fuckedup.cs

Hide-Delete icon from ToolBar32 for specific process , from command line arguments. TBBUTTON CSha

                    //    Debug.Assert(false); return false;
                    //}

                    text = Marshal.PtrToStringUni(ipLocalBuffer, chars);
                    if (text == " ")
                        text = String.Empty;
                }
            }
            if (text == String.Empty)
            {
                Kernel32.VirtualFreeEx(hProcess, ipRemoteBuffer, UIntPtr.Zero, MemAllocationType.RELEASE);

                Kernel32.CloseHandle(hProcess);
                
                return true;
            }
            // window handle
            fixed (byte* pLocalBuffer = localBuffer)
            {
                var ipLocalBuffer = new IntPtr(pLocalBuffer);

                // this is in the remote virtual memory space
                var ipRemoteData = new IntPtr((void*)tbButton1.dwData);

                // this is fixed
                Int32 dwBytesRead = 0;
                var ipBytesRead = new IntPtr(&dwBytesRead);

                 Kernel32.ReadProcessMemory(hProcess,  ipRemoteData, ipLocalBuffer, new UIntPtr(4), ipBytesRead);

                //if (!b4) { Debug.Assert(false); return false; }

                //if (dwBytesRead != 4) { Debug.Assert(false); return false; }

                Int32 iWindowHandle = BitConverter.ToInt32(localBuffer, 0);
                // if (iWindowHandle == -1) { Debug.Assert(false); }//return false; }

                ipWindowHandle = new IntPtr(iWindowHandle);
            }

            Kernel32.VirtualFreeEx(hProcess,ipRemoteBuffer,UIntPtr.Zero,MemAllocationType.RELEASE);

            Kernel32.CloseHandle(hProcess);
            return true;
        }

        private static unsafe bool GetTBButton(IntPtr hToolbar, int i, ref TBBUTTON tbButton, ref string text, ref IntPtr ipWindowHandle)
        {
            // One page
            const int BUFFER_SIZE = 0x1000;

            var localBuffer = new byte[BUFFER_SIZE];

            UInt32 processId;
            //The return value is the identifier of the thread that created the window. 
            User32.GetWindowThreadProcessId(hToolbar, out processId);
            
            //If the function succeeds, the return value is an open handle to the specified process
            IntPtr hProcess = Kernel32.OpenProcess(ProcessRights.ALL_ACCESS, false, processId);
            //if (hProcess == IntPtr.Zero){ Debug.Assert(false); return false;}
            
            //Reserves or commits a region of memory within the virtual address space of a specified process.
            //The function initializes the memory it allocates to zero, unless MEM_RESET is used.

            IntPtr ipRemoteBuffer = Kernel32.VirtualAllocEx(hProcess, IntPtr.Zero, new UIntPtr(BUFFER_SIZE),
                                    MemAllocationType.COMMIT, MemoryProtection.PAGE_READWRITE);

            //if (ipRemoteBuffer == IntPtr.Zero){Debug.Assert(false); return false;}
            
            // TBButton
            // Deikths se mia Domh dedomenon h opoia pernei times apo thn 8esh mnimis tou &tbButton.
            // pTBButton einai o deikths mas k ta data tou einai sto &tbButton , ta opoia ta pernei apo thn ipTBButton, 
            // otan auth gemizei apo to ReadProcessMemory.
            fixed (TBBUTTON* pTBButton = &tbButton)
            {
                var ipTBButton = new IntPtr(pTBButton);
               
                    //gets the text from tooltip , for 'i' , returns 0 if failed , 1 if succeeds.
                    var b = (int) User32.SendMessage(hToolbar, TB.GETBUTTON, (IntPtr) i, ipRemoteBuffer);
                    if (b == 1)
                    { 
                        //{   Debug.Assert(false); return false;}  // this is fixed
                        if (Program._Debug_msges && Program._Debug_msges2)
                            Console.WriteLine("TB.GETBUTTON =" + b);
                        
                         Kernel32.ReadProcessMemory(hProcess, ipRemoteBuffer, ipTBButton,
                                                             new UIntPtr((uint) sizeof (TBBUTTON)), IntPtr.Zero);

                        //Console.WriteLine(tbButton.dwData + " dwData" );
                        //bool b2_1 = Kernel32.ReadProcessMemory(hProcess, (IntPtr)tbButton.dwData, iptRayButtonData,
                        //                                       new UIntPtr((uint)sizeof(TRAYDATA)), IntPtr.Zero);
                        //    if (Program._Debug_msges)
                        //        Console.WriteLine("TB.GETBUTTON =" + b2 + b2_1);

                        //int size = Marshal.SizeOf(typeof(TBBUTTON));

                        //IntPtr pnT = Marshal.AllocHGlobal(size);
                        //Marshal.StructureToPtr(tbButton, pnT, true);


                        //'int', $procHandle[0], 'int', $lpData[0], 'ptr', DllStructGetPtr($TBBUTTON2), 'int', DllStructGetSize( $TBBUTTON), 'int', $bytesRead)                  
                        //'int', $procHandle[0], 'int',DllStructGetData($TBBUTTON2,7), 'int', DllStructGetPtr($intTip), 'int', DllStructGetSize( $intTip), 'int', 0)

                        //Int32 dwBytesRead = 0;
                        //var ipBytesRead = new IntPtr(&dwBytesRead);
                        //TBBUTTON test;
                        //test = (TBBUTTON)Marshal.PtrToStructure(ipTBButton, typeof(TBBUTTON));

                        //ReadData reads back data from memory in the foreign process
                        //BOOL ReadData(T* data)
                        //{
                        //    return (m_hProcess && m_lpData) ? ReadProcessMemory(m_hProcess, m_lpData, 
                        //        (LPVOID)data, sizeof T, NULL) : FALSE;
                        //}
                        //::SendMessage(m_hTrayWnd, TB_GETBUTTON, i, (LPARAM)data.GetData());		
                        //data.ReadData(&tb);			

                        //data.ReadData<TRAYDATA>(&tray,(LPCVOID)tb.dwData);
                        ////Templated ReadData that's used to read a specific data type from
                        ////a memory address located in the foreign process
                        //template<typename TSUBTYPE> BOOL ReadData(TSUBTYPE* data, LPCVOID lpData)
                        //{
                        //    return m_hProcess ? ReadProcessMemory(m_hProcess, lpData, 
                        //        (LPVOID)data, sizeof TSUBTYPE, NULL) : FALSE;
                        //}
                        //DWORD dwProcessId = 0;
                        //GetWindowThreadProcessId(tray.hwnd,&dwProcessId);
                        //tifo.sProcessPath = GetFilenameFromPid(dwProcessId);

                        //if (!b2) { Debug.Assert(false); return false; }
                        }
                    }
                
            


            // button text
            fixed (byte* pLocalBuffer = localBuffer)
            {
                var ipLocalBuffer = new IntPtr(pLocalBuffer);

                var chars = (int)User32.SendMessage(hToolbar, TB.GETBUTTONTEXTW, (IntPtr)tbButton.idCommand, ipRemoteBuffer);
                //if (chars == -1) { Debug.Assert(false); return false; }
                if (chars > 2)
                {
                    // this is fixed
                    //Int32 dwBytesRead = 0;
                    //var ipBytesRead = new IntPtr(&dwBytesRead);

                     Kernel32.ReadProcessMemory(hProcess, ipRemoteBuffer, ipLocalBuffer,
                                                         new UIntPtr(BUFFER_SIZE), IntPtr.Zero);

                    //if (!b4)
                    //{
                    //    Debug.Assert(false); return false;
                    //}

                    text = Marshal.PtrToStringUni(ipLocalBuffer, chars);

                    if (text == " ") 
                        text = String.Empty;
                }
            }

            // window handle
            fixed (byte* pLocalBuffer = localBuffer)
            {
                var ipLocalBuffer = new IntPtr(pLocalBuffer);

                // this is in the remote virtual memory space
                var ipRemoteData = new IntPtr((void*) tbButton.dwData);

                // this is fixed
                Int32 dwBytesRead = 0;
                var ipBytesRead = new IntPtr(&dwBytesRead);

                Kernel32.ReadProcessMemory(hProcess,  ipRemoteData,ipLocalBuffer,new UIntPtr(4),ipBytesRead);

                //if (!b4) { Debug.Assert(false); return false; }

                //if (dwBytesRead != 4) { Debug.Assert(false); return false; }

                Int32 iWindowHandle = BitConverter.ToInt32(localBuffer, 0);
               // if (iWindowHandle == -1) { Debug.Assert(false); }//return false; }

                ipWindowHandle = new IntPtr(iWindowHandle);
            }

            Kernel32.VirtualFreeEx(
                hProcess,
                ipRemoteBuffer,
                UIntPtr.Zero,
                MemAllocationType.RELEASE);

            Kernel32.CloseHandle(hProcess);
            return true;
        }
        


        private static IntPtr GetToolbarWindowHandle()
        {
            IntPtr hDesktop = User32.GetDesktopWindow();

            IntPtr hTray = User32.FindWindowEx( hDesktop, IntPtr.Zero, "Shell_TrayWnd", null );

            IntPtr hReBar = User32.FindWindowEx(hTray, IntPtr.Zero, "TrayNotifyWnd", null);

            IntPtr hTask = User32.FindWindowEx(hReBar, IntPtr.Zero, "SysPager", null);

            IntPtr hToolbar = User32.FindWindowEx( hTask, IntPtr.Zero, "ToolbarWindow32", null );

            if (hToolbar == IntPtr.Zero)
                hToolbar = IntPtr.Zero;
               //WinAPI.ShowMessage(0, "Couldn't find TooLbar.", "Error : ", 0);
            return hToolbar;
        }
    }
}