Locate the executable file

Ward · September 17, 2011

This function simply find what file will launch when you just type the file name in command line. It match file extension defined in %PATHEXT% and search in working directory and %PATH%.

This is a my new trial of binary code. Obviously, this function need windows API, but you can't find any API except CallWindowProc. In fact, the binary code locate and store API address by itself, even on different system.

I already tested on winxp and win7. If it crash on some system, please let me know, thanks.

#Include <Memory.au3>
 
ConsoleWrite(WhereIs("cmd") & @CRLF)
ConsoleWrite(WhereIs("notepad") & @CRLF)
ConsoleWrite(WhereIs("explorer") & @CRLF)
ConsoleWrite(WhereIs("services") & @CRLF)
 
Func WhereIs($File)
    Static $CodePtr
    If Not $CodePtr Then
        If @AutoItX64 Then Exit MsgBox(16, "AutoIt Error", "AutoIt x64 not supported !!")
        Local $Code = "0x5589E5FF7508E8260500005DC2100053555657E8000000005D81ED1D1040003E83BDE416400000740B8D853C1740005F5E5D5BC36A013E8F85E4164000E81702000089C68DBD3C174000B85A11400001E850FF1689C3B86711400001E85053FF56048907B87311400001E85053FF5604894704B88411400001E85053FF5604894708B89111400001E85053FF560489470CB89B11400001E85053FF5604894710B8A411400001E85053FF5604894714B8AD11400001E85053FF5604894718B8BC11400001E85053FF560489471CB8CF11400001E85053FF5604894720B8E711400001E85053FF5604894724B8FC11400001E85053FF5604894728B80D12400001E850FF1689C3B81812400001E85053FF560489472CB81F12400001E850FF1689C3B82B12400001E85053FF5604894730B83B12400001E85053FF5604894734B84E12400001E85053FF560489473889F85F5E5D5BC36B65726E656C33322E646C6C00467265654C696272617279004765744C6F6E67506174684E616D6557005365744572726F724D6F6465006C737472636D706957006C73747263707957006C7374726C656E57004C6F61644C696272617279457857004765744D6F64756C6546696C654E616D655700476574456E7669726F6E6D656E745661726961626C65570047657443757272656E744469726563746F7279570047657446756C6C506174684E616D6557006D73766372742E646C6C007763736368720073686C776170692E646C6C005061746846696C6545786973747357005061746846696E64457874656E73696F6E57005061746846696E644F6E50617468570053555657E8000000005D81ED671240008DB578174000C706651F4405C74604828240C7836608006A04565731C9648B71308B760C8B761C8B46088B7E208B3666394F1875F25F5E89C603403C89F30358788B4B1889F7037B1C5789F7037B248B5B2001F35189F003035689C631D2AC84C0750489D0EB0BB107F6E130C2C1C20CEBEC5E8D8D7817400080390074233911751A8B5424040FB707C1E0028B040201F08901FF4C2408750359EB0D8D4904EBD88D5B04474759E2AB83C4088D85781740005F5E5D5BC351E8000000005981E92B13400001C859C3E8D9FCFFFFFF602CE8D1FCFFFFFF20E8CAFCFFFFFF6004E8C2FCFFFFFF6008E8BAFCFFFFFF600CE8B2FCFFFFFF6010E8AAFCFFFFFF6014E8A2FCFFFFFF6018E89AFCFFFFFF601CE892FCFFFFFF6020E88AFCFFFFFF6024E882FCFFFFFF6028E87AFCFFFFFF6030E872FCFFFFFF6034E86AFCFFFFFF6038535657B8E8164000E86BFFFFFF89C6833E0074068B065F5E5BC368FF7F0000B884174000E84FFFFFFF50B874144000E844FFFFFF50E896FFFFFF85C0751BB884144000E830FFFFFF50B884174000E825FFFFFF50E857FFFFFFB884174000E815FFFFFF50E84FFFFFFF8D480101C951B884174000E8FFFEFFFF5901C1B8E8164000E8F2FEFFFF89C6890E89CEB884174000E8E2FEFFFF89C731C9893C8E516A3B57E8E3FEFFFF89C383C4085985DB75074183248E00EB0A668323008D7B0241EBD989F05F5E5BC3700061007400680065007800740000002E0043004F004D003B002E004500580045003B002E004200410054003B002E0043004D0044003B002E005600420053003B002E005600420045003B002E004A0053003B002E004A00530045003B002E005700530046003B002E005700530048003B002E004D005300430000005589E5535657FF7508E89FFEFFFF89C366833B2E740431C0EB25E89EFEFFFF89C731F68B0CB785C974135153E834FEFFFF85C0750531C040EB0546EBE631C05F5E5B5DC20400C80800005356578B750866833E00750789F0E98D010000FF7508E840FEFFFF85C074496800800000B8841F4100E8BDFDFFFF50FF7508E8D4FDFFFF6A00B8841F4200E8A8FDFFFF506800800000B8841F4100E898FDFFFF50E8FAFDFFFFB8841F4200E888FDFFFFE938010000B8841F4100E879FDFFFF506800800000E8CEFDFFFFB8841F4100E864FDFFFF8945F88365FC00FF7508E820FFFFFF85C0743AFF7508B8841F4200E844FDFFFF50E876FDFFFF8D45F850B8841F4200E830FDFFFF50E8AAFDFFFF85C0740FB8841F4200E81CFDFFFFE9CC000000FF7508B8841F4200E80AFDFFFF50E83CFDFFFFB8841F4200E8FAFCFFFF50E834FDFFFF89C301DBB8841F4200E8E6FCFFFF01C3E867FDFFFF89C731F68B0CB785C9742E5153E805FDFFFF8D45F850B8841F4200E8BFFCFFFF50E839FDFFFF85C0740CB8841F4200E8ABFCFFFFEB5E46EBCBB881144000E89CFCFFFF89C76A01E8BBFCFFFF89C66A016A00FF7508E8CDFCFFFF89C385DB742C6800800000B8841F4100E870FCFFFF5053E8B9FCFFFF85C0740CB8841F4100E85BFCFFFF89C753E86CFCFFFF56E875FCFFFF89F85F5E5BC9C20400000000000000000000000000000000"
        $Code = Binary($Code)
        $CodePtr = _MemVirtualAlloc(0, BinaryLen($Code) + 200000, $MEM_COMMIT, $PAGE_EXECUTE_READWRITE)
        If $CodePtr = 0 Then Exit MsgBox(16, "AutoIt Error", "Out of memory !!")
        Local $Buffer = DllStructCreate("byte[" & BinaryLen($Code) & "]", $CodePtr)
        DllStructSetData($Buffer, 1, $Code)
    EndIf
    Local $Ret = DllCall("user32.dll", "wstr", "CallWindowProc", "ptr", $CodePtr, _
                                                "wstr", $File, _
                                                "int", 0, _
                                                "int", 0, _
                                                "int", 0)
    Return $Ret[0]
EndFunc

Yashied · September 18, 2011

What about PathSearchAndQualify()?

#Include <WinAPIEx.au3>
 
ConsoleWrite(_WinAPI_PathSearchAndQualify('cmd.exe', 1) & @CR)
ConsoleWrite(_WinAPI_PathSearchAndQualify('notepad.exe', 1) & @CR)
ConsoleWrite(_WinAPI_PathSearchAndQualify('explorer.exe', 1) & @CR)
ConsoleWrite(_WinAPI_PathSearchAndQualify('services.exe', 1) & @CR)

Edited September 18, 2011 by Yashied

Ward · September 18, 2011

What about PathSearchAndQualify()?

Different. For example, "services" is "services.msc", not .exe.

Sign In

Locate the executable file

Recommended Posts

Ward

Link to comment

Share on other sites

Yashied

Link to comment

Share on other sites

Ward

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Browse

AutoIt Resources

Release

Beta