
SendDlgItemMessage(hwndDlg, IDC_EDIT_IMPORT1, WM_SETTEXT, 0, (DWORD)szBuffer);
sprintf(szBuffer, "%x", pOptionalHeader->DataDirectory[1].Size);
SendDlgItemMessage(hwndDlg, IDC_EDIT_IMPORT2, WM_SETTEXT, 0, (DWORD)szBuffer);
}
DWORD RvaToFileOffset(IN LPVOID FileBuffer, IN DWORD Rva)
{
PIMAGE_DOS_HEADER pDOS = (PIMAGE_DOS_HEADER)FileBuffer;
PIMAGE_NT_HEADERS pNT = (PIMAGE_NT_HEADERS)((DWORD)FileBuffer + pDOS->e_lfanew);
PIMAGE_SECTION_HEADER pSECTION = (PIMAGE_SECTION_HEADER)(pNT + 1);
int i;
for (i = 0; i < pNT->FileHeader.NumberOfSections; i++, pSECTION++) {
if (Rva >= pSECTION->VirtualAddress && Rva < pSECTION->VirtualAddress + pSECTION->SizeOfRawData) {
return (Rva - pSECTION->VirtualAddress + pSECTION->PointerToRawData);
break;
}
}
return 0;
}
VOID PrintImportTable(HWND hwndDlg)
{
TCHAR szBuff[10000] = {0};
TCHAR szString[100000] = {0};
PIMAGE_DOS_HEADER pDosHeader = NULL;
PIMAGE_NT_HEADERS pNTHeader = NULL;
PIMAGE_FILE_HEADER pFileHeader = NULL;
PIMAGE_OPTIONAL_HEADER32 pOptionalHeader = NULL;
LPVOID pFileBuffer = NULL;
PIMAGE_IMPORT_DESCRIPTOR pImport = NULL;
PIMAGE_IMPORT_BY_NAME pName = NULL;
DWORD addrOfOri = 0;
int i = 0;
ReadPEFile(szFileName1, &pFileBuffer);
pDosHeader = (PIMAGE_DOS_HEADER)pFileBuffer;
pNTHeader = (PIMAGE_NT_HEADERS)((DWORD)pDosHeader + pDosHeader->e_lfanew);
pFileHeader = (PIMAGE_FILE_HEADER)((DWORD)pNTHeader + 4);
pOptionalHeader = (PIMAGE_OPTIONAL_HEADER32)(pFileHeader + 1);
pImport = (PIMAGE_IMPORT_DESCRIPTOR)((DWORD)pFileBuffer +
RvaToFileOffset(pFileBuffer, pOptionalHeader->DataDirectory[1].VirtualAddress));
addrOfOri = (DWORD)pFileBuffer + RvaToFileOffset(pFileBuffer, pImport->OriginalFirstThunk);
while (1)
{
if (pImport->OriginalFirstThunk == 0)
break;
sprintf(szString,"****************%s****************
", (char *)((DWORD)pFileBuffer +
RvaToFileOffset(pFileBuffer, pImport->Name)));
strcat(szBuff, szString);
addrOfOri = (DWORD)pFileBuffer + RvaToFileOffset(pFileBuffer, pImport->OriginalFirstThunk);
while (1)
{
if ((DWORD)(*(PDWORD)addrOfOri == 0))
{
break;
}
if ((DWORD)(*(PDWORD)addrOfOri) >> 31 == 1)
{
sprintf(szString, "序号:%x
", (DWORD)(*(PDWORD)addrOfOri) & 0x7fffffff);
strcat(szBuff, szString);
}
else
{
pName = (PIMAGE_IMPORT_BY_NAME)((DWORD)pFileBuffer +
RvaToFileOffset(pFileBuffer, (DWORD)(*(PDWORD)addrOfOri)));
i = 0;
while (pName->Name[i] != 0)
{
sprintf(szString,"%c", pName->Name[i]);
strcat(szBuff, szString);
i++;
}
sprintf(szString, "%s","
");
strcat(szBuff, szString);
}
addrOfOri += 4;
}
pImport = (PIMAGE_IMPORT_DESCRIPTOR)((DWORD)pImport + 20);
}
free(pFileBuffer);
SendDlgItemMessage(hwndDlg, IDC_EDIT_IMPORTINF, WM_SETTEXT, 0, (DWORD)szBuff);
}
VOID PrintfExportImform(HWND hwndDlg)
{
TCHAR szString[100000] = {0};
TCHAR szBuff[128] = {0};
PIMAGE_DOS_HEADER pDosHeader = NULL;
PIMAGE_NT_HEADERS pNTHeader = NULL;
PIMAGE_FILE_HEADER pFileHeader = NULL;
PIMAGE_OPTIONAL_HEADER32 pOptionalHeader = NULL;
PIMAGE_SECTION_HEADER pSectionHeader = NULL;
PIMAGE_EXPORT_DIRECTORY pExport = NULL;
LPVOID pFileBuffer = NULL;
DWORD pExportFileOffset = NULL;
ReadPEFile(szFileName1, &pFileBuffer);
pDosHeader = (PIMAGE_DOS_HEADER)pFileBuffer;
pNTHeader = (PIMAGE_NT_HEADERS)((DWORD)pDosHeader + pDosHeader->e_lfanew);
pFileHeader = (PIMAGE_FILE_HEADER)((DWORD)pNTHeader + 4);
pOptionalHeader = (PIMAGE_OPTIONAL_HEADER32)(pFileHeader + 1);
pExportFileOffset = pOptionalHeader->DataDirectory[0].VirtualAddress;
if(pExportFileOffset != 0)
{
pExportFileOffset = RvaToFileOffset(pFileBuffer, pExportFileOffset);
pExport = (PIMAGE_EXPORT_DIRECTORY)((DWORD)pFileBuffer + pExportFileOffset);
//printf("%d", pExport->NumberOfFunctions);
//函数地址
DWORD FileOffOfFunctions = RvaToFileOffset(pFileBuffer, pExport->AddressOfFunctions);
LPVOID pFunctionInFile = (LPVOID)((DWORD)pFileBuffer + FileOffOfFunctions);
for (int i = 0; i < pExport->NumberOfFunctions; i++)
{
// printf("%x
", *((PDWORD)pFunctionInFile));
sprintf(szBuff, "%x
", *((PDWORD)pFunctionInFile));
strcat(szString, szBuff);
pFunctionInFile = (LPVOID)((DWORD)pFunctionInFile + 4);
}
//函数名称
//AddressOfNames在文件中的偏移
DWORD FileOffOfNames = RvaToFileOffset(pFileBuffer, pExport->AddressOfNames);
//printf("%x", FileOffOfNames);
//AddressOfNames在文件中的地址
LPVOID pNamesInFile = (LPVOID)((DWORD)pFileBuffer + FileOffOfNames);
//printf("%x", pNamesInFile);
//AddressOfNames数组项在文件中的偏移
DWORD OffsetOfNames;
LPVOID pNameInFile = NULL;
//OffsetOfNames = RvaToFileOffset(pFileBuffer, (DWORD)(*((PDWORD)pNamesInFile)));
for (int j = 0; j < pExport->NumberOfNames; j++)
{
OffsetOfNames = RvaToFileOffset(pFileBuffer, (DWORD)(*((PDWORD)pNamesInFile)));
pNameInFile = (LPVOID)((DWORD)pFileBuffer + OffsetOfNames);
strcat(szString, (char *)pNameInFile);
strcat(szString, "
");
// printf("%s
", pNameInFile);
pNamesInFile = (LPVOID)((DWORD)pNamesInFile + 4);
}
//函数序号
DWORD OrdOffsetInFile = RvaToFileOffset(pFileBuffer, pExport->AddressOfNameOrdinals);
LPVOID pOrdinalsInFile = (LPVOID)((DWORD)pFileBuffer + OrdOffsetInFile);
for (int k = 0; k < pExport->NumberOfNames; k++)
{
// printf("%d
", *((PWORD)pOrdinalsInFile));
sprintf(szBuff, "%x
", *((PWORD)pOrdinalsInFile));
strcat(szString, szBuff);
pOrdinalsInFile = (LPVOID)((DWORD)pOrdinalsInFile + 2);
}
}else
{
sprintf(szString, "%s
", "没有导出表!");
}
// sprintf(szString, "------------OriginalFirstThunkVRA:%X------------
", 1);
SendDlgItemMessage(hwndDlg, IDC_EDIT_EXPORTINF, WM_SETTEXT, 0, (DWORD)szString);
}
BOOL CALLBACK ProcDlgExportInf(
HWND hwndDlg, // handle to dialog box
UINT uMsg, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
)
{
switch(uMsg)
{
case WM_CLOSE:
EndDialog(hwndDlg, 0);
break;
case WM_INITDIALOG:
PrintfExportImform(hwndDlg);
return TRUE;
}
return FALSE;
}
BOOL CALLBACK ProcDlgImportInf(
HWND hwndDlg, // handle to dialog box
UINT uMsg, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
)
{
switch(uMsg)
{
case WM_CLOSE:
EndDialog(hwndDlg, 0);
break;
case WM_INITDIALOG:
PrintImportTable(hwndDlg);
return TRUE;
}
return FALSE;
}
BOOL CALLBACK ProcDlgDirectory(
HWND hwndDlg, // handle to dialog box
UINT uMsg, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
)
{
switch(uMsg)
{
case WM_CLOSE:
EndDialog(hwndDlg, 0);
break;
case WM_INITDIALOG:
FixDirectoryInfomation(hwndDlg);
return TRUE;
case WM_COMMAND:
switch(LOWORD(wParam))
{
case IDC_BUTTON_CLOSE1:
EndDialog(hwndDlg, 0);
return TRUE;
case IDC_BUTTON_EXPORT:
DialogBox(hAppInstance, MAKEINTRESOURCE(IDD_DIALOG_EXPORTINF),hwndDlg, ProcDlgExportInf);
return TRUE;
case IDC_BUTTON_IMPORT:
DialogBox(hAppInstance, MAKEINTRESOURCE(IDD_DIALOG_IMPORTINF), hwndDlg, ProcDlgImportInf);
return TRUE;
}
}
return FALSE;
}
BOOL CALLBACK ProcDlgPE(
HWND hwndDlg, // handle to dialog box
UINT uMsg, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
)
{
switch(uMsg)
{
case WM_CLOSE:
EndDialog(hwndDlg, 0);
break;
case WM_INITDIALOG:
FixHeaderInfomation(hwndDlg);
return TRUE;
case WM_COMMAND:
switch(LOWORD (wParam))
{
case IDC_BUTTON_CLOSE:
EndDialog(hwndDlg, 0);
return TRUE;
case IDC_BUTTON_SECTION:
return TRUE;
case IDC_BUTTON_DIRECTORY:
DialogBox(hAppInstance, MAKEINTRESOURCE(IDD_DIALOG_DIRECTORY),hwndDlg, ProcDlgDirectory);
return TRUE;
}
}
return FALSE;
}
VOID PEOpen(HWND hDlg)
{
OPENFILENAME stOpenFile;
TCHAR szPeFileExt[100] = "*.exe;*.dll;*.scr;*.drv;*.sys";
TCHAR szFileName[256];
memset(szFileName, 0, 256);
memset(&stOpenFile, 0, sizeof(stOpenFile));
stOpenFile.lStructSize = sizeof(OPENFILENAME);
stOpenFile.Flags = OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST;
stOpenFile.hwndOwner = hDlg;
stOpenFile.lpstrFilter = szPeFileExt;
stOpenFile.lpstrFile = szFileName;
stOpenFile.nMaxFile = MAX_PATH;
GetOpenFileName(&stOpenFile);
strcpy(szFileName1, szFileName);
MessageBox(0, szFileName,0 ,0);
DialogBox(hAppInstance, MAKEINTRESOURCE(IDD_DIALOG_PE),hDlg, ProcDlgPE);
}
BOOL CALLBACK DialogProc(
HWND hwndDlg, // handle to dialog box
UINT uMsg, // message
WPARAM wParam, // first message parameter
LPARAM lParam // second message parameter
)
{
HWND hListModule = GetDlgItem(hwndDlg, IDC_LIST_MODULE);
switch(uMsg)
{
case WM_CLOSE:
EndDialog(hwndDlg, 0);
break;
case WM_INITDIALOG :
InitProcessListView(hwndDlg);
InitModuleListView(hwndDlg);
return TRUE ;
case WM_NOTIFY:
{
NMHDR* pNMHDR = (NMHDR*)lParam;
if(wParam == IDC_LIST_PROCESS && pNMHDR->code == NM_CLICK)
{
EnumModules(hListModule, GetDlgItem(hwndDlg, IDC_LIST_PROCESS), wParam, lParam);
}
break;
}
case WM_COMMAND:
switch (LOWORD (wParam))
{
case IDC_BUTTON_PEOPEN :
PEOpen(hwndDlg);
return TRUE;
case IDC_BUTTON_ABOUT:
MessageBox(NULL, TEXT("by Athena"), TEXT("Hello"), 0);
return TRUE;
case IDC_BUTTON_LOGOUT:
EndDialog(hwndDlg, 0);
return TRUE;
}
break ;
}
return FALSE ;
}
int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
INITCOMMONCONTROLSEX icex;
icex.dwSize = sizeof(INITCOMMONCONTROLSEX);
icex.dwICC = ICC_WIN95_CLASSES; //包含大部分控件
InitCommonControlsEx(&icex);
hAppInstance = hInstance;
DialogBox(hInstance,MAKEINTRESOURCE(IDD_DIALOG_MAIN), NULL, DialogProc);
return 0;
}
