mirror of
https://github.com/Artikash/Textractor.git
synced 2024-12-24 01:14:12 +08:00
starting commit
This commit is contained in:
parent
9914ab9985
commit
ef049233a1
4336
vnr/ntdll/ntdll.h
Normal file
4336
vnr/ntdll/ntdll.h
Normal file
File diff suppressed because it is too large
Load Diff
10
vnr/ntdll/ntdll.pri
Normal file
10
vnr/ntdll/ntdll.pri
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
# ntdll.pri
|
||||||
|
# 4/9/2012 jichi
|
||||||
|
|
||||||
|
DEFINES += WITH_LIB_NTDLL
|
||||||
|
|
||||||
|
DEPENDPATH += $$PWD
|
||||||
|
|
||||||
|
HEADERS += $$PWD/ntdll.h
|
||||||
|
|
||||||
|
# EOF
|
100
vnr/ntinspect/ntinspect.cc
Normal file
100
vnr/ntinspect/ntinspect.cc
Normal file
@ -0,0 +1,100 @@
|
|||||||
|
// ntinspect.cc
|
||||||
|
// 4/20/2014 jichi
|
||||||
|
#include "ntdll/ntdll.h"
|
||||||
|
#include "ntinspect/ntinspect.h"
|
||||||
|
|
||||||
|
//#ifdef _MSC_VER
|
||||||
|
//# pragma warning(disable:4018) // C4018: signed/unsigned mismatch
|
||||||
|
//#endif // _MSC_VER
|
||||||
|
|
||||||
|
namespace { // unnamed
|
||||||
|
// Replacement of wcscpy_s which is not available on Windows XP's msvcrt
|
||||||
|
// http://sakuradite.com/topic/247
|
||||||
|
errno_t wcscpy_safe(wchar_t *buffer, size_t bufferSize, const wchar_t *source)
|
||||||
|
{
|
||||||
|
size_t len = min(bufferSize - 1, wcslen(source));
|
||||||
|
buffer[len] = 0;
|
||||||
|
if (len)
|
||||||
|
memcpy(buffer, source, len * 2);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
} // unnamed namespace
|
||||||
|
|
||||||
|
NTINSPECT_BEGIN_NAMESPACE
|
||||||
|
|
||||||
|
BOOL getCurrentProcessName(LPWSTR buffer, int bufferSize)
|
||||||
|
{
|
||||||
|
//assert(name);
|
||||||
|
PLDR_DATA_TABLE_ENTRY it;
|
||||||
|
__asm
|
||||||
|
{
|
||||||
|
mov eax,fs:[0x30]
|
||||||
|
mov eax,[eax+0xc]
|
||||||
|
mov eax,[eax+0xc]
|
||||||
|
mov it,eax
|
||||||
|
}
|
||||||
|
// jichi 6/4/2014: _s functions are not supported on Windows XP's msvcrt.dll
|
||||||
|
//return 0 == wcscpy_s(buffer, bufferSize, it->BaseDllName.Buffer);
|
||||||
|
return 0 == wcscpy_safe(buffer, bufferSize, it->BaseDllName.Buffer);
|
||||||
|
}
|
||||||
|
|
||||||
|
BOOL getModuleMemoryRange(LPCWSTR moduleName, DWORD *lowerBound, DWORD *upperBound)
|
||||||
|
{
|
||||||
|
//assert(lower);
|
||||||
|
//assert(upper);
|
||||||
|
PLDR_DATA_TABLE_ENTRY it;
|
||||||
|
LIST_ENTRY *begin;
|
||||||
|
__asm
|
||||||
|
{
|
||||||
|
mov eax,fs:[0x30]
|
||||||
|
mov eax,[eax+0xc]
|
||||||
|
mov eax,[eax+0xc]
|
||||||
|
mov it,eax
|
||||||
|
mov begin,eax
|
||||||
|
}
|
||||||
|
|
||||||
|
while (it->SizeOfImage) {
|
||||||
|
if (_wcsicmp(it->BaseDllName.Buffer, moduleName) == 0) {
|
||||||
|
DWORD lower = (DWORD)it->DllBase;
|
||||||
|
if (lowerBound)
|
||||||
|
*lowerBound = lower;
|
||||||
|
|
||||||
|
if (upperBound) {
|
||||||
|
DWORD upper = lower;
|
||||||
|
MEMORY_BASIC_INFORMATION mbi = {};
|
||||||
|
DWORD size = 0;
|
||||||
|
do {
|
||||||
|
DWORD len;
|
||||||
|
// Nt function is needed instead of VirtualQuery, which only works for the current process
|
||||||
|
::NtQueryVirtualMemory(NtCurrentProcess(), (LPVOID)upper, MemoryBasicInformation, &mbi, sizeof(mbi), &len);
|
||||||
|
if (mbi.Protect & PAGE_NOACCESS) {
|
||||||
|
it->SizeOfImage = size;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
size += mbi.RegionSize;
|
||||||
|
upper += mbi.RegionSize;
|
||||||
|
} while (size < it->SizeOfImage);
|
||||||
|
|
||||||
|
*upperBound = upper;
|
||||||
|
}
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
it = (PLDR_DATA_TABLE_ENTRY)it->InLoadOrderModuleList.Flink;
|
||||||
|
if (it->InLoadOrderModuleList.Flink == begin)
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
BOOL getCurrentMemoryRange(DWORD *lowerBound, DWORD *upperBound)
|
||||||
|
{
|
||||||
|
WCHAR procName[MAX_PATH]; // cached
|
||||||
|
*lowerBound = 0;
|
||||||
|
*upperBound = 0;
|
||||||
|
return getCurrentProcessName(procName, MAX_PATH)
|
||||||
|
&& getModuleMemoryRange(procName, lowerBound, upperBound);
|
||||||
|
}
|
||||||
|
|
||||||
|
NTINSPECT_END_NAMESPACE
|
||||||
|
|
||||||
|
// EOF
|
31
vnr/ntinspect/ntinspect.h
Normal file
31
vnr/ntinspect/ntinspect.h
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
#pragma once
|
||||||
|
|
||||||
|
// ntinspect.h
|
||||||
|
// 4/20/2014 jichi
|
||||||
|
|
||||||
|
#include <windows.h>
|
||||||
|
|
||||||
|
#ifndef NTINSPECT_BEGIN_NAMESPACE
|
||||||
|
# define NTINSPECT_BEGIN_NAMESPACE namespace NtInspect {
|
||||||
|
#endif
|
||||||
|
#ifndef NTINSPECT_END_NAMESPACE
|
||||||
|
# define NTINSPECT_END_NAMESPACE } // NtInspect
|
||||||
|
#endif
|
||||||
|
|
||||||
|
NTINSPECT_BEGIN_NAMESPACE
|
||||||
|
|
||||||
|
/// Get current module name in fs:0x30
|
||||||
|
BOOL getCurrentProcessName(_Out_ LPWSTR buffer, _In_ int bufferSize);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the memory range of the module if succeed
|
||||||
|
* See: ITH FillRange
|
||||||
|
*/
|
||||||
|
BOOL getModuleMemoryRange(_In_ LPCWSTR moduleName, _Out_ DWORD *lowerBound, _Out_ DWORD *upperBound);
|
||||||
|
|
||||||
|
/// Get memory of the current process
|
||||||
|
BOOL getCurrentMemoryRange(_Out_ DWORD *lowerBound, _Out_ DWORD *upperBound);
|
||||||
|
|
||||||
|
NTINSPECT_END_NAMESPACE
|
||||||
|
|
||||||
|
// EOF
|
16
vnr/ntinspect/ntinspect.pri
Normal file
16
vnr/ntinspect/ntinspect.pri
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
# ntinspect.pri
|
||||||
|
# 4/20/2014 jichi
|
||||||
|
win32 {
|
||||||
|
|
||||||
|
DEFINES += WITH_LIB_NTINSPECT
|
||||||
|
|
||||||
|
DEPENDPATH += $$PWD
|
||||||
|
|
||||||
|
HEADERS += $$PWD/ntinspect.h
|
||||||
|
SOURCES += $$PWD/ntinspect.cc
|
||||||
|
|
||||||
|
LIBS += -L$$WDK7_HOME/lib/wxp/i386 -lntdll
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
# EOF
|
46
vnr/winmaker/winmaker.cc
Normal file
46
vnr/winmaker/winmaker.cc
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
// winmaker.cc
|
||||||
|
// 2/1/2013 jichi
|
||||||
|
|
||||||
|
#include "winmaker/winmaker.h"
|
||||||
|
#include <windows.h>
|
||||||
|
//#include <commctrl.h>
|
||||||
|
|
||||||
|
#ifdef _MSC_VER
|
||||||
|
# pragma warning (disable:4800) // C4800: forcing value to bool
|
||||||
|
#endif // _MSC_VER
|
||||||
|
|
||||||
|
// See: http://www.codeguru.com/cpp/w-p/dll/tips/article.php/c3635/Tip-Detecting-a-HMODULEHINSTANCE-Handle-Within-the-Module-Youre-Running-In.htm
|
||||||
|
extern "C" IMAGE_DOS_HEADER __ImageBase;
|
||||||
|
namespace { // unnamed
|
||||||
|
inline HMODULE _get_module() { return reinterpret_cast<HMODULE>(&__ImageBase); }
|
||||||
|
} // unnamed
|
||||||
|
|
||||||
|
bool wm_register_hidden_class(LPCWSTR className)
|
||||||
|
{
|
||||||
|
WNDCLASSEX wx = {};
|
||||||
|
wx.cbSize = sizeof(wx);
|
||||||
|
wx.lpfnWndProc = ::DefWindowProc;
|
||||||
|
wx.hInstance = ::GetModuleHandle(nullptr);
|
||||||
|
wx.lpszClassName = className;
|
||||||
|
return ::RegisterClassEx(&wx);
|
||||||
|
}
|
||||||
|
|
||||||
|
wm_window_t wm_create_hidden_window(LPCWSTR windowName, LPCWSTR className, wm_module_t dllHandle)
|
||||||
|
{
|
||||||
|
//return ::CreateWindowExA(0, className, windowName, 0, 0, 0, 0, 0, HWND_MESSAGE, nullptr, dllHandle, nullptr);
|
||||||
|
HINSTANCE module = reinterpret_cast<HINSTANCE>(dllHandle);
|
||||||
|
if (!module)
|
||||||
|
module = _get_module();
|
||||||
|
return ::CreateWindowEx(0, className, windowName, 0, 0, 0, 0, 0, 0, NULL, module, NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
bool wm_destroy_window(wm_window_t hwnd)
|
||||||
|
{ return ::DestroyWindow(reinterpret_cast<HWND>(hwnd)); }
|
||||||
|
|
||||||
|
|
||||||
|
// EOF
|
||||||
|
//
|
||||||
|
//void wm_init() { ::InitCommonControls(); }
|
||||||
|
//void wm_destroy() {}
|
||||||
|
//bool wm_destroy_window() { return ::DestroyWindow(hwnd); }
|
||||||
|
|
23
vnr/winmaker/winmaker.h
Normal file
23
vnr/winmaker/winmaker.h
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
#pragma once
|
||||||
|
|
||||||
|
// winmaker.h
|
||||||
|
// 2/1/2013 jichi
|
||||||
|
|
||||||
|
#include <windows.h>
|
||||||
|
typedef void *wm_window_t; // HWMD
|
||||||
|
typedef void *wm_module_t; // HMODULE
|
||||||
|
|
||||||
|
bool wm_register_hidden_class(LPCWSTR className = L"hidden_class");
|
||||||
|
|
||||||
|
wm_window_t wm_create_hidden_window(
|
||||||
|
LPCWSTR windowName = L"hidden_window",
|
||||||
|
LPCWSTR className = L"Button", // bust be one of the common control widgets
|
||||||
|
wm_module_t dllHandle = nullptr);
|
||||||
|
|
||||||
|
bool wm_destroy_window(wm_window_t hwnd);
|
||||||
|
|
||||||
|
// EOF
|
||||||
|
|
||||||
|
//#ifdef QT_CORE_LIB
|
||||||
|
//#include <QtGui/qwindowdefs.h>
|
||||||
|
//WId wm_create_hidden_window(const char *className = "Button", const char *windowName = "hidden_window");
|
15
vnr/winmaker/winmaker.pri
Normal file
15
vnr/winmaker/winmaker.pri
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
# wintimer.pri
|
||||||
|
# 7/20/2011 jichi
|
||||||
|
win32 {
|
||||||
|
|
||||||
|
DEFINES += WITH_LIB_WINMAKER
|
||||||
|
|
||||||
|
#LIBS += -lkernel32 -luser32
|
||||||
|
|
||||||
|
DEPENDPATH += $$PWD
|
||||||
|
|
||||||
|
HEADERS += $$PWD/winmaker.h
|
||||||
|
SOURCES += $$PWD/winmaker.cc
|
||||||
|
}
|
||||||
|
|
||||||
|
# EOF
|
Loading…
x
Reference in New Issue
Block a user