Sign in to follow this  
Followers 0
Sardith

Window Handle's

2 posts in this topic

The C++ code for getting the handle works. It's getting a processes sub window handle.

Spy++

FindWindow("Valve001",NULL);

When I try WinGetHandle("Valve001"), it' doesn't recieve a handle, for some reason. I've never delt with a processes sub processes or window. Im not really sure what to call it. I've used Spy++ to verify that the window exist, and that it's a "sub process within a larger process" HL2.exe -> Valve001

If any one could help me that would be great.

;Injector GUI Jeff
;Shynd couldn't have done it without your help; And the injector code base.
;Thanks to everyone at the AutoIt Forums
;http://www.autoitscript.com/forum/

#include <GUIConstants.au3>

;Name
GUICreate("Injector", 200, 75, -1, -1, -1)

;Min/Max/Close
GUISetOnEvent($GUI_EVENT_CLOSE, "SpecialEvents")
GUISetOnEvent($GUI_EVENT_MINIMIZE, "SpecialEvents")
GUISetOnEvent($GUI_EVENT_RESTORE, "SpecialEvents")

;State when ran 
GUISetState(@SW_SHOW)

;Options
Opt("GUICoordMode",1)
Opt("GUIResizeMode", 1)
Opt("GUIOnEventMode", 1)

;Buttons & Labels; with funcations
GUICtrlCreateButton("Inject", 35, 45, 80, 20)
GUICtrlSetOnEvent(-1, "Inject")

Func Inject()
$dllpath = "c:\NewHack.dll";Path of .dll
$hWnd = WinGetHandle("Valve001");Get Handle Name
        Sleep(100)
        _InjectDll($hWnd, $dllpath);Funcation
        $err = @error
        Sleep(100)
If $err < 0 Then
    GUICtrlCreateLabel("", 30,  25, 177 , 13)
    GUICtrlCreateLabel("Injection Failed  " &  $err , 30,  25, 177 , 13)
Else
    GUICtrlCreateLabel("", 30,  25, 177 , 13)
    GUICtrlCreateLabel("Injection complete", 30,  25, 177 , 13)
EndIf
EndFunc

;Min/Max/Close Funcations
Func SpecialEvents()
  
    Select
        Case @GUI_CTRLID = $GUI_EVENT_CLOSE
            
            Exit
           
        Case @GUI_CTRLID = $GUI_EVENT_MINIMIZE
            
        Case @GUI_CTRLID = $GUI_EVENT_RESTORE
               
    EndSelect
    
EndFunc

While 1
    Sleep(10)
    WEnd

;----
Func _InjectDll($hWnd, $dllpath)
    ;make sure the user passed valid parameters
    If $hWnd <= 0 Then
        SetError(-1)
        Return False
    ElseIf StringLen($dllpath) <= 4 Or StringRight($dllpath, 4) <> ".dll" Then
        SetError(-2)
        Return False
    EndIf
    
    Local $pid, $pHandle, $pLibRemote, $modHandle, $LoadLibraryA, $hThread
    
    ;open dll that we'll be using
    Local $kernel32 = DllOpen("kernel32.dll")
    
    ;get the pid from the window provided
    $pid = DllCall("user32.dll", "int", "GetWindowThreadProcessId", "hwnd", $hWnd, "int_ptr", 0)
    If IsArray($pid) Then
        $pid = $pid[2]
    Else
        SetError(-3)
        Return False
    EndIf
    
    ;open the process for writing
    $pHandle = DllCall($kernel32, "int", "OpenProcess", "int", 0x1F0FFF, "int", 0, "int", $pid)
    If IsArray($pHandle) And $pHandle[0] > 0 Then
        $pHandle = $pHandle[0]
    Else
        SetError(-4)
        Return False
    EndIf
    
    $pLibRemote = DllCall($kernel32, "int", "VirtualAllocEx", "int", $pHandle, "short", 0, "int", 0x1000, "int", 0x1000, "int", 4)
    If IsArray($pLibRemote) Then
        If $pLibRemote[0] > 0 Then
            ;debug
            ConsoleWrite("0x" & Hex($pLibRemote[0], 8) & @CR)
            $pLibRemote = $pLibRemote[0]
        Else
            SetError(-5)
            Return False
        EndIf
    Else
        SetError(-6)
        Return False
    EndIf
    
    For $i = 0 To StringLen($dllpath)
        $ret = DllCall("kernel32.dll", "int", "WriteProcessMemory", "int", $pHandle, "int", $pLibRemote + $i, "int_ptr", Asc(StringMid($dllpath, $i + 1, 1)), "int", 1, "int", 0)
        If IsArray($ret) Then
            If $ret[0] = 0 Then
                SetError(-7)
                Return False
            EndIf
        Else
            SetError(-8)
            Return False
        EndIf
    Next
    
    $modHandle = DllCall($kernel32, "long", "GetModuleHandle", "str", "kernel32.dll")
    If IsArray($modHandle) Then
        If $modHandle[0] > 0 Then
            $modHandle = $modHandle[0]
        Else
            SetError(-9)
            Return False
        EndIf
    Else
        SetError(-10)
        Return False
    EndIf
    
    $LoadLibraryA = DllCall($kernel32, "long", "GetProcAddress", "long", $modHandle, "str", "LoadLibraryA")
    If IsArray($LoadLibraryA) Then
        If $LoadLibraryA[0] > 0 Then
            $LoadLibraryA = $LoadLibraryA[0]
        Else
            SetError(-11)
            Return False
        EndIf
    Else
        SetError (-12)
        Return False
    EndIf
    
    $hThread = DllCall($kernel32, "int", "CreateRemoteThread", "int", $pHandle, "int", 0, "int", 0, "long", $LoadLibraryA, "long", $pLibRemote, "int", 0, "int", 0)
    If IsArray($hThread) Then
        ConsoleWrite($hThread[0] & @CR)
        If $hThread[0] > 0 Then
            $hThread = $hThread[0]
        Else
            SetError(-13)
            Return False
        EndIf
    Else
        SetError(-14)
        Return False
    EndIf
    
    DllCall($kernel32, "int", "VirtualFreeEx", "int", $pHandle, "int", $pLibRemote, "int", 0x1000, "int", 0x8000)
    DllCall($kernel32, "int", "CloseHandle", "int", $hThread)
    DllCall($kernel32, "int", "CloseHandle", "int", $pHandle)
    
    DllClose($kernel32)
    
    Return True
EndFunc

[font="Verdana"]Valik:Get it straight - I'm not here to say please, I'm here to help - if my help's not appreciated then lotsa luck, gentlemen.[/font]

Share this post


Link to post
Share on other sites



Updated things, and I hope it's more clear.


[font="Verdana"]Valik:Get it straight - I'm not here to say please, I'm here to help - if my help's not appreciated then lotsa luck, gentlemen.[/font]

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0