简单说明:
一: 不采用驱动的方式.
(1)windows消息
========================================
方法1:
说明:给窗口发送WM_CLOSE消息
原因:让winproc发现收到了WM_CLOSE自动退出
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SendMessage(hwnd, WM_CLOSE, 0, 0);
}
--------------------------
方法2:
说明:给窗口消息循环队列发送WM_CLOSE消息
原因:让winproc处理收到了WM_CLOSE自动退出
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
PostMessage(hwnd, WM_CLOSE, 0, 0);
}
---------------------------
方法3:
说明:给窗口消息循环队列发送WM_QUIT消息
原因:让GetMessage返回false,退出消息循环
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
PostMessage(hwnd, WM_QUIT, 0, 0);
}
---------------------------
方法4:
说明:给主线程消息循环发送WM_QUIT消息
原因:让线程级别的 GetMessage返回false, 退出消息循环
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
DWORD dwTid = GetWindowThreadProcessId(hwnd, NULL);
PostThreadMessage(dwTid, WM_QUIT, 0, 0);
}
---------------------------
方法5:
说明:给窗口发送WM_SYSCOMMAND的SC_CLOSE消息
原因:windows菜单选择关闭
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SendMessage(hwnd, WM_SYSCOMMAND, SC_CLOSE, 0);
}
---------------------------
方法6:
说明:给窗口发送WM_COMMAND的IDOK消息
原因:mfc的dialog默认是响应这个消息
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SendMessage(hwnd, WM_COMMAND, IDOK, 0);
}
---------------------------
方法7:
说明:给窗口发送WM_COMMAND的IDCANCEL消息
原因:mfc的dialog默认是响应这个消息
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SendMessage(hwnd, WM_COMMAND, IDCANCEL, 0);
}
(2)模拟按键
========================================
方法8:
说明:模拟发送esc
原因:模拟用户过程,esc为mfc默认响应消息
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SetForegroundWindow(hwnd);
keybd_event(VK_ESCAPE, 0, 0, 0);
}
---------------------------
方法9:
说明:模拟发送alt+f4
原因:模拟用户过程
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SetForegroundWindow(hwnd);
keybd_event(VK_MENU, 0, 0, 0);
keybd_event(VK_F4, 0, 0, 0);
}
---------------------------
方法10:
说明:模拟按鼠标右键, 选择关闭
原因:模拟用户过程
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SetForegroundWindow(hwnd);
RECT rect1, rect2;
GetWindowRect(hwnd, &rect1);
GetClientRect(hwnd, &rect2);
SetCursorPos(rect1.left + (rect1.right - rect1.left) /2 ,
rect1.top + (rect1.bottom-rect1.top - rect2.bottom) /2 );
mouse_event(MOUSEEVENTF_ABSOLUTE | MOUSEEVENTF_RIGHTDOWN, 0, 0, 0, 0);
mouse_event(MOUSEEVENTF_ABSOLUTE | MOUSEEVENTF_RIGHTUP, 0, 0, 0, 0);
keybd_event(0x43, 0, 0, 0);
}
(3)线程
========================================
方法11:
说明:关闭所有线程.
原因:所有线程关闭, 自然进程退出
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
DWORD dwPid;
GetWindowThreadProcessId(hwnd, &dwPid);
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0);
THREADENTRY32 te = {sizeof(THREADENTRY32)};
if (Thread32First(hSnap, &te))
{
do
{
if (te.th32OwnerProcessID == dwPid)
{
HANDLE hThread = OpenThread(THREAD_ALL_ACCESS, FALSE, te.th32ThreadID);
TerminateThread(hThread, 0);
}
}while(Thread32Next(hSnap, &te));
}
}
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
