-
-
[求助]通过PID 或 TID得到其主窗口句柄的问题!!!
-
发表于:
2009-12-14 12:33
6137
-
[求助]通过PID 或 TID得到其主窗口句柄的问题!!!
目前,我已得到任一进程的 PID 和 TID 和下面的信息 (我用 NtQuerySystemInformation )
_SYSTEM_PROCESSES = record // Information Class 5
NextEntryDelta: ULONG;
ThreadCount: ULONG;
Reserved1: array[0..5] of ULONG;
CreateTime: LARGE_INTEGER;
UserTime: LARGE_INTEGER;
KernelTime: LARGE_INTEGER;
ProcessName: UNICODE_STRING;
BasePriority: KPRIORITY;
ProcessId: ULONG;
InheritedFromProcessId: ULONG;
HandleCount: ULONG;
// next two were Reserved2: array [0..1] of ULONG; thanks to Nico Bendlin
SessionId: ULONG;
Reserved2: ULONG;
VmCounters: VM_COUNTERS;
PrivatePageCount: ULONG;
IoCounters: IO_COUNTERSEX; // Windows 2000 only
Threads: array[0..0] of SYSTEM_THREADS;
end;
现在想找出相关的主窗口,发现, 无论是用“EnumWindows”或“EnumThreadWindows ”都很难找出相关的主窗口:
如:取当前窗口的主窗口或取当前窗口的窗口风格来识别都不行(因为有很多的“tooltips_class32”和“IME”和“MSCTFIME UI”,用“IsWindowEnabled”、GetParent、GetWindow(WinHWND, GW_OWNER)、IsWindowEnabled、就是再比较 PID、TID 也没用).....
不知大家有无好的方法或好的“比较出主窗口的方法”?
[课程]Android-CTF解题方法汇总!