elhacker.net cabecera Bienvenido(a), Visitante. Por favor Ingresar o Registrarse
¿Perdiste tu email de activación?.

 

 


Tema destacado: Como proteger una cartera - billetera de Bitcoin


+  Foro de elhacker.net
|-+  Programación
| |-+  Programación General
| | |-+  .NET (C#, VB.NET, ASP)
| | | |-+  Programación Visual Basic (Moderadores: LeandroA, seba123neo)
| | | | |-+  Uso de API's ReadProcessMemory y WriteProcessMemory
0 Usuarios y 1 Visitante están viendo este tema.
Páginas: 1 2 [3] Ir Abajo Respuesta Imprimir
Autor Tema: Uso de API's ReadProcessMemory y WriteProcessMemory  (Leído 14,524 veces)
krackwar


Desconectado Desconectado

Mensajes: 900


Ver Perfil
Re: Uso de API's ReadProcessMemory y WriteProcessMemory
« Respuesta #20 en: 7 Mayo 2008, 01:55 am »

Vi un código similar y lo estoy intentando adaptar para lo que me interesa.
Los codigos no se adaptan se programan (o si no eres lammer)


En línea

Mi blog
Bienvenido krackwar, actualmente tu puntuación es de 38 puntos y tu rango es Veteran.
El pollo número 1, es decir yo, (krackwar), adoro a Shaddy como a un dios.
LeandroA
Moderador
***
Desconectado Desconectado

Mensajes: 760


www.leandroascierto.com


Ver Perfil WWW
Re: Uso de API's ReadProcessMemory y WriteProcessMemory
« Respuesta #21 en: 7 Mayo 2008, 03:36 am »

hola Seba123neo utilizando sendmensage a secas si va a dar error, encambio con estas dos apis no da error pero el problema es que produce un incremento en el uso de la memoria del la aplicacion que porta el listview. (esto con algunos msg no todos)

ya que esta dejo aca el que havia puesto en canalvisualbasic.net

1 Saver cuantos items hay
2 Saver cual esta selecionado
3 Selecionar un items
4 ver el texto del items o del subitems

el modulo
Código:
Option Explicit

Private Type LVITEM
    mask As Long
    iItem As Long
    iSubitem As Long
    state As Long
    stateMask As Long
    pszText As Long
    cchTextMax As Long
    iImage As Long
    lParam As Long
    iIndent As Long
End Type

Private Declare Function SendMessage Lib "user32" Alias "SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, lParam As Any) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, ByVal lpAddress As Long, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long
Private Declare Function VirtualFreeEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal dwFreeType As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long

Private Const LVIF_IMAGE = &H2
Private Const LVIF_TEXT = &H1
Private Const LVM_FIRST As Long = &H1000
Private Const LVM_GETITEM As Long = (LVM_FIRST + 5)
Private Const LVM_GETITEMCOUNT = (LVM_FIRST + 4)
Private Const LVM_GETITEMSTATE = (LVM_FIRST + 44)
Private Const LVIS_SELECTED = &H2
Private Const LVM_SETITEMSTATE = (LVM_FIRST + 43)
Private Const LVIF_STATE = &H8&

Private Const PAGE_READWRITE = &H4&
Private Const MEM_RESERVE = &H2000
Private Const MEM_COMMIT = &H1000
Private Const MEM_RELEASE = &H8000
Private Const PROCESS_VM_OPERATION = &H8
Private Const PROCESS_VM_READ = &H10
Private Const PROCESS_VM_WRITE = &H20

Private hWndlvw As Long

Function ListViewGetText(ByVal hwnd As Long, ByVal iSubitem As Integer, ByVal iItem As Integer) As String
    Dim lngProcID As Long, lngProcHandle As Long
    Dim typLvItem As LVITEM, strLvItem As String
    Dim lngVarPtr1 As Long, lngVarPtr2 As Long
    Dim lngMemVar1 As Long, lngMemVar2 As Long
    Dim lngMemLen1 As Long, lngMemLen2 As Long
    Call GetWindowThreadProcessId(hwnd, lngProcID)
    If lngProcID <> 0 Then
        lngProcHandle = OpenProcess(PROCESS_VM_OPERATION Or PROCESS_VM_READ Or PROCESS_VM_WRITE, False, lngProcID)
        If lngProcHandle <> 0 Then
            strLvItem = String(255, vbNullChar)
            lngVarPtr1 = StrPtr(strLvItem)
            lngVarPtr2 = VarPtr(typLvItem)
            lngMemLen1 = LenB(strLvItem)
            lngMemLen2 = LenB(typLvItem)
            lngMemVar1 = VirtualAllocEx(lngProcHandle, 0, lngMemLen1, MEM_RESERVE Or MEM_COMMIT, PAGE_READWRITE)
            lngMemVar2 = VirtualAllocEx(lngProcHandle, 0, lngMemLen2, MEM_RESERVE Or MEM_COMMIT, PAGE_READWRITE)
            With typLvItem
                .cchTextMax = 255
                .iItem = iItem
                .iSubitem = iSubitem
                .mask = LVIF_TEXT
                .pszText = lngMemVar1
            End With
            Call WriteProcessMemory(lngProcHandle, ByVal lngMemVar1, ByVal lngVarPtr1, lngMemLen1, 0)
            Call WriteProcessMemory(lngProcHandle, ByVal lngMemVar2, ByVal lngVarPtr2, lngMemLen2, 0)
            Call SendMessage(hwnd, LVM_GETITEM, ByVal 0, ByVal lngMemVar2)
            Call ReadProcessMemory(lngProcHandle, ByVal lngMemVar1, ByVal lngVarPtr1, lngMemLen1, 0)
            strLvItem = StrConv(strLvItem, vbUnicode)
            strLvItem = Left(strLvItem, InStr(1, strLvItem, vbNullChar) - 1)
            ListViewGetText = strLvItem
            Call VirtualFreeEx(lngProcHandle, ByVal lngMemVar1, lngMemLen1, MEM_RELEASE)
            Call VirtualFreeEx(lngProcHandle, ByVal lngMemVar2, lngMemLen2, MEM_RELEASE)
            Call CloseHandle(lngProcHandle)
        End If
    End If
End Function



Private Function EnumWindowsProc(ByVal hwnd As Long, ByVal lParam As Long) As Long
    hWndlvw = FindWindowEx(hwnd, 0&, "ListView20WndClass", "")
    EnumWindowsProc = (hWndlvw = 0) 'Stop when we find first listview
End Function


' This demonstration example finds first child window with class "ListView20WndClass"
' which may not be what you want. Use your own method to find the real hWnd that you want
Public Function FindListView() As Long
    EnumWindows AddressOf EnumWindowsProc, 0&
    FindListView = hWndlvw
End Function


Public Function SelectedItem(ByVal hwnd As Long, ItemPos As Long)
    Dim lProcID As Long
    Dim hProc As Long
    Dim lxprocLVITEM As Long
    Dim LV_ITEM As LVITEM
   
   
    GetWindowThreadProcessId hwnd, lProcID ' Get the process ID in which the ListView is running
    If lProcID <> 0 Then
        hProc = OpenProcess(PROCESS_VM_OPERATION Or PROCESS_VM_READ Or PROCESS_VM_WRITE, False, lProcID) ' makwe sure we have read write permissions in the process space
        If hProc <> 0 Then
            lxprocLVITEM = VirtualAllocEx(hProc, 0, LenB(LV_ITEM), MEM_RESERVE Or MEM_COMMIT, PAGE_READWRITE) ' Grab enough memory in the other procedure's space to hold our LV_ITEM
           
            ' Set up our local LV_ITEM to change the selected item
            LV_ITEM.mask = LVIF_STATE
            LV_ITEM.state = True
            LV_ITEM.stateMask = LVIS_SELECTED
           
            ' Copy the local LV_ITEM into the space we reserved in the foreign process
            WriteProcessMemory hProc, ByVal lxprocLVITEM, ByVal VarPtr(LV_ITEM), LenB(LV_ITEM), 0
           
            ' Now send the message, but pass the address of the copy of our LV_ITEM that now exists in the foreign process instead of our local versiony
           
            SendMessage hwnd, LVM_SETITEMSTATE, ItemPos, ByVal lxprocLVITEM
           
            ' Clean up
            VirtualFreeEx hProc, ByVal lxprocLVITEM, LenB(LV_ITEM), MEM_RELEASE
            CloseHandle hProc
        End If
    End If
End Function



Function GetListViewCount(ByVal hwnd As Long) As Long
'this simply get number of items
GetListViewCount = SendMessage(hwnd, LVM_GETITEMCOUNT, 0, ByVal 0)
End Function
Function GetItemSelected(hwnd As Long) As Long
Dim i As Long, Index As Long
For i = 1 To GetListViewCount(hwnd)
Index = SendMessage(hwnd, LVM_GETITEMSTATE, i - 1, ByVal LVIS_SELECTED)
If Index > 0 Then
GetItemSelected = i
Exit For
End If
Next
End Function


y en un formulario con un listview y 4 botones
Código:
Dim Handle As Long
Dim Index As Long
Private Sub Command1_Click()
Index = InputBox("Selectiona el index")
    SelectedItem Handle, Index
End Sub

Private Sub Command2_Click()
Index = InputBox("Selectiona el index del cual quieres ver")
MsgBox ListViewGetText(Handle, 0, Index)
End Sub

Private Sub Command3_Click()
MsgBox "el listview tiene " & GetListViewCount(Handle) & " Items"
End Sub

Private Sub Command4_Click()
MsgBox "El item selecionado es el " & GetItemSelected(Handle)
End Sub

Private Sub Form_Load()
    ListView1.View = lvwList
    ListView1.HideSelection = False
    ListView1.ListItems.Add , , "hola"
    ListView1.ListItems.Add , , "Mansana"
    ListView1.ListItems.Add , , "Sapallo"
    ListView1.ListItems.Add , , "terotero"
    Handle = ListView1.hwnd
End Sub


para sacar los iconos del listview tenes que hacer un sendmesage con la constante getimagelist , y despues usar lo podes usar con imagelistdraw (disculpa que escriva bien las apis es que estoy en laburo :})

Saludos


En línea

seba123neo
Moderador
***
Desconectado Desconectado

Mensajes: 3.621



Ver Perfil WWW
Re: Uso de API's ReadProcessMemory y WriteProcessMemory
« Respuesta #22 en: 7 Mayo 2008, 04:35 am »

si esta muy bueno ese ejemplo,pero como decis se incrementa el 8 kb cada vez que consultas o a veces mas  :-(

saludos.
En línea

Páginas: 1 2 [3] Ir Arriba Respuesta Imprimir 

Ir a:  

Mensajes similares
Asunto Iniciado por Respuestas Vistas Último mensaje
Pregunta readprocessmemory
Programación Visual Basic
Cromatico 4 3,672 Último mensaje 5 Enero 2011, 21:34 pm
por Cromatico
Read/WriteProcessMemory Windows 7 Vb.Net
Hacking
Keyen Night 0 2,680 Último mensaje 21 Febrero 2011, 20:38 pm
por Keyen Night
ReadProcessMemory en Windows 7
.NET (C#, VB.NET, ASP)
Keyen Night 1 3,246 Último mensaje 28 Febrero 2011, 06:00 am
por BlackZeroX
mMemory - WriteProcessMemory/vbaCopyBytes/RtlMoveMemory replacement [NOAPI!!!] « 1 2 3 4 5 »
Programación Visual Basic
Karcrack 46 23,780 Último mensaje 10 Octubre 2012, 04:57 am
por BlackZeroX
Duda WriteProcessMemory
Programación Visual Basic
TheJucas21 2 3,143 Último mensaje 21 Noviembre 2017, 03:41 am
por TheJucas21
WAP2 - Aviso Legal - Powered by SMF 1.1.21 | SMF © 2006-2008, Simple Machines