#define ALLOC_SIZE 200HWND hWnd; // handle to desktop window DWORD dwPID; // explorer process ID (associated with desktop) HANDLE hProcess; // handle to explorer process (associated with desktop) LPVOID pData; // pointer to LVITEM struct in explorer address space LPVOID pString; // pointer to icon text in explorer address space char szText[ALLOC_SIZE]; // char array of icon text in application address space char* pszMessageBox; // string to display SIZE_T BytesRead; // for ReadProcessMemory SIZE_T BytesWritten; // for WriteProcessMemory BOOL fResult; // for ReadProcessMemory/WriteProcessMemory LVITEM lvi; // LVITEM struct int i; // counter for enumeration int nItemCount; // icon item count
((hWnd = FindWindowEx(hWnd, NULL, "SysListView32", NULL)) == NULL)) { MessageBox("Could not get desktop window."); goto Exit; } // get item count on desktop nItemCount = ::SendMessage(hWnd, LVM_GETITEMCOUNT, (WPARAM)0, (LPARAM)0); // allocate memory for output string pszMessageBox = (char*) malloc(ALLOC_SIZE * nItemCount); sprintf(pszMessageBox, "%d items:\n\n", nItemCount); // get desktop window process ID (explorer.exe) GetWindowThreadProcessId(hWnd, &dwPID); // open process to get explorer process handle hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPID);
pData = VirtualAllocEx(hProcess, NULL, ALLOC_SIZE, MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE); // allocate space for string (i.e. "Network Neighborhood") pString = VirtualAllocEx(hProcess, NULL, ALLOC_SIZE, MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE); // init LV_ITEM struct ZeroMemory(&lvi, sizeof(LVITEM)); lvi.iItem = 0; lvi.iSubItem = 0; lvi.cchTextMax = 500; lvi.pszText = (char*)pString; // use alloc'd string space // write the contents of lvi into explorer's address space fResult = WriteProcessMemory(hProcess, pData, &lvi, sizeof(LVITEM), &BytesWritten); // enum all icons for(i = 0; i < nItemCount; i++) { // get item's name ::SendMessage(hWnd, LVM_GETITEMTEXT, (WPARAM)i, (LPARAM)pData);
to zheng017(风中王子): 用ReadProcessMemory怎么什么都读不出来呢(返回值1)?
CreateFileMapping 可以做到,
不过这两个程序都要是你自己写的(或者另一个程序也用CreateFileMapping,而且你知道他的数据结构)
DWORD dwPID; // explorer process ID (associated with desktop)
HANDLE hProcess; // handle to explorer process (associated with desktop)
LPVOID pData; // pointer to LVITEM struct in explorer address space
LPVOID pString; // pointer to icon text in explorer address space
char szText[ALLOC_SIZE]; // char array of icon text in application address space
char* pszMessageBox; // string to display
SIZE_T BytesRead; // for ReadProcessMemory
SIZE_T BytesWritten; // for WriteProcessMemory
BOOL fResult; // for ReadProcessMemory/WriteProcessMemory
LVITEM lvi; // LVITEM struct
int i; // counter for enumeration
int nItemCount; // icon item count
{
MessageBox("Could not get desktop window.");
goto Exit;
} // get item count on desktop
nItemCount = ::SendMessage(hWnd, LVM_GETITEMCOUNT, (WPARAM)0, (LPARAM)0); // allocate memory for output string
pszMessageBox = (char*) malloc(ALLOC_SIZE * nItemCount);
sprintf(pszMessageBox, "%d items:\n\n", nItemCount); // get desktop window process ID (explorer.exe)
GetWindowThreadProcessId(hWnd, &dwPID); // open process to get explorer process handle
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPID);
// allocate space for string (i.e. "Network Neighborhood")
pString = VirtualAllocEx(hProcess, NULL, ALLOC_SIZE, MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE); // init LV_ITEM struct
ZeroMemory(&lvi, sizeof(LVITEM));
lvi.iItem = 0;
lvi.iSubItem = 0;
lvi.cchTextMax = 500;
lvi.pszText = (char*)pString; // use alloc'd string space // write the contents of lvi into explorer's address space
fResult = WriteProcessMemory(hProcess, pData, &lvi, sizeof(LVITEM), &BytesWritten); // enum all icons
for(i = 0; i < nItemCount; i++)
{
// get item's name
::SendMessage(hWnd, LVM_GETITEMTEXT, (WPARAM)i, (LPARAM)pData);
用ReadProcessMemory怎么什么都读不出来呢(返回值1)?