-
-
[原创]第2阶段第2题
-
发表于: 2007-9-2 11:10 6159
-
简单说明:
一: 不采用驱动的方式.
(1)windows消息
========================================
方法1:
说明:给窗口发送WM_CLOSE消息
原因:让winproc发现收到了WM_CLOSE自动退出
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SendMessage(hwnd, WM_CLOSE, 0, 0);
}
--------------------------
方法2:
说明:给窗口消息循环队列发送WM_CLOSE消息
原因:让winproc处理收到了WM_CLOSE自动退出
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
PostMessage(hwnd, WM_CLOSE, 0, 0);
}
---------------------------
方法3:
说明:给窗口消息循环队列发送WM_QUIT消息
原因:让GetMessage返回false,退出消息循环
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
PostMessage(hwnd, WM_QUIT, 0, 0);
}
---------------------------
方法4:
说明:给主线程消息循环发送WM_QUIT消息
原因:让线程级别的 GetMessage返回false, 退出消息循环
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
DWORD dwTid = GetWindowThreadProcessId(hwnd, NULL);
PostThreadMessage(dwTid, WM_QUIT, 0, 0);
}
---------------------------
方法5:
说明:给窗口发送WM_SYSCOMMAND的SC_CLOSE消息
原因:windows菜单选择关闭
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SendMessage(hwnd, WM_SYSCOMMAND, SC_CLOSE, 0);
}
---------------------------
方法6:
说明:给窗口发送WM_COMMAND的IDOK消息
原因:mfc的dialog默认是响应这个消息
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SendMessage(hwnd, WM_COMMAND, IDOK, 0);
}
---------------------------
方法7:
说明:给窗口发送WM_COMMAND的IDCANCEL消息
原因:mfc的dialog默认是响应这个消息
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SendMessage(hwnd, WM_COMMAND, IDCANCEL, 0);
}
(2)模拟按键
========================================
方法8:
说明:模拟发送esc
原因:模拟用户过程,esc为mfc默认响应消息
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SetForegroundWindow(hwnd);
keybd_event(VK_ESCAPE, 0, 0, 0);
}
---------------------------
方法9:
说明:模拟发送alt+f4
原因:模拟用户过程
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SetForegroundWindow(hwnd);
keybd_event(VK_MENU, 0, 0, 0);
keybd_event(VK_F4, 0, 0, 0);
}
---------------------------
方法10:
说明:模拟按鼠标右键, 选择关闭
原因:模拟用户过程
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SetForegroundWindow(hwnd);
RECT rect1, rect2;
GetWindowRect(hwnd, &rect1);
GetClientRect(hwnd, &rect2);
SetCursorPos(rect1.left + (rect1.right - rect1.left) /2 ,
rect1.top + (rect1.bottom-rect1.top - rect2.bottom) /2 );
mouse_event(MOUSEEVENTF_ABSOLUTE | MOUSEEVENTF_RIGHTDOWN, 0, 0, 0, 0);
mouse_event(MOUSEEVENTF_ABSOLUTE | MOUSEEVENTF_RIGHTUP, 0, 0, 0, 0);
keybd_event(0x43, 0, 0, 0);
}
(3)线程
========================================
方法11:
说明:关闭所有线程.
原因:所有线程关闭, 自然进程退出
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
DWORD dwPid;
GetWindowThreadProcessId(hwnd, &dwPid);
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0);
THREADENTRY32 te = {sizeof(THREADENTRY32)};
if (Thread32First(hSnap, &te))
{
do
{
if (te.th32OwnerProcessID == dwPid)
{
HANDLE hThread = OpenThread(THREAD_ALL_ACCESS, FALSE, te.th32ThreadID);
TerminateThread(hThread, 0);
}
}while(Thread32Next(hSnap, &te));
}
}
一: 不采用驱动的方式.
(1)windows消息
========================================
方法1:
说明:给窗口发送WM_CLOSE消息
原因:让winproc发现收到了WM_CLOSE自动退出
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SendMessage(hwnd, WM_CLOSE, 0, 0);
}
--------------------------
方法2:
说明:给窗口消息循环队列发送WM_CLOSE消息
原因:让winproc处理收到了WM_CLOSE自动退出
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
PostMessage(hwnd, WM_CLOSE, 0, 0);
}
---------------------------
方法3:
说明:给窗口消息循环队列发送WM_QUIT消息
原因:让GetMessage返回false,退出消息循环
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
PostMessage(hwnd, WM_QUIT, 0, 0);
}
---------------------------
方法4:
说明:给主线程消息循环发送WM_QUIT消息
原因:让线程级别的 GetMessage返回false, 退出消息循环
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
DWORD dwTid = GetWindowThreadProcessId(hwnd, NULL);
PostThreadMessage(dwTid, WM_QUIT, 0, 0);
}
---------------------------
方法5:
说明:给窗口发送WM_SYSCOMMAND的SC_CLOSE消息
原因:windows菜单选择关闭
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SendMessage(hwnd, WM_SYSCOMMAND, SC_CLOSE, 0);
}
---------------------------
方法6:
说明:给窗口发送WM_COMMAND的IDOK消息
原因:mfc的dialog默认是响应这个消息
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SendMessage(hwnd, WM_COMMAND, IDOK, 0);
}
---------------------------
方法7:
说明:给窗口发送WM_COMMAND的IDCANCEL消息
原因:mfc的dialog默认是响应这个消息
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SendMessage(hwnd, WM_COMMAND, IDCANCEL, 0);
}
(2)模拟按键
========================================
方法8:
说明:模拟发送esc
原因:模拟用户过程,esc为mfc默认响应消息
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SetForegroundWindow(hwnd);
keybd_event(VK_ESCAPE, 0, 0, 0);
}
---------------------------
方法9:
说明:模拟发送alt+f4
原因:模拟用户过程
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SetForegroundWindow(hwnd);
keybd_event(VK_MENU, 0, 0, 0);
keybd_event(VK_F4, 0, 0, 0);
}
---------------------------
方法10:
说明:模拟按鼠标右键, 选择关闭
原因:模拟用户过程
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
SetForegroundWindow(hwnd);
RECT rect1, rect2;
GetWindowRect(hwnd, &rect1);
GetClientRect(hwnd, &rect2);
SetCursorPos(rect1.left + (rect1.right - rect1.left) /2 ,
rect1.top + (rect1.bottom-rect1.top - rect2.bottom) /2 );
mouse_event(MOUSEEVENTF_ABSOLUTE | MOUSEEVENTF_RIGHTDOWN, 0, 0, 0, 0);
mouse_event(MOUSEEVENTF_ABSOLUTE | MOUSEEVENTF_RIGHTUP, 0, 0, 0, 0);
keybd_event(0x43, 0, 0, 0);
}
(3)线程
========================================
方法11:
说明:关闭所有线程.
原因:所有线程关闭, 自然进程退出
代码:
HWND hwnd = FindWindow(NULL, "CrackMeApp");
if (NULL != hwnd)
{
DWORD dwPid;
GetWindowThreadProcessId(hwnd, &dwPid);
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0);
THREADENTRY32 te = {sizeof(THREADENTRY32)};
if (Thread32First(hSnap, &te))
{
do
{
if (te.th32OwnerProcessID == dwPid)
{
HANDLE hThread = OpenThread(THREAD_ALL_ACCESS, FALSE, te.th32ThreadID);
TerminateThread(hThread, 0);
}
}while(Thread32Next(hSnap, &te));
}
}
赞赏
他的文章
- [原创]第二阶段第一题提交 2872
- [原创]第一阶段第四题提交 3649
- [原创]第一阶段第三题提交 3281
- [原创]第一阶段第二题提交 3930
- [原创]第一阶段第一题提交 2965
看原图
赞赏
雪币:
留言: