Everybody should know, the SendMessage method of Win32API can cross a process to use. . .
- can be in [the message is sent to arrive in process A] [the body of a certain window of process B] . . .
And [sentence handle] designation window body is undertaken handling by WndProc and DefWndProc window process after receiving an information. . .
- fall in this kind of circumstance, [Receive window form] how should judge. Message. Be by the system other still course is sent those who come over? ? ?
Of course, the other course that I indicate also includes oneself. . .
Excuse me everybody, can this kind of requirement come true? ? ? How should come true? ? ?
^o^ here, hope this [topic] can have a perfect end. . . We are the message that sends to oneself can define special MsgID oneself.
Receiver basis ID can judge a thing that should do.
As to if want to make clear judgement to give dispatcher, do not know how to be judged.
(have this necessary? )It is to have this necessary. At least I need now. . .
To foregone, we are to be able to be used from definition message to solve. . .
But sealed process to us [applied process] send a message, I should know who is [dispatcher] . How should judge? ? ?
- I feel the message of Windows is worth should can mark a handle of message dispatcher, but search,will search to do not have a result. . .
- _- ! ! ! Besides, this covers MS [message mechanism] so won't pure. . .
Have a power of receiver only, be in as to the provenance of the message? Can be you checked without card? ? ? VeryAppreciate the support of LS. . . UP. This topic is more abstruse. . . . SupportUPOneself add information inside the message, enclose content, also can enhance security. I also had asked this question, had not found the solution at present, in attentionYou also understand message mechanism. Gibberish did not say more.
Message from be
Letter source - systematic message alignment - Hook- believes constellation
Of this process. After letter source is sent, exit this process, this is PostMessage. The message is macroscopical alignment changes operation method, line Cheng attempers is microcosmic alignment changes operation method.
Because alignment turns an operation. When letter constellation handles an information, letter cause is probable already nonexistent. It is ProcessID or ThreadID no matter likely nonexistent. HWND did not think more. Because besides window body, do not have the program of window body, the service can send a message. So backdate message is unworkable assure not easily also correct. Cannot accomplish the information that who finds to send so. Ha, the side supports. . . . . . . . Above all! Appreciate your attention. . .
TO:wUyazhe. . .
Be said by you, wanting implementation is impossible at all. . .
But a tool has seen inadvertently before me, it is OK the message that every window body sends monitoring (specific name forgot) . . .
Is it how to come true then? ? ? Spy ?
Are you to want to achieve that result? That should differ with your jumping-off place. You are not to know what the other side is. Sheet is gone to from the message time push, that estimation is to push do not go back. But if be Spy . I do not know how to be made. But if be me. The modification that I can try I think use SetWindowLong is installed a function handles an information here, next what also does not do call his message processing technique before again, such I know body of a certain window received what information. I had seen only can other window body receives monitoring the tool of the message. Had not seen can surveillant the other side is sent. What does the software that you say call? SPY I know this tool. . .
But I say is not SPY , time is too long, be unable to call to mind, I also try to look for that software. . .
- _- ! ! !
The message is a course target window form is sent after alignment is changed. So backdate letter source is impossible at all. . .
Generally speaking, the data in same process can save the memory space of process place pioneer go up. . .
We but with, change a point of view, where is the memory address of the WParam that judges every Message structure and LParam? ? ?
The message is a course target window form is sent after alignment is changed. So backdate letter source is impossible at all. . . ? ?
WIN32WINDOWSMESSAGE never the idea that alignment turns, inside either process, can use SendMessage or PostMessage to message of specific window deliver, never also have in WINDOWS message send square concept! ! ! ! !
But a tool has seen inadvertently before me, it is OK the message that every window body sends monitoring (specific name forgot) . . .
Is it how to come true then? ? ?
This tool is SPY , intercept wants in Windows a message is a likelihood, can come true with overall situation or local Hook,
But although Hook also can the content of intercept message, cannot obtain likewise send square
Say well and truly, this problem does not have solution
You are extortionary get ox horn, recommend you to study a kind of method, WIN32APIhook, all surveillant calling cross SendMessage, the process of PostMessageUpstairs support those who say
You should want to do really
Make a global hook surveillance call the progress of SendMessagePostMessage
Can knowLearnI had done global Hook, can all information that monitoring window body receives. . .
-------------------------------------------------
All surveillant calling cross SendMessage, the process of PostMessage? ? ?
This does not understand your have the nerve. . .
I had done global Hook, can all information that monitoring window body receives. . .
-------------------------------------------------
All surveillant calling cross SendMessage, the process of PostMessage? ? ?
This does not understand your have the nerve. . .
--------------------
It is link up with these two API, transfer these two function when aleatoric process so when,
With respect to the code that can implement you first.
Next you can do corresponding processing. Tick off a process to compare good understanding. . .
Tick off API to had not been done. Can you give an example? ? ? Intercept API has a lot of kinds of methods
The simplest is IAT
Spoken parts in an opera is, load to define function oneself first, assume its address is 0XFF01
Find API to express medium address in the address, it is 0XEE01 suppose
So the 0XEE01 in expressing the address changes 0XFF01, so when other program tones of Chinese characters uses this API, enter came inside definition function oneself
Of course, this each defines function to want to complete two works:
1: of large bamboo hat of Gan of Bei of goblet of Lv of neon agreement drought changes dirty PI
2: Tiny fragments of stone of fall from the sky? Chinese catalpa suddenly changes to address of PI of of of Gao large bamboo hat go back
Look for IAT to be able to be gotten with ImageDirectoryEntryToData, bit more convenient
Just registered today, dish bird receives cent (what also won't can such)TO:KKND2006. . .
The method that you say, be equivalent to window body subclass changing, want to do to change original function address into oneself. . .
After processing is over, give again is original API continues to become an operation? ? ? The principle is same, no more than is acting means
The means of intercept API special, IAT is among them a kind
Intercept API has go into particulars in WINDOWS core process designing, saw a tutorial understandGood. Thank. . .
Then I want to ask, [Must IAT] beard want infuse or found long-range line Cheng? ? ?
Because before be, those are done with these two kinds of means, the individual feels bad. Often be killed poisonous software considers as virus. . .
Exceed depressed. . . Learn each ace
Theoretic to SendMessage be to be able to search cause course
Want to answer the ID that GetCurrentThreadID uses to obtain line Cheng in function in the message only, next enumerate is all process, it is OK to find the process that has this line Cheng.
PostMessage did not have method to trace to the source
For me a kind of method, clear masters grant instruction:
All process list saves 1. search system;
2. joins Hook in past above process, and distinguish the Hook of each processes, it is Hook[n]; suppose
The Message that the Hook of each 3. processes sends to this process place detects and collect, next the process redound result to us
4. we are OK the Id of the Hook that the basis reports, will divide is the message that which process sends and what kind of message! Thank two offerred clue. . .
Above all the means that I provide to Oldforest, put in a few doubt. . .
What you say [answer function] be to show the window handles process WndProc and DefWndProc? ? ?
If carry out GetCurrentThreadID here, also can get the line Cheng ID that founds current window only just. Can you find letter source? ?
^o^ asks afterwards to break give advice or comments. . .
To the method of Zzultc, seem not quite feasible. . .
The first: Carbon of of firewood by Ook original not quite actual. . .
The 2nd: Retreat languid by Ook, also can gather the information that it receives only, how does that detect the Message that it gives out? ? ?
I do not understand your meaning. . . TO:oLdforest. . .
It is to give SendMessage to hang Gou Zi hind, take-over in oneself is GetCurrentThreadID called in function? ? ? HOOK API, so you can have to take-over for certain function
This take-overs function, when be called, it is to be in cause course for certain
Should need to call GetCurrentThreadID inside this function only, can knowing is which process
Next again PID the makes a bag send you program of what, did not know
Nevertheless this also is theoretic only east, when be being done actually, be afraid the question is great, difficult and great oh ~~~~~~~
U, ah^o^ thank. . . Want to answer the ID that GetCurrentThreadID uses to obtain line Cheng in function in the message only, next enumerate is all process, it is OK to find the process that has this line Cheng.
This won'ts do. SendMessage can do synchronism, what carry out actually still is the masterstroke Cheng of this window. Groovy APIhook method
One, come true hard
2, stabilize hard
3, the system is used up too big
4, the software that reduce toxin not quite welcome
Of every API in Windows system call, bale finally service request, threw drive, the system is safeguarding a piece of descriptor to express (SSDT) , this piece of souvenir records the entrance of major service, enter the mouth through replacing these, you are OK major API operates hook, register a watch to read for instance, write, the major software that reduce toxin also sets toll-gate here, block Basiji for instance register watch monitoring,
(of course I am unsure the service of SendMessage, PostMessage also amid) , perhaps this is optimal method
If be merely,discuss to discuss, this topic can hereto, because final you may not find the solution! !
If be to be a project to discuss for the job, the proposal plans afresh train of thought, find a solution additionally^o^ does not want to attend a meeting the friend that has so much is helped enthusiasticly. . .
The decision adds cent. . .
Downstair continuity. . . TO:lOnglijun. . .
To your proposal, I also agree, nevertheless, still put a bit hope to be able to find the solution only. . .
Is of ^o^C/C you? ? ? Xi Xi. . .
Thank. . . Write drive to try, ha
Even if keep drive, also should give a dot train of thought. . .
UP. . . . . . UPFeel CSDN is less and less now the person talks. . .
Did tall person hide? ? ?
- _- ! ! ! MarkWhat with a ha breath out.LS is very interesting. . .
Stick mine child all top rose. . .
Thank. . . Some problems need to cost energy to solve very much really
And ace people not certain just right has so much energy
Him or thinks way, or continues to support. . . . . The top goes to some / some ace has time energy help you. . . . . . UP. . . A attacks. . . Thank! Plain brother. . . Mark^o^You look for ReactOS code to look, a lot of code come true inside drive layer, e.g. the WM_CREATEWM_PAINT that the window founds
It is window management implement inside of implementation.
Thank. . .
Mark, feel this problem is full interestingAlready so much day. Still fail to solve. . .
Look want checkout today. . .
- _- ! ! ! Although was not solved! Do not pass or want to thank everybody. . .
^o^
skip to main |
skip to sidebar
22
跟踪者
博客归档
-
▼
2009
(91)
-
▼
一月
(91)
- In C# inside GroupBox1 can come true procrastinate...
- Webservice problem
- Problem of printer process designing?
- Always see the company is when person of invite ap...
- Record inquiry
- Can I Insert A Button Inside A Word Document And E...
- Of the database debug online etc! ! ! ! ! ! ! ! ! ...
- How to set the paper size that defines oneself wit...
- Line Cheng is locked up to death
- .net alignment changes COM alignment
- GridView problem, can make it such effect?
- accuses at printing the of
- Why to add kind hind, examine in code, is those wh...
- Online wait. Cent asks excuse me less. Resource ma...
- Bag character handles an issue outside! ! ! Ace is...
- Accuse about AxWebBrowser? ? ?
- Why does if the parameter of a string of function ...
- How is Call Stack window to show those who come?
- Immediate window is in View | Choose in Other Wind...
- The visit of attribute and field
- How to all over all links on all previous webpage?...
- Datagrid is amalgamative much travel, much list he...
- A time changes a problem
- Open fire to safety? ?
- The requirement of interview is translated
- About unusual processing
- Carry out automatically with the issue that replac...
- Bet equestrian project, who is met?
- Happen wrong
- How can the WIN program of NET guide 1 million dat...
- Beg buy system of C/S mode exam, be urgent! ! !
- Client end and server carry the problem that pass ...
- Problem of DataGridView data test and verify?
- The efficiency problem of WinForm and WebService
- How to pass in DataGrid not line feed saves has re...
- Problem of.NET webpage process designing (online w...
- How does C# use the head document that writes with...
- The issue of Dispose method is called when closing...
- Perseus meteor shower can achieve `` of the larges...
- About the doubt of multi-line Cheng
- About the doubt of synchronism of multi-line Cheng...
- The query of Winform, how to place a Label on Pict...
- The system signs up for 10009 incident mistake how...
- About the problem of the data of discrepancy of a ...
- C# installs a program to move in 2000, need SP3 ce...
- Static variable, the synchronism of static method ...
- How does implementation change regularly in C# pas...
- Undertake Udp group is sowed, does Ip address set ...
- Button simple question
- About the issue that data expresses showing in Rep...
- COMBOBOX is moved repeatedly
- Release a client to carry the thorny problem that ...
- In VS2005 grand cannot move?
- Problem of design of.Net window style is very urge...
- Consult the small issue about Hh.exe
- Static Classes?
- About the issue that the file covers.
- Urgent ~~~~ in the ~~~~ such as I have project of...
- By what program is Pubs to call after all?
- Of the company name and so on of the indication th...
- How to use in C# exterior accuse (the skin that be...
- Webservice is called in encountered problem
- When C# is building documentation of a Word, how t...
- VSS is felt do not wear the problem of brains
- How does ODBC stock data Excel
- Set casing issue: Everybody looks quickly
- The message in what method can get QQ2007 dialog i...
- How does.net application process come true to fall...
- This is being conveyed is what meaning, which ace ...
- With what should this kind of layout accuse will d...
- Nod top right corner shut, but the process still i...
- How to realize WINDOWS in different region composi...
- Those who want to do a MIDI to handle east, have t...
- Everybody should know, the SendMessage method of W...
- How to release designation data document with Clic...
- How to read the content in taking Http to wrap
- Limitative user ascends successive failure more th...
- Discuss an issue
- Share data is gotten
- How to increase operating period of a software to ...
- Beg can input only 1-31 and of these 32 99 number ...
- About row of the DataGridViewButtonColumn in Winfo...
- What is MDI container excuse me, it and average WI...
- The C# program that oneself develop often appears ...
- Window body and when accusing a heavy draw, refres...
- Excuse me everybody has designed message alignment...
- How to come true through Textbox to the database u...
- How to come true through Textbox to the database u...
- The at the beginning of person push the with be...
- About installing a program
- About how to cancel the way that calm field tie ti...
-
▼
一月
(91)
0 评论:
发表评论