int main(int argc, char* argv[] )
{
uint pid=0;
char* dll= 0;
int rv = 0;
bool handled = false;
if(argc < 2) usage();
if( argv[1][0] == '-') argv[1][0] = '/'; //standardize
EnableSeDebug();
//HANDLE hWatchDog = startWatchDog(); //still getting hangs once in a while..monitor external :-\
setvbuf(stdout, NULL, _IONBF, 0); //autoflush - allows external apps to read cmdline output in realtime..
// /inject decimal_pid dll_path
if(strstr(argv[1],"/inject") > 0 ){
if(argc!=4) usage(3);
pid = atoi( argv[2] );
dll = strdup(argv[3]);
if(!FileExists(dll)){
printf("Error: dll file not found: %s\n\n",dll);
usage();
}
rv = inject(dll,pid);
handled = true;
}
// /loadlib path
if(strstr(argv[1],"/loadlib") > 0 ){
if(argc!=3) usage(2);
dll = strdup(argv[2]);
if(!FileExists(dll)){
printf("Error: dll file not found: %s\n\n",dll);
usage();
}
printf("loadlib=%x\npress any key to continue...", LoadLibrary(dll));
getch();
handled = true;
}
// /dlls decimal_pid
if(strstr(argv[1],"/dlls") > 0 ){
if(argc!=3) usage(2);
pid = atoi( argv[2] );
rv = PrintModules(pid);
handled = true;
}
// /dumpprocess decimal_pid out_file_path
if(strstr(argv[1],"/dumpproc") > 0 ){
if(argc!=4) usage(3);
pid = atoi( argv[2] );
char* dumpFile = strdup(argv[3]);
if(FileExists(dumpFile)){
printf("Error: dump file already exists aborting: %s\n\n", dumpFile);
}
else{
rv = DumpProcess(pid,dumpFile);
}
handled = true;
}
// /dump decimal_pid, hex_string_base, hex_string_size out_file_path
if(!handled && strstr(argv[1],"/dumpmod") > 0 ){
if(argc!=6) usage(5);
pid = atoi( argv[2] );
__int64 base = _strtoi64(argv[3], NULL, 16);
__int64 sz = _strtoi64(argv[4], NULL, 16);
char* dumpFile = strdup(argv[5]);
if(FileExists(dumpFile)){
printf("Error: dump file already exists aborting: %s\n\n", dumpFile);
}
else{
rv = dump(pid,base,sz,dumpFile);
}
handled = true;
}
// /startwdll exe_path dll_path
if(strstr(argv[1],"/startwdll") > 0 ){
if(argc!=4) usage(3);
char* exe = strdup(argv[2]);
dll = strdup(argv[3]);
if(!FileExists(dll)){
printf("Error: dll file not found: %s\n\n",dll);
usage();
}
rv = startwdll(dll,exe);
handled = true;
}
// /memmap decimal_pid out_path
if(strstr(argv[1],"/memmap") > 0 ){
if(argc!=4) usage(3);
pid = atoi( argv[2] );
dll = strdup(argv[3]);
if(FileExists(dll)){
printf("Error: out file already exists: %s\n\n",dll);
usage();
}
rv = memMap(pid,dll);
handled = true;
}
if(handled==false){
printf("Error: Unknown option %s\n\n", argv[1]);
usage();
}
//TerminateThread(hWatchDog,0);
//CloseHandle(hWatchDog);
if( IsDebuggerPresent() ){
printf("press any key to exit...");
getch();
}
return rv;
}
LRESULT CALLBACK WndProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam)
{
switch (msg)
{
case WM_CREATE:
{
hWndListOne = CreateWindow(L"listbox", NULL,
WS_CHILD | WS_VISIBLE | WS_CLIPSIBLINGS | WS_BORDER |
WS_VSCROLL |
LBS_NOTIFY,
5, 10, 380, 430,
hWnd, (HMENU)ID_LISTONE, hInst, NULL);
hWndListTwo = CreateWindow(L"listbox", NULL,
WS_CHILD | WS_VISIBLE | WS_CLIPSIBLINGS | WS_BORDER |
WS_VSCROLL |
LBS_NOTIFY,
390, 10, 380, 430,
hWnd, (HMENU)ID_LISTONE, hInst, NULL);
GetProcess(true);
}; return 0;
case WM_COMMAND:
{
UINT code = HIWORD(wParam);
UINT idCtrl = LOWORD(wParam);
int j = 0;
switch (idCtrl)
{
case ID_HIGH:
SetPriority(HIGH_PRIORITY_CLASS);
break;
case ID_IDLE:
SetPriority(IDLE_PRIORITY_CLASS);
break;
case ID_NORMAL:
SetPriority(NORMAL_PRIORITY_CLASS);
break;
case ID_REALTIME:
SetPriority(REALTIME_PRIORITY_CLASS);
break;
case ID_LISTONE:
if (code == LBN_DBLCLK)
{
SendMessage(hWndListTwo, LB_RESETCONTENT, 0, 0);
i = SendMessage(hWndListOne, LB_GETCURSEL, 0, 0);
if(i<=1024&&i>=0)
PrintModules(twar[i]);
}
break;
}
}; return 0;
case WM_CONTEXTMENU:
{
HMENU hMenu = CreatePopupMenu();
AppendMenu(hMenu, MFT_STRING, ID_HIGH, L"HIGH");
AppendMenu(hMenu, MFT_STRING, ID_IDLE, L"IDLE");
AppendMenu(hMenu, MFT_STRING, ID_NORMAL, L"NORMAL");
AppendMenu(hMenu, MFT_STRING, ID_REALTIME, L"REALTIME");
TrackPopupMenu(hMenu, TPM_RIGHTBUTTON |
TPM_TOPALIGN |
TPM_LEFTALIGN,
LOWORD(lParam),
HIWORD(lParam), 0, hWnd, NULL);
DestroyMenu(hMenu);
}
break;
case WM_DESTROY:
{
PostQuitMessage(0);
} break;
default: return DefWindowProc(hWnd, msg, wParam, lParam);
}
return 0;
}
