Jump to content

AutoIt WinObj

Danyfirex

By Danyfirex,
in AutoIt Example Scripts

 Share

Recommended Posts

Danyfirex Universalist

Danyfirex

Posted
Posted

Hi mates. Some weeks ago @Biatu Ask for getting drive letter from an Arc Path   I got interestion in. so I make a google search and got  nice explanation http://blogs.microsoft.co.il/pavely/2014/02/05/creating-a-winobj-like-tool/ So this day I got some free hour and I decided go to a nice date with AutoIt. After that nice meeting this came out. 

Basically I a Simple AutoIt WinObj(Just for View Name-Type-SymbolicLink, I did not implement Right Click as WinObj).

ScreenShot:

ljm68Xh.png

Icons can change because I wrote it over Windows 10 x86 (Icons are from some system Files...)

 

AutoIt snippet.

;~ Written by Danyfirex 20/09/2015
;~ Thanks to:
;~ http://blogs.microsoft.co.il/pavely/2014/02/05/creating-a-winobj-like-tool/
;~ https://technet.microsoft.com/en-us/library/bb896657.aspx
#include <GUIConstantsEx.au3>
#include <StaticConstants.au3>
#include <TreeViewConstants.au3>
#include <WindowsConstants.au3>
#include <Array.au3>
#include <WinAPI.au3>
#include <GuiTreeView.au3>
#include <GuiImageList.au3>
#include <GuiListView.au3>
#include <GuiStatusBar.au3>

#RequireAdmin
Opt("GUIOnEventMode", 1)
Opt("MustDeclareVars",1)

Global $sPath = "\"
Global Const $DIRECTORY_QUERY = 0x0001
Global Const $DIRECTORY_TRAVERSE = 0x0002
Global Const $sTagUNICODESTRING = "USHORT Length;USHORT MaximumLength;PTR Buffer;"
Global Const $sTagOBJECT_ATTRIBUTES = "ULONG Length;HANDLE RootDirectory;PTR ObjectName;ULONG Attributes;PTR SecurityDescriptor;PTR SecurityQualityOfService"



Global $oTree = 0, $g_hListView = 0, $hoTree = 0, $hMainItem = 0, $oBar = 0, $hGUI = 0, $hImage = 0

iniGUI()

Func iniGUI()

    Local $iStyle = BitOR($TVS_HASBUTTONS, $TVS_HASLINES, $TVS_LINESATROOT, $TVS_DISABLEDRAGDROP, $TVS_SHOWSELALWAYS)
    $hGUI = GUICreate("AutoIt WinObj", 700, 500)
    GUISetOnEvent($GUI_EVENT_CLOSE, "_Exit")
    HotKeySet("{UP}", "_KeyEvent")
    HotKeySet("{DOWN}", "_KeyEvent")

    $g_hListView = _GUICtrlListView_Create($hGUI, "", 210, 5, 500 - 15, 500 - 10 - 20)
    _GUICtrlListView_SetExtendedListViewStyle($g_hListView, BitOR($LVS_EX_FULLROWSELECT, $LVS_EX_SUBITEMIMAGES))

    $oTree = GUICtrlCreateTreeView(5, 5, 200, 500 - 10 - 20, $iStyle, $WS_EX_CLIENTEDGE)
    $hoTree = GUICtrlGetHandle($oTree)
    GUISetOnEvent($GUI_EVENT_PRIMARYUP, "_TreeViewClick")
    $hMainItem = _GUICtrlTreeView_Add($oTree, 0, "\", 0, 0)
    $oBar = _GUICtrlStatusBar_Create($hGUI)

    $hImage = _GUIImageList_Create(16, 16, 5, 3)
    _ImageListCreate()
    _GUICtrlListView_SetImageList($g_hListView, $hImage, 1)
    _GUICtrlTreeView_SetNormalImageList($oTree, $hImage)


    _GUICtrlListView_InsertColumn($g_hListView, 0, "Name", (500 - 15) / 3)
    _GUICtrlListView_InsertColumn($g_hListView, 1, "Type", (500 - 15) / 3)
    _GUICtrlListView_InsertColumn($g_hListView, 2, "SymLink", (500 - 15) / 3)


    GUISetState(@SW_SHOW)


    _GUICtrlTreeView_BeginUpdate($oTree)
    _FillTree("\")
    _FillListView("\")
    _GUICtrlTreeView_EndUpdate($oTree)


    While True
        Sleep(30)
    WEnd

EndFunc   ;==>Example

Func _Exit()
    Exit
EndFunc   ;==>_Exit

Func _ImageListCreate()
    _GUIImageList_Add($hImage, _GUIImageList_AddIcon($hImage, @SystemDir & "\shell32.dll", 3)) ;Folder
    _GUIImageList_Add($hImage, _GUIImageList_AddIcon($hImage, @SystemDir & "\shell32.dll", 77)) ;!
    _GUIImageList_Add($hImage, _GUIImageList_AddIcon($hImage, @SystemDir & "\shell32.dll", 263)) ;Link
    _GUIImageList_Add($hImage, _GUIImageList_AddIcon($hImage, @SystemDir & "\shell32.dll", 47)) ;locker
    _GUIImageList_Add($hImage, _GUIImageList_AddIcon($hImage, @SystemDir & "\shell32.dll", 12)) ;Chip
    _GUIImageList_Add($hImage, _GUIImageList_AddIcon($hImage, @SystemDir & "\shell32.dll", 15)) ;Device
    _GUIImageList_Add($hImage, _GUIImageList_AddIcon($hImage, @SystemDir & "\Taskmgr.exe", 2)) ;Gear
    _GUIImageList_Add($hImage, _GUIImageList_AddIcon($hImage, @WindowsDir & "\regedit.exe", 0)) ;Registry
    _GUIImageList_AddIcon($hImage, @SystemDir & "\pifmgr.dll", 31) ;semaphore
    _GUIImageList_AddIcon($hImage, _GUIImageList_AddIcon($hImage, @SystemDir & "\shell32.dll", 69)) ;Driver
    _GUIImageList_Add($hImage, _GUIImageList_AddIcon($hImage, @SystemDir & "\shell32.dll", 34)) ;WinStation
    _GUIImageList_Add($hImage, _GUIImageList_AddIcon($hImage, @SystemDir & "\wmploc.dll", 60)) ; Key
EndFunc   ;==>_ImageListCreate


Func _KeyEvent()
    If WinActive($hGUI) Then
        If ControlGetFocus($hGUI) = "SysTreeView321" Then
            HotKeySet(@HotKeyPressed)
            Send(@HotKeyPressed)
            _TreeViewClick()
            HotKeySet(@HotKeyPressed, "_KeyEvent")
            Return
        EndIf
    EndIf
    HotKeySet(@HotKeyPressed)
    Send(@HotKeyPressed)
    HotKeySet(@HotKeyPressed, "_KeyEvent")
EndFunc   ;==>_KeyEvent


Func _TreeViewClick()
    Local $aInfo = 0

    If @HotKeyPressed Then
        If $sPath <> _GetPath(_GUICtrlTreeView_GetTree($oTree)) Then
            $sPath = _GetPath(_GUICtrlTreeView_GetTree($oTree))
            _GUICtrlStatusBar_SetText($oBar, $sPath)
            _FillListView($sPath)
        EndIf
        Return 0
    EndIf

    $aInfo = GUIGetCursorInfo()
    If $aInfo[4] = $oTree Then
        If _GUICtrlTreeView_HitTestItem($oTree, $aInfo[0], $aInfo[1]) Then
            If $sPath <> _GetPath(_GUICtrlTreeView_GetTree($hoTree)) Then
                $sPath = _GetPath(_GUICtrlTreeView_GetTree($hoTree))
                ConsoleWrite($sPath & @CRLF)
                _GUICtrlStatusBar_SetText($oBar, $sPath)
                _FillListView($sPath)
            EndIf
        EndIf
    EndIf
EndFunc   ;==>_TreeViewClick

Func _FillListView($sPath)
    Local $aObjects = 0
    $aObjects = _GetObjects($sPath)
    Local $Count = 0
    _ArraySort($aObjects)

    _ClearListView()
    If UBound($aObjects) Then
        For $i = 0 To UBound($aObjects) - 1
            If $aObjects[$i][1] <> "Directory" Then
                _GUICtrlListView_AddItem($g_hListView, $aObjects[$i][0], _IconbyType($aObjects[$i][1]))
                _GUICtrlListView_AddSubItem($g_hListView, $Count, $aObjects[$i][1], 1)
                _GUICtrlListView_AddSubItem($g_hListView, $Count, $aObjects[$i][2], 2)
                $Count += 1
            EndIf
        Next
    EndIf
EndFunc   ;==>_FillListView

Func _IconbyType($sType)
    Local $iType = 0
    Switch $sType
        Case 'Symboliclink'
            $iType = 2
        Case 'Mutant'
            $iType = 3
        Case 'Section'
            $iType = 4
        Case 'Event'
            $iType = 1
        Case 'Semaphore'
            $iType = 8
        Case 'Device'
            $iType = 5
        Case 'Session', 'Partition', 'Job', 'ALPC Port', 'Callback', 'Type', 'FilterConnectionPort'
            $iType = 6
        Case 'WindowStation'
            $iType = 10
        Case 'Driver'
            $iType = 9
        Case 'KeyedEvent'
            $iType = 11
        Case 'Key'
            $iType = 7
        Case Else
            $iType = 6

    EndSwitch

    Return $iType
EndFunc   ;==>_IconbyType


Func _ClearListView()
    _GUICtrlListView_DeleteAllItems($g_hListView)
EndFunc   ;==>_ClearListView


Func _FillTree($Wild, $hhandle = $hMainItem)
    Local $aObjects=0
    Local $ih = 0
    $Wild = StringReplace($Wild, "\\", "\")
    $aObjects = _GetObjects($Wild, "Directory")

    _ArraySort($aObjects)
    If UBound($aObjects) Then
        For $i = 0 To UBound($aObjects) - 1
            $ih = _GUICtrlTreeView_AddChild($oTree, $hhandle, $aObjects[$i][0], 0, 0)
            _FillTree($Wild & "\" & $aObjects[$i][0], $ih)
            $ih = $hhandle
        Next
    EndIf
EndFunc   ;==>_FillTree





Func _GetPath($sTreePath)
    Return StringReplace(StringReplace($sTreePath, "|", "\"), "\\", "\")
EndFunc   ;==>_GetPath




Func _GetObjects($sSource = "\", $sFilter = "")

    Local $tNameSource = _tName($sSource)
    Local $tUnicodeString = _RtlInitUnicodeString($tNameSource)
    Local $pUnicodeString = DllStructGetPtr($tUnicodeString)

    Local $tObject_Attributes = _InitializeObjectAttributes($pUnicodeString)
    Local $pObject_Attributes = DllStructGetPtr($tObject_Attributes)

    Local $hDirectory = _NtOpenDirectoryObject($pObject_Attributes, BitOR($DIRECTORY_TRAVERSE, $DIRECTORY_QUERY))
    Local $hhandle = 0
    Local $tData = 0
    Local $tName = 0
    Local $tType = 0
    Local $index = 0
    Local $bytes = 0
    Local $tBuffer = 0
    Local $aArcName[0]
    Local $taName = 0
    Local $tStr = 0
    Local $tAttr = 0
    Local $hLink = 0
    Local $taTarget = 0
    Local $tTarget = 0
    Local $tSTarget = 0
    $tBuffer = DllStructCreate("byte Data[32767]")

    Local $aRet = DllCall("Ntdll.dll", "LONG", "NtQueryDirectoryObject", "HANDLE", $hDirectory, "ptr", DllStructGetPtr($tBuffer), "ULONG", 32767, "BOOL", False, "BOOL", True, "ULONG*", 0, "ULONG*", 0)

    If @error Or $aRet[0] < 0 Then Return

    $index = $aRet[6]
    $bytes = $aRet[7]



    For $i = 0 To $index - 1
        $tData = DllStructCreate($sTagUNICODESTRING & $sTagUNICODESTRING, DllStructGetPtr($tBuffer) + ($i * 16))
        $tName = DllStructCreate("wchar wNameString[" & DllStructGetData($tData, 1) & "]", DllStructGetData($tData, 3))
        $tType = DllStructCreate("wChar wTypeString[" & DllStructGetData($tData, 4) & "]", DllStructGetData($tData, 6))
        $taName = _tName($tName.wNameString)
        $tStr = _RtlInitUnicodeString($taName)
        $tAttr = _InitializeObjectAttributes(DllStructGetPtr($tStr), 0, $hDirectory)
        $hLink = _NtOpenSymbolicLinkObject(DllStructGetPtr($tAttr), $GENERIC_READ)
        $taTarget = _tName("")
        $tTarget = _RtlInitUnicodeString($taTarget)
        $tTarget.MaximumLength = 512
        _NtQuerySymbolicLinkObject($hLink, $tTarget)
        $tSTarget = DllStructCreate("wchar wString[" & DllStructGetData($tTarget, 1) & "]", DllStructGetData($tTarget, 3))


        If $tType.wTypeString = $sFilter Or $sFilter = "" Then
            ReDim $aArcName[UBound($aArcName) + 1][3]
            $aArcName[UBound($aArcName) - 1][0] = $tName.wNameString
            $aArcName[UBound($aArcName) - 1][1] = $tType.wTypeString
            $aArcName[UBound($aArcName) - 1][2] = (IsDllStruct($tSTarget) = 1) ? $tSTarget.wString : ""
            ConsoleWrite(">" & $i + 1 & @TAB & $tName.wNameString & @TAB & $tType.wTypeString & @TAB & $aArcName[UBound($aArcName) - 1][2] & @CRLF)
        EndIf

        $tType = 0
        $tName = 0
        $tData = 0
        $tSTarget = 0
        _WinAPI_CloseHandle($hLink)
    Next



    Return $aArcName

EndFunc   ;==>_GetObjects


Func _RtlInitUnicodeString($tSourceString)
    Local $tUnicodeString = DllStructCreate($sTagUNICODESTRING)
    DllCall("Ntdll.dll", "NONE", "RtlInitUnicodeString", "struct*", $tUnicodeString, "struct*", $tSourceString)
    If @error Then SetError(@error, 0, 0)
    Return $tUnicodeString
EndFunc   ;==>_RtlInitUnicodeString

Func _tName($String)
    Local $t = DllStructCreate("wchar String[512]")
    DllStructSetData($t, 1, $String)
    Return $t
EndFunc   ;==>_tName


Func _InitializeObjectAttributes($pObjectName, $ulAttributes = 0, $hRootDirectory = Null, $pSecurityDescriptor = Null)
    Local $tObject_Attributes = DllStructCreate($sTagOBJECT_ATTRIBUTES)
    DllStructSetData($tObject_Attributes, 1, DllStructGetSize($tObject_Attributes))
    DllStructSetData($tObject_Attributes, 2, $hRootDirectory)
    DllStructSetData($tObject_Attributes, 3, $pObjectName)
    Return $tObject_Attributes
EndFunc   ;==>_InitializeObjectAttributes


Func _NtQuerySymbolicLinkObject($hLinkHandle, $tLinkTarget)
    Local $aRet = DllCall("Ntdll.dll", "LONG", "NtQuerySymbolicLinkObject", "HANDLE", $hLinkHandle, "struct*", $tLinkTarget, "ULONG*", 0)
    If @error Then SetError(@error, 0, 0)
    If $aRet[0] <> 0 Then SetError(1, 0, 0)
EndFunc   ;==>_NtQuerySymbolicLinkObject

Func _NtOpenDirectoryObject($pObjectAttr, $AccessMask)
    Local $aRet = DllCall("Ntdll.dll", "LONG", "NtOpenDirectoryObject", "HANDLE*", 0, "ULONG", $AccessMask, "PTR", $pObjectAttr)
    If @error Then SetError(@error, 0, 0)
    If $aRet[0] < 0 Or $aRet[1] = 0 Then SetError(1, 0, 0)
    Return $aRet[1]

EndFunc   ;==>_NtOpenDirectoryObject

;~ Retur hLink
Func _NtOpenSymbolicLinkObject($pObjectAttr, $AccessMask)
    Local $aRet = DllCall("Ntdll.dll", "LONG", "NtOpenSymbolicLinkObject", "HANDLE*", 0, "ULONG", $AccessMask, "PTR", $pObjectAttr)
    If @error Then Return SetError(@error, 0, 0)
    If $aRet[0] < 0 Or $aRet[1] = 0 Then Return SetError(1, 0, 0)
    Return $aRet[1]
EndFunc   ;==>_NtOpenSymbolicLinkObject

Saludos

 

 

 

 

 

:hyper: Danysys.com :ninja:

autoit_scripter_blue_userbar.png

       AutoIt...

 

UDFs: VirusTotal API 2.0 UDF - libZPlay UDF - Apps: Guitar Tab Tester - VirusTotal Hash Checker

Examples: Text-to-Speech ISpVoice Interface - Get installed applications - Enable/Disable Network connection   PrintHookProc - WINTRUST - Mute Microphone Level - Get Connected NetWorks - Create NetWork Connection ShortCut

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...