给移动飞信弄个小外挂

最新推荐文章于 2019-08-07 17:15:25 发布

donghaima

最新推荐文章于 2019-08-07 17:15:25 发布

阅读量1.4k

点赞数

分类专栏： WinForm 文章标签： user string class button struct object

本文链接：https://blog.csdn.net/donghaima/article/details/3420645

版权

WinForm 专栏收录该内容

10 篇文章 0 订阅

订阅专栏

通过winsiggen.exe制作的API声明：

[System.Runtime.InteropServices.UnmanagedFunctionPointerAttribute(System.Runtime.InteropServices.CallingConvention.StdCall)]
public delegate int WNDENUMPROC(System.IntPtr param0, System.IntPtr param1);

    [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)]
    public struct HWND__
    {
        public int unused;
    }

    public partial class NativeConstants
    {
        /// WM_PASTE -> 0x0302
        public const int WM_PASTE = 770;

/// WM_LBUTTONDOWN -> 0x0201
public const int WM_LBUTTONDOWN = 513;

/// WM_LBUTTONUP -> 0x0202
public const int WM_LBUTTONUP = 514;

/// BM_SETSTATE -> 0x00F3
public const int BM_SETSTATE = 243;

        /// MK_LBUTTON -> 0x0001
        public const int MK_LBUTTON = 1;
    }

    public partial class NativeMethods
    {
        [System.Runtime.InteropServices.DllImportAttribute("user32.dll", EntryPoint = "FindWindowW")]
        public static extern System.IntPtr FindWindowW([System.Runtime.InteropServices.InAttribute()] [System.Runtime.InteropServices.MarshalAsAttribute(System.Runtime.InteropServices.UnmanagedType.LPWStr)] string lpClassName, [System.Runtime.InteropServices.InAttribute()] [System.Runtime.InteropServices.MarshalAsAttribute(System.Runtime.InteropServices.UnmanagedType.LPWStr)] string lpWindowName);

        [System.Runtime.InteropServices.DllImportAttribute("user32.dll", EntryPoint = "EnumChildWindows")]
        [return: System.Runtime.InteropServices.MarshalAsAttribute(System.Runtime.InteropServices.UnmanagedType.Bool)]
        //public static extern bool EnumChildWindows([System.Runtime.InteropServices.InAttribute()] System.IntPtr hWndParent, WNDENUMPROC lpEnumFunc, [System.Runtime.InteropServices.MarshalAsAttribute(System.Runtime.InteropServices.UnmanagedType.SysInt)] int lParam);
        public static extern bool EnumChildWindows([System.Runtime.InteropServices.InAttribute()] System.IntPtr hWndParent, WNDENUMPROC lpEnumFunc, int lParam);

[System.Runtime.InteropServices.DllImportAttribute("user32.dll", EntryPoint = "GetClassNameW")]
public static extern int GetClassNameW([System.Runtime.InteropServices.InAttribute()] System.IntPtr hWnd, [System.Runtime.InteropServices.OutAttribute()] [System.Runtime.InteropServices.MarshalAsAttribute(System.Runtime.InteropServices.UnmanagedType.LPWStr)] System.Text.StringBuilder lpClassName, int nMaxCount);

        [System.Runtime.InteropServices.DllImportAttribute("user32.dll", EntryPoint = "SendMessageW")]
        //[return: System.Runtime.InteropServices.MarshalAsAttribute(System.Runtime.InteropServices.UnmanagedType.SysInt)]
        //public static extern int SendMessageW([System.Runtime.InteropServices.InAttribute()] System.IntPtr hWnd, uint Msg, [System.Runtime.InteropServices.MarshalAsAttribute(System.Runtime.InteropServices.UnmanagedType.SysUInt)] uint wParam, [System.Runtime.InteropServices.MarshalAsAttribute(System.Runtime.InteropServices.UnmanagedType.SysInt)] int lParam);
        public static extern int SendMessageW([System.Runtime.InteropServices.InAttribute()] System.IntPtr hWnd, uint Msg, uint wParam, int lParam);

[System.Runtime.InteropServices.DllImportAttribute("user32.dll", EntryPoint = "GetWindowTextW")]
public static extern int GetWindowTextW([System.Runtime.InteropServices.InAttribute()] System.IntPtr hWnd, [System.Runtime.InteropServices.OutAttribute()] [System.Runtime.InteropServices.MarshalAsAttribute(System.Runtime.InteropServices.UnmanagedType.LPWStr)] System.Text.StringBuilder lpString, int nMaxCount);

[System.Runtime.InteropServices.DllImportAttribute("user32.dll", EntryPoint = "SetActiveWindow")]
public static extern System.IntPtr SetActiveWindow([System.Runtime.InteropServices.InAttribute()] System.IntPtr hWnd);

红色的代码在运行中会抛出什么封送错误，干脆化繁为简，去掉那些自动生成的前缀,到也OK。

实际代码：

private void button1_Click(object sender, EventArgs e)
{
System.IntPtr hWnd;

       hWnd = NativeMethods.FindWindowW("WindowsForms10.Window.8.app.0.378734a", "某某某");
       if (hWnd.ToString() == "0")
           MessageBox.Show("No found!");
       else
       {

WNDENUMPROC settextproc = new WNDENUMPROC(SetText);
NativeMethods.EnumChildWindows(hWnd, settextproc, 0);

Thread.Sleep(100);

要模拟鼠标按键的话，目标窗口必须是活动的

NativeMethods.SetActiveWindow(hWnd);

           WNDENUMPROC sendproc= new WNDENUMPROC(Send);
           NativeMethods.EnumChildWindows(hWnd, sendproc, 0);
       }
  }

int SetText(System.IntPtr param0, System.IntPtr param1)
{
StringBuilder s = new StringBuilder(256);
NativeMethods.GetClassNameW(param0, s, s.Capacity );

if (s.ToString().Trim() == "WindowsForms10.RichEdit20W.app.0.378734a")
NativeMethods.SendMessageW(param0, NativeConstants.WM_PASTE, 0, 0);

return 1;
}

飞信程序拦截了其他进程向输入框发送修改文本的消息，只能改用黏贴剪贴板上内容的方法，也挺有趣

int Send(System.IntPtr param0, System.IntPtr param1)
{
StringBuilder s = new StringBuilder(256);

    NativeMethods.GetWindowTextW(param0, s, s.Capacity);
    if (s.ToString().Trim() == "发送")
    {
        NativeMethods.SendMessageW(param0, NativeConstants.WM_LBUTTONDOWN, NativeConstants.MK_LBUTTON, 0);
        NativeMethods.SendMessageW(param0, NativeConstants.BM_SETSTATE, 1, 0);
        NativeMethods.SendMessageW(param0, NativeConstants.WM_LBUTTONUP, NativeConstants.MK_LBUTTON, 0);
        NativeMethods.SendMessageW(param0, NativeConstants.BM_SETSTATE, 0, 0);
        return 0;
    }

return 1;
}

donghaima

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
给移动飞信弄个小外挂

通过winsiggen.exe制作的API声明：[System.Runtime.InteropServices.UnmanagedFunctionPointerAttribute(System.Runtime.InteropServices.CallingConvention.StdCall)] public delegate int WNDENUMPROC(System.IntPt
复制链接

扫一扫