-
-
[原创]修复spy4win无法取ListView内容的BUG(新修复更新)
-
发表于:
2016-5-29 18:28
7383
-
[原创]修复spy4win无法取ListView内容的BUG(新修复更新)
由于老帖已被关闭,现在只好开新帖发布。
前几个月发现上个修复版本的spy4win在32位系统下对ListView取内容时会取不到,甚至导致宿主进程崩溃,20140514之前的修复版本不会出现这个问题,原因是之前的ProcessIs64Process函数逻辑有问题,没有兼顾到32位系统,现在修复下。
之前的ProcessIs64Process
BOOL ProcessIs64Process(HANDLE hProcess)
{
BOOL bRet=FALSE;
if (hProcess)
{
static BOOL (WINAPI* _IsWow64Process)(__in HANDLE hProcess,__out PBOOL Wow64Process)=
(BOOL (__stdcall *)(HANDLE,PBOOL))GetProcAddress(GetModuleHandle(_T("kernel32.dll")),"IsWow64Process");
BOOL bIsWow64;
if (_IsWow64Process && _IsWow64Process(hProcess,&bIsWow64) && bIsWow64==FALSE)//64位进程
{
bRet=TRUE;
}
}
return bRet;
}
现在用Is64BitProcess
BOOL Is64BitOS()
{
BOOL bRet = FALSE;
VOID (WINAPI* _GetNativeSystemInfo)(OUT LPSYSTEM_INFO lpSystemInfo)= (void (__stdcall *)(LPSYSTEM_INFO))GetProcAddress(GetModuleHandle(_T("kernel32.dll")), "GetNativeSystemInfo");
if (!_GetNativeSystemInfo)
{
return bRet;
}
SYSTEM_INFO si;
_GetNativeSystemInfo(&si);
if (si.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_AMD64 || si.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_IA64)
{
bRet = TRUE;
}
return bRet;
};
BOOL Is64BitProcess(HANDLE hProcess)
{
BOOL bRet = FALSE;
if (hProcess)
{
if (Is64BitOS())
{
static BOOL (WINAPI * _IsWow64Process)(IN HANDLE hProcess,
OUT PBOOL Wow64Process) = (BOOL(__stdcall *)(HANDLE, PBOOL))GetProcAddress(GetModuleHandle(_T("kernel32.dll")), "IsWow64Process");
BOOL bX86ProcessRunAt64BitOS;
if (_IsWow64Process && _IsWow64Process(hProcess, &bX86ProcessRunAt64BitOS) && bX86ProcessRunAt64BitOS == FALSE)
{
bRet = TRUE;
}
}
}
return bRet;
}
完整程序在附件中。
[课程]Android-CTF解题方法汇总!
