window.h
4.99 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
/* Copyright (C) 2010-2011 kaosu (qiupf2000@gmail.com)
* This file is part of the Interactive Text Hooker.
* Interactive Text Hooker is free software: you can redistribute it and/or
* modify it under the terms of the GNU General Public License as published
* by the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#pragma once
#include "main.h"
#include "cmdq.h"
#include "profile.h"
BYTE* GetSystemInformation();
size_t GetProcessMemory(HANDLE hProc, UINT_PTR* mem_size, UINT_PTR* ws);
size_t GetHookString(LPWSTR str, UINT_PTR pid, UINT_PTR hook_addr, UINT_PTR status);
SYSTEM_PROCESS_INFORMATION_NT5* GetBaseByPid(BYTE* pbBuffer,UINT_PTR dwPid);
LRESULT CALLBACK WndProc(HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam);
LPWSTR StateString[StateUnknown+1]={
L"Initialized",L"Ready",L"Running",L"Standby",
L"Terminated",L"Wait",L"Transition",L"Unknown"
};
LPWSTR WaitReasonString[MaximumWaitReason]={
L"Executive",L"FreePage",L"PageIn",L"PoolAllocation",
L"DelayExecution",L"Suspended",L"UserRequest",L"Executive",
L"FreePage",L"PageIn",L"PoolAllocation",L"DelayExecution",
L"Suspended",L"UserRequest",L"EventPair",L"Queue",
L"LpcReceive",L"LpcReply",L"VirtualMemory",L"PageOut",
L"Rendezvous",L"Spare2",L"Spare3",L"Spare4",
L"Spare5",L"Spare6",L"Kernel"
};
#define IDC_CHECK_BIGENDIAN IDC_CHECK1
#define IDC_CHECK_UNICODE IDC_CHECK2
#define IDC_CHECK_STRING IDC_CHECK3
#define IDC_CHECK_DATA_IND IDC_CHECK4
#define IDC_CHECK_SPLIT IDC_CHECK5
#define IDC_CHECK_SPLIT_IND IDC_CHECK6
#define IDC_CHECK_MODULE IDC_CHECK7
#define IDC_CHECK_FUNCTION IDC_CHECK8
#define IDC_CHECK_HEX IDC_CHECK9
#define IDC_CHECK_LASTCHAR IDC_CHECK10
#define IDC_CHECK_NOCONTEXT IDC_CHECK11
class ProcessWindow
{
public:
ProcessWindow(HWND hDialog);
void InitProcessDlg();
void RefreshProcess();
void AttachProcess();
void DetachProcess();
void OperateThread();
void AddCurrentToProfile();
void RefreshThread(int index);
void RefreshThreadColumns(UINT_PTR pid);
bool PerformThread(UINT_PTR pid, UINT_PTR tid, ThreadOperation op=OutputInformation, UINT_PTR addr=0);
UINT_PTR GetSelectPID();
private:
HWND hDlg;
HWND hlProcess,hlThread;
HWND hbRefresh,hbAttach,hbDetach,hbExecute,hbAddProfile;
HWND heAddr,heOutput;
HWND hrSuspend,hrResume,hrTerminate;
};
class ThreadWindow
{
public:
ThreadWindow(HWND hDialog);
void InitWindow();
void InitThread(int index);
void SetThreadInfo(int index);
void RemoveLink(int index);
void SetThread();
void SetLastSentence(UINT_PTR select);
private:
HWND hDlg;
HWND hcCurrentThread,hcLinkThread;
HWND hlFromThread;
HWND heInfo,heSentence,heComment;
HWND hsHook,hsRetn,hsSplit;
};
class HookWindow
{
public:
HookWindow(HWND hDialog);
inline bool IsBigEndian();
inline bool IsUnicode();
inline bool IsString();
inline bool IsDataInd();
inline bool IsSplit();
inline bool IsSplitInd();
inline bool IsModule();
inline bool IsFunction();
inline bool IsHex();
inline bool IsLastChar();
inline bool IsNoContext();
void GenerateCode();
void GenerateHash(size_t ID);
void RemoveHook();
void ModifyHook();
void ResetDialog(const HookParam& hp);
void ResetDialog(int index);
void GetHookParam(HookParam& hp);
void InitDlg();
void ResetDlgHooks(UINT_PTR pid, HookParam& hp);
private:
void PrintUnsignedPtr(LPWSTR str, UINT_PTR d);
void PrintSignedPtr(LPWSTR str, UINT_PTR d);
HWND hDlg,hCombo,hText;
HWND hcBigEndian, hcUnicode, hcString, hcDataInd,
hcSplit, hcSplitInd, hcModule, hcFunction,
hcHex, hcLastChar, hcNoContext;
HWND heAddr, heData, heDataInd, heSplit,
heSplitInd, heModule, heFunction, heHash;
HWND hbModify, hbRemove, hbModule, hbFunction, hbCode;
};
class ProfileWindow
{
public:
ProfileWindow(HWND hDialog);
void RefreshProfileList();
void StartProfileProcess();
void ResetProfile(int index);
void ResetProfileWindow(int index=-1);
void SetCurrentProfile(Profile* pf);
void SaveCurrentProfile();
void DeleteCurrentProfile();
void ExportCurrentProfile();
void ExportAllProfile();
void ImportCurrentProfile();
void DeleteItem(size_t last_select);
void CheckHook(int index, bool check);
bool IsHook(int index);
Profile* GetCurrentProfile();
UINT_PTR GetCurrentSelect();
HWND hDlg,hlProfileList,hlThread,hlComment,hlLink;
HWND hePath,heHook1,heHook2,heHook3,heHook4;
HWND hcHook1,hcHook2,hcHook3,hcHook4;
HWND hbStart, hbDelete, hbSave;
HWND hcbSelect;
};
void ExportSingleProfile(ProfileNode* pfn, MyVector<WCHAR,0x1000,WCMP> &export_text);