如何在其他程序的窗口上创建按钮并使之能响应
作者:ac952_z_cn
| 源代码下载 环境:Windows NT/2000 实现方法:采用将动态连接库注入到其他进程中的方法来实现。 为了便于选择窗口,我借用了另一个程序"2000下显示带*号"来选择窗口。 如果要在98下实现你可用钩子同样实现。 程序运行界面如图一: |
 |
| 图一 将动态连接库注入其他进程的代码如下: |
BOOL WINAPI RT_CTRL_BTN(LPCSTR lpszLibFile, HWND hWnd, DWORD dwID, LPRECT pRtBtn, LPCTSTR szCaptionBtn){ try { DWORD dwProcessID; GetWindowThreadProcessId(hWnd, &dwProcessID); HANDLE hProcess = OpenProcess( PROCESS_CREATE_THREAD | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ, FALSE, dwProcessID ); if (!hProcess){ return FALSE; } INJECT_DLL InjectInfo; InjectDLL_Info(&InjectInfo, lpszLibFile, hWnd, dwID, pRtBtn, szCaptionBtn); LPBYTE lpThreadAddr=(LPBYTE)::VirtualAllocEx(hProcess, NULL, MAXINJECTSIZE, MEM_COMMIT, PAGE_EXECUTE_READWRITE); LPINJECT_DLL param = (LPINJECT_DLL) VirtualAllocEx( hProcess, 0, sizeof(INJECT_DLL), MEM_COMMIT, PAGE_READWRITE ); WriteProcessMemory(hProcess, lpThreadAddr,&RemoteControlThread, MAXINJECTSIZE, 0); WriteProcessMemory( hProcess, param, &InjectInfo, sizeof(InjectInfo), 0 ); DWORD dwThreadId; HANDLE hThread = ::CreateRemoteThread(hProcess,NULL,0, (unsigned long (__stdcall *)(void *))lpThreadAddr, param, 0, &dwThreadId); if (!hThread){ CloseHandle(hProcess); VirtualFreeEx( hProcess, lpThreadAddr, 0, MEM_RELEASE ); VirtualFreeEx( hProcess, param, 0, MEM_RELEASE ); return FALSE; } else { CloseHandle(hThread); CloseHandle(hProcess); VirtualFreeEx( hProcess, lpThreadAddr, 0, MEM_RELEASE ); VirtualFreeEx( hProcess, param, 0, MEM_RELEASE ); } } catch (...){ return FALSE; } return TRUE;} |
| 环境:win2000 professional + VC6.0+SP5 + PlatformSDK 2001.8 |
发表评论
告诉好友