Imprimir Página - Process32next Callback

Título: Process32next Callback
Publicado por: ntaryl en 23 Septiembre 2008, 23:09 pm

Good evening

Time now try to make a callback function for process32next function
Want to hook this function and i dont know how implement the Callback to Hide a file with name "test.exe"

Código:


Public Function Process32Next_Callback(ByVal hSnapshot As Long, ByRef lppe As PROCESSENTRY32) As Long
Dim Ret_val As Long
If ippe.szExeFile = "test.exe" Then
Ret_val = Process32Next(hSnapshot, lppe)
End If
Process32Next_Callback = Ret_val
end function

But not work i cant find my mistake
thanks

P.s EON u can help me

Título: Re: Process32next Callback
Publicado por: byebye en 24 Septiembre 2008, 00:04 am

en español porfavor.

Título: Re: Process32next Callback
Publicado por: el_c0c0 en 24 Septiembre 2008, 00:29 am

this code is from API-Guide about process enumeration:

Código

Const TH32CS_SNAPHEAPLIST = &H1
Const TH32CS_SNAPPROCESS = &H2
Const TH32CS_SNAPTHREAD = &H4
Const TH32CS_SNAPMODULE = &H8
Const TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST Or TH32CS_SNAPPROCESS Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE)
Const TH32CS_INHERIT = &H80000000
Const MAX_PATH As Integer = 260
Private Type PROCESSENTRY32
    dwSize As Long
    cntUsage As Long
    th32ProcessID As Long
    th32DefaultHeapID As Long
    th32ModuleID As Long
    cntThreads As Long
    th32ParentProcessID As Long
    pcPriClassBase As Long
    dwFlags As Long
    szExeFile As String * MAX_PATH
End Type
Private Declare Function CreateToolhelp32Snapshot Lib "Kernel32" (ByVal lFlags As Long, ByVal lProcessID As Long) As Long
Private Declare Function Process32First Lib "Kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
Private Declare Function Process32Next Lib "Kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
Private Declare Sub CloseHandle Lib "Kernel32" (ByVal hPass As Long)
Private Sub Form_Load()
    'KPD-Team 2000
    'URL: http://www.allapi.net/
    'E-Mail: KPDTeam@Allapi.net
    Dim hSnapShot As Long, uProcess As PROCESSENTRY32
    'Takes a snapshot of the processes and the heaps, modules, and threads used by the processes
    hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0&)
    'set the length of our ProcessEntry-type
    uProcess.dwSize = Len(uProcess)
    'Retrieve information about the first process encountered in our system snapshot
    r = Process32First(hSnapShot, uProcess)
    'set graphics mode to persistent
    Me.AutoRedraw = True
    Do While r
        Me.Print Left$(uProcess.szExeFile, IIf(InStr(1, uProcess.szExeFile, Chr$(0)) > 0, InStr(1, uProcess.szExeFile, Chr$(0)) - 1, 0))
        'Retrieve information about the next process recorded in our system snapshot
        r = Process32Next(hSnapShot, uProcess)
    Loop
    'close our snapshot handle
    CloseHandle hSnapShot
End Sub

bye!

Título: Re: Process32next Callback
Publicado por: cobein en 24 Septiembre 2008, 00:46 am

Traduzco por que es de Grecia y no sabe español.

Esta tratando de hacer un hook a process32next pero no sabe como implementar el callback, lo que quiere hace es esconder "test.exe".

La cuestion es que no le funciona y no sabe cual es el error.

perdon por mi comentario, pero es tonto que le pidas que postee en español cuando el men es de grecia y habla ingles... Te aseguro que si supiera hablar español no postea en ingles men... ;)

Foro de elhacker.net

Programación => Programación Visual Basic => Mensaje iniciado por: ntaryl en 23 Septiembre 2008, 23:09 pm