/** * Gets the list of modules that belong to this process. * * @see <a href= * "https://msdn.microsoft.com/en-us/library/ms682631(v=vs.85).aspx"> * MSDN webpage#EnumProcessModules function</a> * * @return The list of modules that belong to this process */ public List<Module> getModules() { try { final List<HMODULE> pointers = PsapiUtil.enumProcessModules(getHandle()); final List<Module> modules = new LinkedList<>(); for (final HMODULE hModule : pointers) { modules.add(new Module(getHandle(), hModule)); } return modules; } catch (final Exception e) { return null; } }
public static BufferedImage getIcon(final String path, final int num, final int width, final int height) throws FileNotFoundException { final HMODULE hinst = org.appwork.jna.winapi.kernel32.Kernel.I.LoadLibraryExA(path, null, org.appwork.jna.winapi.kernel32.Kernel.LOAD_LIBRARY_AS_DATAFILE); // Kernel32.INSTANCE.e // final HMODULE hinst = // final int err = Kernel32.INSTANCE.GetLastError(); if (hinst == null) { throw new FileNotFoundException(path + " could not be loaded"); } final HANDLE hicon = com.sun.jna.platform.win32.User32.INSTANCE.LoadImage(hinst, "IDR_MAINFRAME", 1, width, height, 0); if (hicon == null) { throw new FileNotFoundException(path + ": No icon #" + num); } return getImageByHICON(width, height, hicon); }
public static void clipboardMonitor() { WString windowClass = new WString("MyWindowClass"); HMODULE hInst = Kernel32.INSTANCE.GetModuleHandle(""); WNDCLASSEX wClass = new WNDCLASSEX(); wClass.hInstance = hInst; WindowProc wProc = new WindowProc(); wClass.lpfnWndProc = wProc; wClass.lpszClassName = windowClass; // register window class User32.INSTANCE.RegisterClassEx(wClass); getLastError(); // create new window HWND hWnd = User32.INSTANCE.CreateWindowEx(User32.WS_EX_TOPMOST, windowClass, "My hidden helper window, used only to catch the windows events", 0, 0, 0, 0, 0, null, null, hInst, null); getLastError(); // set clipboard viewer HWND nextViewer = User32X.INSTANCE.SetClipboardViewer(hWnd); wProc.setNextViewer(nextViewer); // pump messages MSG msg = new MSG(); while (User32.INSTANCE.GetMessage(msg, hWnd, 0, 0) != 0) { User32.INSTANCE.TranslateMessage(msg); User32.INSTANCE.DispatchMessage(msg); } // wait for input try { System.in.read(); } catch (IOException e) { e.printStackTrace(); } // destroy window User32.INSTANCE.UnregisterClass(windowClass, hInst); User32.INSTANCE.DestroyWindow(hWnd); System.exit(0); }
/** * Retrieves a list of handles for each module in the specified process, * that meets the filter criteria specified by the list flag. * * @see <a href= * "https://msdn.microsoft.com/en-us/library/ms682631(v=vs.85).aspx"> * MSDN webpage#EnumProcessModules function</a> * @param hProcess * A handle to the process. * @param listFlag * Specifies the modules to list. Possible values are the * following. * <ul> * <li> * {@link de.zabuza.memeaterbug.winapi.jna.Psapi#LIST_MODULES_32BIT * LIST_MODULES_32BIT}</li> * <li> * {@link de.zabuza.memeaterbug.winapi.jna.Psapi#LIST_MODULES_64BIT * LIST_MODULES_64BIT}</li> * <li> * {@link de.zabuza.memeaterbug.winapi.jna.Psapi#LIST_MODULES_ALL * LIST_MODULES_ALL} or <tt>null</tt></li> * <li> * {@link de.zabuza.memeaterbug.winapi.jna.Psapi#LIST_MODULES_DEFAULT * LIST_MODULES_DEFAULT}</li> * </ul> * @return A list of handles for each module in the specified process, that * meets the filter criteria specified by the list flag. * @throws Win32Exception * If the operation was not successful */ public static List<HMODULE> enumProcessModulesEx(final HANDLE hProcess, final Integer listFlag) throws Win32Exception { final int moduleSize = MemSize.getSizeOfModule(hProcess); final List<HMODULE> list = new LinkedList<>(); final HMODULE[] lphModule = new HMODULE[MODULE_BUFFER_AMOUNT * moduleSize]; final IntByReference lpcbNeededs = new IntByReference(); if (listFlag == null) { if (!Psapi.INSTANCE.EnumProcessModules(hProcess, lphModule, lphModule.length, lpcbNeededs)) { throw new Win32Exception(Native.getLastError()); } } else { if (!Psapi.INSTANCE.EnumProcessModulesEx(hProcess, lphModule, lphModule.length, lpcbNeededs, listFlag.intValue())) { throw new Win32Exception(Native.getLastError()); } } for (int i = 0; i < lpcbNeededs.getValue() / moduleSize; i++) { list.add(lphModule[i]); } return list; }
public void initKeyHook() { thread = new Thread(new Runnable() { @Override public void run() { final User32 lib = User32.INSTANCE; HMODULE hMod = Kernel32.INSTANCE.GetModuleHandle(null); keyboardHook = new LowLevelKeyboardProc() { public LRESULT callback(int nCode, WPARAM wParam, KBDLLHOOKSTRUCT info) { if (nCode >= 0) { switch (wParam.intValue()) { // case WinUser.WM_KEYUP: case WinUser.WM_KEYDOWN: // case WinUser.WM_SYSKEYUP: case WinUser.WM_SYSKEYDOWN: // do active userActive(); } } return lib.CallNextHookEx(hhk, nCode, wParam, info.getPointer()); } }; hhk = lib.SetWindowsHookEx(WinUser.WH_KEYBOARD_LL, keyboardHook, hMod, 0); // This bit never returns from GetMessage int result; MSG msg = new MSG(); while ((result = lib.GetMessage(msg, null, 0, 0)) != 0) { if (result == -1) { System.err.println("error in get message"); break; } else { System.err.println("got message"); lib.TranslateMessage(msg); lib.DispatchMessage(msg); } } lib.UnhookWindowsHookEx(hhk); } }); thread.start(); }
/** * Creates a new module that is able to read information from the module of * the given process, by the given module handle. * * @see <a href= * "https://msdn.microsoft.com/en-us/library/ms684868(v=vs.85).aspx"> * MSDN webpage#Process Handles and Identifiers</a> * @see <a href= * "https://msdn.microsoft.com/en-us/library/aa383751(v=vs.85).aspx"> * MSDN webpage#Windows Data Types</a> * @see <a href= * "https://msdn.microsoft.com/en-us/library/ms684229(v=vs.85).aspx"> * MSDN webpage#MODULEINFO structure</a> * * @param hProcess * Handle to the process of this module * @param hModule * Handle of the module to create around */ public Module(final HANDLE hProcess, final HMODULE hModule) { this.mHProcess = hProcess; this.mHModule = hModule; this.mLpBaseOfDll = null; this.mEntryPoint = null; this.mSizeOfImage = 0; }
/** * Retrieves information about the specified module in the * {@link LPMODULEINFO} structure. * * @see <a href= * "https://msdn.microsoft.com/en-us/library/ms683201(v=vs.85).aspx"> * MSDN webpage#GetModuleInformation function</a> * @param hProcess * A handle to the process that contains the module.<br/> * <br/> * The handle must have the * {@link de.zabuza.memeaterbug.winapi.Process#PROCESS_QUERY_INFORMATION * PROCESS_QUERY_INFORMATION} and * {@link de.zabuza.memeaterbug.winapi.Process#PROCESS_VM_READ * PROCESS_VM_READ} access rights. * @param hModule * A handle to the module. * @return Information about the specified module as {@link LPMODULEINFO} * structure. * @throws Win32Exception * If the operation was not successful */ public static LPMODULEINFO getModuleInformation(final HANDLE hProcess, final HMODULE hModule) throws Win32Exception { final LPMODULEINFO lpmodinfo = new LPMODULEINFO(); if (!Psapi.INSTANCE.GetModuleInformation(hProcess, hModule, lpmodinfo, lpmodinfo.size())) { throw new Win32Exception(Native.getLastError()); } return lpmodinfo; }
/** * Gets a handle to this module. * * @see <a href= * "https://msdn.microsoft.com/en-us/library/aa383751(v=vs.85).aspx"> * MSDN webpage#Windows Data Types</a> * * @return A handle to this module */ public HMODULE getHModule() { return this.mHModule; }
/** * Retrieves a handle for each module in the specified process. * * @see <a href= * "https://msdn.microsoft.com/en-us/library/ms682631(v=vs.85).aspx"> * MSDN webpage#EnumProcessModules function</a> * * @param hProcess * A handle to the process. * @param lphModule * An array that receives the list of module handles. * @param cb * The size of the lphModule array, in bytes. * @param lpcbNeededs * The number of bytes required to store all module handles in * the lphModule array. * @return If the function succeeds, the return value is nonzero.<br/> * <br/> * If the function fails, the return value is zero. To get extended * error information, call {@link Native#getLastError()}. */ public boolean EnumProcessModules(final HANDLE hProcess, final HMODULE[] lphModule, final int cb, final IntByReference lpcbNeededs);
/** * Retrieves a handle for each module in the specified process that meets * the specified filter criteria. * * @see <a href= * "https://msdn.microsoft.com/en-us/library/ms682633(v=vs.85).aspx"> * MSDN webpage#EnumProcessModulesEx function</a> * * @param hProcess * A handle to the process. * @param lphModule * An array that receives the list of module handles. * @param cb * The size of the lphModule array, in bytes. * @param lpcbNeededs * The number of bytes required to store all module handles in * the lphModule array. * @param dwFilterFlag * The filter criteria. This parameter can be one of the * following values. * <ul> * <li>{@link #LIST_MODULES_32BIT}</li> * <li>{@link #LIST_MODULES_64BIT}</li> * <li>{@link #LIST_MODULES_ALL}</li> * <li>{@link #LIST_MODULES_DEFAULT}</li> * </ul> * @return If the function succeeds, the return value is nonzero.<br/> * <br/> * If the function fails, the return value is zero. To get extended * error information, call {@link Native#getLastError()}. */ public boolean EnumProcessModulesEx(final HANDLE hProcess, final HMODULE[] lphModule, final int cb, final IntByReference lpcbNeededs, final int dwFilterFlag);
/** * Retrieves information about the specified module in the * {@link LPMODULEINFO} structure. * * @see <a href= * "https://msdn.microsoft.com/en-us/library/ms683201(v=vs.85).aspx"> * MSDN webpage#GetModuleInformation function</a> * * @param hProcess * A handle to the process that contains the module.<br/> * <br/> * The handle must have the * {@link de.zabuza.memeaterbug.winapi.Process#PROCESS_QUERY_INFORMATION * PROCESS_QUERY_INFORMATION} and * {@link de.zabuza.memeaterbug.winapi.Process#PROCESS_VM_READ * PROCESS_VM_READ} access rights. * @param hModule * A handle to the module. * @param lpmodinfo * A pointer to the {@link LPMODULEINFO} structure that receives * information about the module. * @param cb * The size of the {@link LPMODULEINFO} structure, in bytes. * @return If the function succeeds, the return value is nonzero.<br/> * <br/> * If the function fails, the return value is zero. To get extended * error information, call {@link Native#getLastError()}. */ public boolean GetModuleInformation(final HANDLE hProcess, final HMODULE hModule, final LPMODULEINFO lpmodinfo, final int cb);
/** * Retrieves a list of handles for each module in the specified process. * * @see <a href= * "https://msdn.microsoft.com/en-us/library/ms682631(v=vs.85).aspx"> * MSDN webpage#EnumProcessModules function</a> * @param hProcess * A handle to the process. * @return A list of handles for each module in the specified process * @throws Win32Exception * If the operation was not successful */ public static List<HMODULE> enumProcessModules(final HANDLE hProcess) throws Win32Exception { return enumProcessModulesEx(hProcess, null); }
/** * Retrieves a list of handles for each 32-bit module in the specified * process. * * @see <a href= * "https://msdn.microsoft.com/en-us/library/ms682633(v=vs.85).aspx"> * MSDN webpage#EnumProcessModulesEx function</a> * @param hProcess * A handle to the process. * @return A list of handles for each 32-bit module in the specified process * @throws Win32Exception * If the operation was not successful */ public static List<HMODULE> enumProcessModulesEx32(final HANDLE hProcess) throws Win32Exception { return enumProcessModulesEx(hProcess, Integer.valueOf(Psapi.LIST_MODULES_32BIT)); }
/** * Retrieves a list of handles for each 64-bit module in the specified * process. * * @see <a href= * "https://msdn.microsoft.com/en-us/library/ms682633(v=vs.85).aspx"> * MSDN webpage#EnumProcessModulesEx function</a> * @param hProcess * A handle to the process. * @return A list of handles for each 64-bit module in the specified process * @throws Win32Exception * If the operation was not successful */ public static List<HMODULE> enumProcessModulesEx64(final HANDLE hProcess) throws Win32Exception { return enumProcessModulesEx(hProcess, Integer.valueOf(Psapi.LIST_MODULES_64BIT)); }
/** * http://msdn.microsoft.com/en-us/library/ms648037(v=VS.85).aspx * * @param lib * @param resType * @param enumResourceNamesCallback * @param data */ public void EnumResourceNamesA(HMODULE lib, String resType, EnumResourceNamesCallback enumResourceNamesCallback, long data);
/** * http://msdn.microsoft.com/en-us/library/ms648042(v=vs.85).aspx<br> * * @return * */ public HRSRC FindResourceA(HMODULE lib, Pointer name, String type);
/** * http://msdn.microsoft.com/en-us/library/ms683152%28v=VS.85%29.aspx * * @param lib * @return */ public boolean FreeLibrary(HMODULE lib);
/** * http://msdn.microsoft.com/en-us/library/ms648046(v=VS.85).aspx * * @param module * @param resourceHandle * @return */ public HGLOBAL LoadResource(HMODULE module, HRSRC resourceHandle);
/** Return whether to continue enumeration. */ boolean callback(HMODULE module, Pointer type, int name, Pointer data);
public HMODULE LoadLibraryExA(String path, Object fileHandle, int flags);
public boolean EnumResourceNames(HMODULE hModule, String lpszType, ENUMRESNAMEPROC lpEnumFunc, Pointer lParam);
public boolean callback(HMODULE hModule, String lpszType, String lpszName, Pointer lParam);
