📄 filetool.c
字号:
FALSE,
HandleInfo->ProcessId);
if (ProcessHandle == NULL)
{
return FALSE;
}
status = DuplicateHandle( ProcessHandle,
(HANDLE)HandleInfo->Handle,
GetCurrentProcess(),
&ObjectHandle,
0,
FALSE,
DUPLICATE_SAME_ACCESS);
CloseHandle(ProcessHandle);
if (status == 0)
{
return FALSE;
}
status = ZwQueryObject(ObjectHandle, 2, Buffer, 0x400, NULL);
if (status != 0)
{
CloseHandle(ObjectHandle);
return FALSE;
}
HandleDesc->ObjectType = Name;
status = UnicodeToAnsi( (PUNICODE_STRING)&Buffer,
Name,
MaxNameLength);
if (status == FALSE)
{
CloseHandle(ObjectHandle);
return FALSE;
}
MaxNameLength -= strlen(Name) + 1;
Name += strlen(Name) + 1;
status = ZwQueryObject(ObjectHandle, 1, Buffer, 0x400, NULL);
CloseHandle(ObjectHandle);
if (status != 0)
{
return FALSE;
}
HandleDesc->ObjectName = Name;
status = UnicodeToAnsi( (PUNICODE_STRING)&Buffer,
Name,
MaxNameLength);
return status;
}
BOOL EnumHandleInfo(HANDLEINFOFUNC Routine, LPVOID Param)
{
PSYSTEM_HANDLE_INFORMATION HandleList;
PVOID ListBuffer;
ULONG ListLength, ReadLength;
LONG status;
TCHAR Buffer[0x800];
ListBuffer = VirtualAlloc(NULL, 0x200000, MEM_RESERVE, PAGE_READWRITE);
ListLength = 0x10000;
if (ListBuffer == NULL)
{
MessageBox(NULL, "内存不足", "提示", MB_ICONSTOP);
return FALSE;
}
do
{
VirtualAlloc(ListBuffer, ListLength += 0x8000, MEM_COMMIT, PAGE_READWRITE);
status = ZwQuerySystemInformation(0x10, ListBuffer, ListLength, &ReadLength);
} while (status == 0xc0000004);
if (status < 0)
{
MessageBox(NULL, "查询系统信息失败", "错误", MB_ICONSTOP);
VirtualFree(ListBuffer, 0, MEM_RELEASE);
return FALSE;
}
HandleList = (PSYSTEM_HANDLE_INFORMATION)((PCHAR)ListBuffer + 4);
ReadLength /= sizeof(SYSTEM_HANDLE_INFORMATION);
for (; ReadLength--; HandleList++)
{
if (HandleList->ObjectTypeNumber != 0x1a)
continue;
if (!ExQueryHandleInfo(HandleList, Buffer, 0x800))
{
continue;
}
if (!(*Routine)((PHANDLE_DESC)&Buffer, Param))
break;
}
VirtualFree(ListBuffer, 0, MEM_RELEASE);
return TRUE;
}
BOOL MainRoutine(ULONG OpCode)
{
HANDLE hFile;
OPENFILENAME ofn;
char szFileName[MAX_PATH];
char szFileType[64];
if ((hFile = ExCreateFile(FileName)) == NULL)
{
MessageBox(NULL, "打开文件失败", "提示", MB_ICONERROR);
return FALSE;
}
switch (OpCode)
{
case OP_COPY:
memset(&ofn, 0, sizeof(OPENFILENAME));
szFileType[0] = '\0';
szFileName[0] = '\0';
ofn.lStructSize = sizeof(OPENFILENAME);
ofn.hwndOwner = NULL;
ofn.hInstance = GetModuleHandle(NULL);
ofn.lpstrFilter = szFileType;
ofn.lpstrFile = szFileName;
ofn.nMaxFile = MAX_PATH;
ofn.Flags = OFN_OVERWRITEPROMPT | OFN_PATHMUSTEXIST | OFN_LONGNAMES |
OFN_EXPLORER | OFN_HIDEREADONLY;
{
char *p = strrchr(FileName, '.');
if (p != NULL)
{
wsprintf(szFileType, "当前文件类型 (*%s)\t*%s\t", p, p);
wsprintf(szFileName, "*%s", p);
ofn.lpstrDefExt = p;
}
strcat(szFileType, "全部文件\t(*.*)\t");
p = szFileType;
do
{
if (*p == '\t')
*p = '\0';
} while (*++p);
}
if (GetSaveFileName(&ofn))
{
if (!ExCopyFile(hFile, szFileName))
MessageBox(NULL, "复制失败", "提示", MB_ICONERROR);
}
break;
case OP_REPLACE:
memset(&ofn, 0, sizeof(OPENFILENAME));
szFileName[0] = '\0';
ofn.lStructSize = sizeof(OPENFILENAME);
ofn.hwndOwner = NULL;
ofn.hInstance = GetModuleHandle(NULL);
ofn.lpstrFilter = "全部文件\0*.*\0";
ofn.lpstrFile = szFileName;
ofn.nMaxFile = MAX_PATH;
ofn.Flags = OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_LONGNAMES |
OFN_EXPLORER | OFN_HIDEREADONLY;
if (GetOpenFileName(&ofn))
{
if (!ExReplaceFile(hFile, szFileName))
MessageBox(NULL, "替换失败", "提示", MB_ICONERROR);
}
break;
case OP_DELETE:
if (MessageBox( NULL,
"确实要删除该文件吗?",
"提示",
MB_ICONQUESTION | MB_YESNO) == IDYES)
{
if (!ExDeleteFile(hFile))
MessageBox(NULL, "删除失败", "提示", MB_ICONERROR);
}
break;
case OP_UNLOCK:
DialogBox( GetModuleHandle(NULL),
(LPCTSTR)IDD_UNLOCK,
NULL,
DlgProc2);
break;
case OP_VIEW:
InitHexViewClass();
DialogBoxParam( GetModuleHandle(NULL),
(LPCTSTR)IDD_VIEW,
NULL,
DlgProc3, (LPARAM)hFile);
break;
}
CloseHandle(hFile);
return TRUE;
}
LRESULT CALLBACK DlgProc1(HWND hDlg, UINT uMsg, WPARAM wParam, LPARAM lParam)
{
switch (uMsg)
{
case WM_INITDIALOG:
if (FileName[0] == '\0')
{
EnableWindow(GetDlgItem(hDlg, IDC_BUTTON1), FALSE);
EnableWindow(GetDlgItem(hDlg, IDC_BUTTON2), FALSE);
EnableWindow(GetDlgItem(hDlg, IDC_BUTTON3), FALSE);
EnableWindow(GetDlgItem(hDlg, IDC_BUTTON4), FALSE);
}
break;
case WM_COMMAND:
switch (LOWORD(wParam))
{
case IDC_BUTTON1:
EndDialog(hDlg, OP_COPY);
break;
case IDC_BUTTON2:
EndDialog(hDlg, OP_REPLACE);
break;
case IDC_BUTTON3:
EndDialog(hDlg, OP_DELETE);
break;
case IDC_BUTTON4:
MessageBox(hDlg, "不可用", "提示", MB_ICONSTOP);
EndDialog(hDlg, 0);
break;
case IDC_BUTTON5:
EndDialog(hDlg, OP_VIEW);
break;
case IDC_BUTTON7:
case IDCANCEL:
case IDM_EXIT:
EndDialog(hDlg, 0);
break;
}
break;
default:
return FALSE;
}
return TRUE;
}
VOID InitializeList(HWND hList)
{
LV_COLUMN lvc;
DWORD dwStyle;
ListView_SetColumnWidth(hList, 1, 65);
lvc.mask = LVCF_FMT | LVCF_WIDTH | LVCF_TEXT | LVCF_SUBITEM;
lvc.fmt = LVCFMT_LEFT;
lvc.cx = 80;
lvc.pszText = "映像名称";
ListView_InsertColumn(hList, 0, &lvc);
lvc.cx = 50;
lvc.pszText = "PID";
ListView_InsertColumn(hList, 1, &lvc);
lvc.cx = 60;
lvc.pszText = "句柄ID";
ListView_InsertColumn(hList, 2, &lvc);
lvc.cx = 200;
lvc.pszText = "锁定路径";
ListView_InsertColumn(hList, 3, &lvc);
lvc.cx = 200;
lvc.pszText = "映像路径";
ListView_InsertColumn(hList, 4, &lvc);
dwStyle = ListView_GetExtendedListViewStyle(hList);
dwStyle |= LVS_EX_FULLROWSELECT | LVS_EX_GRIDLINES | LVS_EX_HEADERDRAGDROP;
ListView_SetExtendedListViewStyle(hList, dwStyle);
}
BOOL InsertList(PHANDLE_DESC Info, LPVOID Param)
{
return TRUE;
}
VOID UpdateList()
{
PVOID Buffer;
Buffer = malloc(0x1000);
EnumHandleInfo(InsertList, NULL);
}
LRESULT CALLBACK DlgProc2(HWND hDlg, UINT uMsg, WPARAM wParam, LPARAM lParam)
{
static HWND hList;
switch (uMsg)
{
case WM_INITDIALOG:
hList = GetDlgItem(hDlg, IDC_LIST1);
InitializeList(hList);
break;
case WM_COMMAND:
switch (LOWORD(wParam))
{
case IDC_BUTTON5:
case IDCANCEL:
case IDM_EXIT:
EndDialog(hDlg, 0);
break;
}
break;
default:
return FALSE;
}
return TRUE;
}
LRESULT CALLBACK DlgProc3(HWND hDlg, UINT uMsg, WPARAM wParam, LPARAM lParam)
{
HANDLE hMap;
static PBYTE Buffer;
static DWORD Length;
switch (uMsg)
{
case WM_INITDIALOG:
if ((Length = GetFileSize((HANDLE)lParam, NULL)) == -1)
{
break;
}
{
DWORD temp = 0;
if (ExReadFile((HANDLE)lParam, &temp, 3))
MessageBox(NULL, (void *)&temp, "read ok", 0);
}
if ((hMap = CreateFileMapping( (HANDLE)lParam,
NULL,
PAGE_READWRITE,
0,
0,
NULL)) == NULL)
{
break;
}
Buffer = MapViewOfFile(hMap, FILE_MAP_WRITE, 0, 0, 0);
CloseHandle(hMap);
SendMessage(GetDlgItem(hDlg, IDC_CUSTOM1),
HV_SETHANDLE,
(WPARAM)Length,
(LPARAM)Buffer);
break;
case WM_CHAR:
MessageBox(NULL, "dfs", "DF", 0);
break;
case WM_COMMAND:
switch (LOWORD(wParam))
{
case IDCANCEL:
case IDM_EXIT:
SendMessage(GetDlgItem(hDlg, IDC_CUSTOM1),
HV_SETHANDLE,
(WPARAM)0,
(LPARAM)NULL);
UnmapViewOfFile(Buffer);
EndDialog(hDlg, 0);
break;
case IDM_UNDO:
SendMessage(GetDlgItem(hDlg, IDC_CUSTOM1),
HV_UNDO,
0,
0);
break;
case IDM_REDO:
SendMessage(GetDlgItem(hDlg, IDC_CUSTOM1),
HV_REDO,
0,
0);
break;
case IDM_SAVE:
SendMessage(GetDlgItem(hDlg, IDC_CUSTOM1),
HV_APPLYMODIFY,
0,
0);
break;
case IDM_COPY:
SendMessage(GetDlgItem(hDlg, IDC_CUSTOM1),
HV_COPY,
0,
0);
break;
case IDM_COPYHEX:
SendMessage(GetDlgItem(hDlg, IDC_CUSTOM1),
HV_COPYHEX,
0,
0);
break;
case IDM_SELECTALL:
SendMessage(GetDlgItem(hDlg, IDC_CUSTOM1),
HV_SELALL,
0,
0);
break;
}
break;
default:
return FALSE;
}
return TRUE;
}
BOOL ParseCommandLine(LPTSTR lpCmdLine)
{
LPTSTR p;
do
{
if (*lpCmdLine == ' ' || *lpCmdLine == '\t')
continue;
if (*lpCmdLine == '-')
{
switch (*++lpCmdLine | 0x20)
{
case 'c':
SetBit(OpFlags, OP_COPY);
break;
case 'p':
SetBit(OpFlags, OP_REPLACE);
break;
case 'd':
SetBit(OpFlags, OP_DELETE);
break;
case 'u':
SetBit(OpFlags, OP_UNLOCK);
break;
case 'v':
SetBit(OpFlags, OP_VIEW);
break;
default:
return FALSE;
}
continue;
}
if (*lpCmdLine == '"')
{
p = lpCmdLine + 1;
while (*++lpCmdLine != '"')
{
if (*lpCmdLine == '\0')
return FALSE;
}
}
else
{
p = lpCmdLine;
do
{
if (*lpCmdLine == ' ' || *lpCmdLine == '\t')
break;
} while (*++lpCmdLine);
}
if (lpCmdLine - p >= MAX_PATH)
return FALSE;
strncpy(FileName, p, lpCmdLine - p);
if (*lpCmdLine == '\0')
break;
} while (*++lpCmdLine);
return TRUE;
}
void TEST1(HWND hWnd)
{
DWORD dwErrorCode;
LPVOID lpMsgBuf;
DWORD temp1 = 0x112, temp2, temp3 = 0;
static int b = 0;
char buf[32];
wsprintf(buf, "%x", IOCTL_FILE_WRITE);
SetWindowText(hWnd, buf);
if (b == 0)
{
UnloadDeviceDriver(g_szDriverName);
b = 1;
Sleep(100);
}
CallDriver( IOCTL_TEST_FUNCTION,
&temp1,
sizeof(temp1),
&temp2,
sizeof(temp2),
&temp3);
dwErrorCode = GetLastError();
if (dwErrorCode != ERROR_SUCCESS)
{
FormatMessage( FORMAT_MESSAGE_ALLOCATE_BUFFER |
FORMAT_MESSAGE_FROM_SYSTEM |
FORMAT_MESSAGE_IGNORE_INSERTS,
NULL,
dwErrorCode,
0,
(LPTSTR)&lpMsgBuf,
0,
NULL
);
MessageBox(NULL, lpMsgBuf, "ERROR", MB_ICONSTOP);
LocalFree(lpMsgBuf);
}
else
{
wsprintf(buf, "I=%x O=%x R=%x", temp1, temp2, temp3);
SetWindowText(hWnd, buf);
}
}
void TEST()
{
HANDLE hFile = CreateFile( "C:\\Test.exe",
GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ,
NULL,
OPEN_ALWAYS,
0,
NULL);
InitHexViewClass();
DialogBoxParam( GetModuleHandle(NULL),
(LPCTSTR)IDD_VIEW,
NULL,
DlgProc3, (LPARAM)hFile);
CloseHandle(hFile);
ExitProcess(0);
}
int APIENTRY WinMain1(
HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow
)
{
TCHAR PathName[MAX_PATH];
ULONG OpCode;
/*
InitHexView();
DialogBox( GetModuleHandle(NULL),
(LPCTSTR)IDD_VIEW,
NULL,
DlgProc3);
return 0;
//*///TEST();
GetModuleFileName(hInstance, PathName, MAX_PATH);
*strrchr(PathName, '\\') = '\0';
SetCurrentDirectory(PathName);
if (!ParseCommandLine(lpCmdLine))
return -1;
if (!FileName[0])
return -1;
InitCommonControls();
UnloadDeviceDriver(g_szDriverName);
if (FileName[0] == '\0' || OpFlags == 0)
{
OpCode = DialogBox( hInstance,
(LPCTSTR)IDD_DIALOG,
NULL,
DlgProc1);
if (OpCode != 0)
{
MainRoutine(OpCode);
}
}
else
{
OpCode = 0;
while (++OpCode < OP_MAXIMUM)
{
if (GetBit(OpFlags, OpCode))
{
if (!MainRoutine(OpCode))
break;;
}
}
}
UnloadDeviceDriver(g_szDriverName);
return 0;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -