MOKA
/
scbc_repos


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121
							// dllmain.cpp : 定义 DLL 应用程序的入口点。
#include "stdafx.h"


HMODULE g_hModule = NULL;
HANDLE hThreadProc = NULL;

// 枚举屏幕上的所有顶级窗口
BOOL CALLBACK EnumWndProc(HWND hwnd, LPARAM lParam)
{
    TCHAR szLog[MAX_PATH] = {0};
    DWORD dwCurrentProcessId = *((DWORD*)lParam);
    // 根据进程ID、窗口，获取当前窗口所在线程ID;
	DWORD dwWindProcessId = 0;
    DWORD dwThreadId = GetWindowThreadProcessId(hwnd, &dwWindProcessId);
#if _MSC_VER >= 1200 && _MSC_VER < 1500
	sprintf(szLog, _T("<Injecter> 进程ID=%ld, 窗口进程ID=%ld\n"), dwCurrentProcessId, dwThreadId);
#else
	_stprintf_s(szLog, _T("<Injecter> 进程ID=%ld, 窗口进程ID=%ld\n"), dwCurrentProcessId, dwThreadId);
#endif
    OutputDebugString(szLog);
    if ( dwCurrentProcessId == dwWindProcessId && GetParent(hwnd) == NULL )   // GetParent==Null表示主窗口,本来就是找顶级的，有点多余?;
    {
        *((HWND*)lParam) = hwnd;
        // 回调函数调用SetLastError以获取有意义的错误代码，以返回给EnumWindows的调用方
        SetLastError(10086);
        // 停止枚举,返回FALSE;
        return FALSE;
    }

    // 继续枚举,返回TRUE;
    return TRUE;
}


HWND GetMainWnd()
{
    TCHAR szLog[MAX_PATH] = {0};
    // 获取当前DLL所在进程ID;
    DWORD dwCurrentProcessId = GetCurrentProcessId();
    // 枚举该进程窗口;
    EnumWindows(EnumWndProc, (LPARAM)&dwCurrentProcessId);
    DWORD dwError = GetLastError();
    if (dwError == 10086)
    {
        // 找到窗口句柄;
        return (HWND)dwCurrentProcessId;
    }

#if _MSC_VER >= 1200 && _MSC_VER < 1500
	sprintf(szLog, _T("<Injecter> 进程ID=%ld, 没找到窗口,GetLastError=%ld\n"), dwCurrentProcessId, dwError);
#else
	_stprintf_s(szLog, _T("<Injecter> 进程ID=%ld, 没找到窗口,GetLastError=%ld\n"), dwCurrentProcessId, dwError);
#endif
    OutputDebugString(szLog);

    return NULL;
}

DWORD WINAPI WorkThreadProc(LPVOID lParam)
{
#ifdef _DEBUG
    Sleep(20000);
#endif
    TCHAR szLog[MAX_PATH] = {0};
    TCHAR szWndTitle[MAXBYTE] = {0};
    // 获取DLL所在窗口句柄;
    HWND hWnd = GetMainWnd();
    if ( hWnd == NULL )
    {
        OutputDebugString(_T("<Injecter> 没有找到窗口句柄"));
        FreeLibraryAndExitThread(g_hModule, 0);
        return 0;
    }

    // 得到窗口名称
    GetWindowText(hWnd,szWndTitle,sizeof(szWndTitle));
#if _MSC_VER >= 1200 && _MSC_VER < 1500
	sprintf(szLog, _T("找到窗口名称：%s\n"),  szWndTitle);
#else
    _stprintf_s(szLog, _T("找到窗口名称：%s\n"),  szWndTitle);
#endif
    OutputDebugString(szLog);
    //是否名称是计算器
    if( 0 == _tcsstr(szWndTitle, _T("计算器")) )
    {
        OutputDebugString(_T("<Injecter> 找到指定窗口!!!"));
        // 2、创建后台线程;
    }
    else
    {
        OutputDebugString(_T("<Injecter> 不满足条件,DLL自我卸载!!!"));
        // 如果不满足条件,DLL自我卸载;
        FreeLibraryAndExitThread(g_hModule, 0);
    }

    return 0;
}


BOOL APIENTRY DllMain( HMODULE hModule,DWORD  ul_reason_for_call,LPVOID lpReserved)
{
    g_hModule = hModule;
	switch (ul_reason_for_call)
	{
	case DLL_PROCESS_ATTACH:
        {
            hThreadProc = CreateThread(NULL, 0, WorkThreadProc, NULL, 0, NULL);
            CloseHandle(hThreadProc);
        }
        break;
	case DLL_THREAD_ATTACH:
        break;
	case DLL_THREAD_DETACH:
        break;
	case DLL_PROCESS_DETACH:
		break;
	}
	return TRUE;
}