Windows学习总结

最新推荐文章于 2024-10-06 10:34:37 发布
最新推荐文章于 2024-10-06 10:34:37 发布
阅读量89 收藏
点赞数
分类专栏: windows 文章标签: windows 学习 c++
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_40363731/article/details/129797814
版权

头文件

#pragma once
#include <windows.h>
#include <stdio.h>
#include <TlHelp32.h>
#include <list>
#include <string>
#include <unordered_map>
#include <vector>
#include <xlocbuf>
#include <iostream>
#include <tchar.h>
#include <psapi.h>
#include <Shlwapi.h>
#pragma comment(lib,"Shlwapi.lib")
struct WndInfo {
	std::string szWndName;
	bool bFlag;
	DWORD dwProcessId;
	DWORD dwThreadId;
	HWND hWnd;
	std::string szPath;
	HICON hIcon;
};
struct InstallInfo {
	std::string szName;       //名称
	std::string szVersion;        //软件版本号
	std::string szPublish;     //软件发布厂商
	std::string szInstallData;       //软件安装日期
	std::string szInstallPath;  //软件安装路径
	std::string szUnistallPath; //软件卸载路径
};
class WindowsAxy
{
	using ThreadCallbackAxy = DWORD(WINAPI*)(LPVOID);
public:
	//进程相关
	static BOOL CreateProcessAxy(LPCTSTR, PROCESS_INFORMATION*);
	static BOOL CreateProcessAxy(LPCTSTR);
	static BOOL CreateProcessSuspend(LPCTSTR, PROCESS_INFORMATION&);
	static BOOL CreateProcessCmd(LPCTSTR);
	static BOOL CreateProcessAdmAxy(LPCTSTR);
	static std::list<std::string> GetProcessList(void);
	static std::list<PROCESSENTRY32> GetProcessInfoList(void);
	static BOOL GetProcessInfoMap(std::unordered_multimap<DWORD, std::string>&);
	static BOOL GetProcessInfoMap(std::unordered_multimap<std::string, DWORD>&);
	static BOOL GetProcessInfoMap(std::unordered_multimap<DWORD, PROCESSENTRY32>&);
	static BOOL GetProcessInfoMap(std::unordered_multimap<std::string, PROCESSENTRY32>&);
	static BOOL KillProcess(DWORD pid);
	static DWORD GetProcessId(const wchar_t* szProcessName);
	static DWORD GetProcessId(const char* szProcessName);
	static std::vector<DWORD> GetMulitiProcessId(LPCTSTR szProcessName);
	static std::string GetProcessName(DWORD pid);
	static PROCESSENTRY32 GetProcessInfo(DWORD pid);
	static std::string GetProcessFilePath(DWORD dwProcessId);
	//线程相关
	static BOOL GetThreadList(std::list<std::string>& ThreadList, DWORD nProcessId = NULL);
	static BOOL GetThreadInfoList(std::list<THREADENTRY32>& ThreadList, DWORD nProcessId = NULL);
	static BOOL GetThreadIdArray(std::vector<DWORD>& ThreadIdVector, DWORD nProcessId = NULL);
	static BOOL SuspendThread(DWORD Tid);
	static BOOL ResumeThread(DWORD Tid);
	static BOOL KillThread(DWORD Tid);
	static HANDLE CreateThreadAxy(
		_Out_ DWORD& Tid,
		_In_ ThreadCallbackAxy ThreadProc,
		_In_ LPVOID lp = NULL,
		_In_ DWORD dwCreationFlags = 0,
		_In_ SIZE_T dwStackSize = 0,
		_In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes = NULL);
	static HANDLE CreateThreadAxy(
		_In_ ThreadCallbackAxy ThreadProc,
		_In_ LPVOID lp = NULL,
		_In_ DWORD dwCreationFlags = 0,
		_In_ SIZE_T dwStackSize = 0,
		_In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes = NULL);
	static HANDLE CreateRemoteThreadAXY(HANDLE hProcess, ThreadCallbackAxy ThreadProc, LPVOID lp = NULL);
	//内存相关
	static BOOL WriteProcessMemory(DWORD ProcessId, LPVOID source, LPVOID target, SIZE_T size);
	static BOOL WriteProcessMemory(HANDLE hProcess, LPVOID source, LPVOID target, SIZE_T size);
	static BOOL ReadProcessMemory(DWORD ProcessId, LPVOID source, LPVOID target, SIZE_T size);
	static BOOL ReadProcessMemory(HANDLE hProcess, LPVOID source, LPVOID target, SIZE_T size);
	static LPVOID MemoryAlloc(SIZE_T dwSize,\
		DWORD  flProtect = PAGE_EXECUTE_READWRITE,\
		LPVOID lpAddress = NULL,\
		DWORD  flAllocationType = MEM_COMMIT | MEM_RESERVE);
	static LPVOID RemoteMemoryAlloc(HANDLE hProcess,
		SIZE_T dwSize, 
		DWORD  flProtect = PAGE_EXECUTE_READWRITE, 
		LPVOID lpAddress = NULL, 
		DWORD  flAllocationType = MEM_COMMIT | MEM_RESERVE);
	static LPVOID RemoteMemoryAlloc(DWORD dwProcessId,
		SIZE_T dwSize,
		DWORD  flProtect = PAGE_EXECUTE_READWRITE,
		LPVOID lpAddress = NULL,
		DWORD  flAllocationType = MEM_COMMIT | MEM_RESERVE);
	static BOOL FreeMemory(LPVOID lpAddress);
	static BOOL RemoteFreeMemory(HANDLE hProcess,LPVOID lpAddress);
	static BOOL RemoteFreeMemory(DWORD dwProcessId, LPVOID lpAddress);
	static BOOL RemoteMemoryProtect(DWORD dwProcessId, LPVOID lpAddress, SIZE_T dwSize, DWORD  flNewProtect, DWORD& flOldProtect);
	static BOOL RemoteMemoryProtect(HANDLE hProcess, LPVOID lpAddress, SIZE_T dwSize, DWORD  flNewProtect, DWORD& flOldProtect);

	//定时器相关
	static BOOL WaitUntilTime(WORD Year, WORD Month, WORD Day,WORD Hour, WORD Minute, WORD Second, WORD ms = 0);
	//模块相关
	static BOOL GetProcessModuleList(_Out_ std::list<MODULEENTRY32>& ModuleList, _In_ DWORD dwProcessId);
	static BOOL GetProcessModuleList(_Out_ std::list<MODULEENTRY32>& ModuleList, _In_ LPCTSTR ProcessName);
	static BOOL GetProcessModuleNameList(_Out_ std::list<std::string>& ModuleList, _In_ LPCTSTR ProcessName);
	static BOOL GetProcessModuleNameList(_Out_ std::list<std::string>& ModuleList, _In_ DWORD dwProcessId);
	static BOOL GetProcessModuleMap(_Out_ std::unordered_multimap<std::string, MODULEENTRY32>& ModuleMap, _In_ LPCTSTR ProcessName);
	static BOOL GetProcessModuleMap(_Out_ std::unordered_multimap<std::string, MODULEENTRY32>& ModuleMap, _In_ DWORD dwProcessId);
	static LONG_PTR GetModuleBaseAddr(LPCTSTR ModuleName, DWORD ProcessID = 0);
	//注入相关
	static BOOL RemoteInject(DWORD dwProcessId, const wchar_t* csDllPath);
	static BOOL RemoteFreelibrary(DWORD dwProcessId, const wchar_t* csDllPath);
	static BOOL UnTraceInject(DWORD dwProcessId, const wchar_t* csDllPath);
	static BOOL RemoteInject(DWORD dwProcessId, const char* csDllPath);
	static BOOL RemoteFreelibrary(DWORD dwProcessId, const char* csDllPath);
	static BOOL UnTraceInject(DWORD dwProcessId, const char* csDllPath);
	static BOOL RemoteInject(std::string szProcessName, const wchar_t* csDllPath);
	static BOOL RemoteFreelibrary(std::string szProcessName, const wchar_t* csDllPath);
	static BOOL UnTraceInject(std::string szProcessName, const wchar_t* csDllPath);
	//文件相关
	static BOOL ReadFile(LPCTSTR szFilePath, std::vector<unsigned char>& szBuffer);
	static char* ReadFile(LPCTSTR szFilePath);
	static BOOL ReadFile(LPCTSTR szFilePath,unsigned char* szBuffer,DWORD dwLength);
	static BOOL WriteFile(LPCTSTR szFilePath, std::string str);
	static BOOL WriteFile(LPCTSTR szFilePath, unsigned char* ucbyte, DWORD dwLength,int nPos = 0);
	static BOOL WriteFile_pushback(LPCTSTR szFilePath, std::string str);
	//剪切板操作
	static std::string ReadClipboard();
	static BOOL WriteClipboard(const std::string&);
	//窗口操作
	static std::list<HWND> GetWindowList();
	static std::list<WndInfo> GetWindowInfoList();
	//注册表相关
	static std::vector<std::string>GetAllSubKeyPath(HKEY hKey, std::string szKeyPath);
	static std::list<InstallInfo> GetInstallInfoList();
	static std::unordered_map<std::string, std::string> GetAllKeyValue(HKEY Key, const char* szPath);
	static void SetAutoRun(LPCSTR szFilePath);
	//执行Shell
	BOOL ExeShell(const char* cmd, char* result);
	//工具函数
	static wchar_t* stringToWchar_t(std::string str);
	static std::string wchar_tToString(const wchar_t* wchar);
	static bool IsDebuggerPresentAXY();
	//编码转换相关
	static std::wstring Utf8ToUnicode(const std::string& strUTF8);
	static std::string UnicodeToUtf8(const std::wstring& strUnicode);
	static std::wstring StringToWString(const std::string& str);
	static std::string WStringToString(const std::wstring& wstr);
	static std::string Utf8ToANSI(const std::string& strUtf8);
	static std::string ANSIToUtf8(const std::string& strANSI);
	//
};

源文件

#include "WindowsAxy.h"

BOOL WindowsAxy::CreateProcessAxy(LPCTSTR buffer, PROCESS_INFORMATION* pi) {
	LPCTSTR szCommandLine = buffer;//"C:\\Users\\Core_Objects\\Desktop\\CodeinEX.exe";
	STARTUPINFO si = { 0 }; /*= { sizeof(si); }*/
	si.cb = sizeof(si);
	BOOL bRet = ::CreateProcess(
		szCommandLine,//不在此指定可执行文件的文件名
		NULL, //命令行参数
		NULL,//默认进程的安全性
		NULL,//默认线程的安全性
		FALSE,//指定当前进程内的句柄不可以被子进程继承
		CREATE_NEW_CONSOLE,//为新进程创建一个新的控制台窗口
		NULL,//使用本进程的环境变量
		NULL,//使用本进程的驱动器和目录
		&si,
		pi);
	return bRet;
}

BOOL WindowsAxy::CreateProcessAxy(LPCTSTR buffer) {
	PROCESS_INFORMATION pi;
	LPCTSTR szCommandLine = buffer;//"C:\\Users\\Core_Objects\\Desktop\\CodeinEX.exe";
	STARTUPINFO si = { 0 }; /*= { sizeof(si); }*/
	si.cb = sizeof(si);
	BOOL bRet = ::CreateProcess(
		szCommandLine,//不在此指定可执行文件的文件名
		NULL, //命令行参数
		NULL,//默认进程的安全性
		NULL,//默认线程的安全性
		FALSE,//指定当前进程内的句柄不可以被子进程继承
		CREATE_NEW_CONSOLE,//为新进程创建一个新的控制台窗口
		NULL,//使用本进程的环境变量
		NULL,//使用本进程的驱动器和目录
		&si,
		&pi);
	if (bRet) {
		CloseHandle(pi.hProcess);
		CloseHandle(pi.hThread);
	}
	return bRet;
}

BOOL WindowsAxy::CreateProcessSuspend(LPCTSTR buffer, PROCESS_INFORMATION& pi) {
	LPCTSTR szCommandLine = buffer;//"C:\\Users\\Core_Objects\\Desktop\\CodeinEX.exe";
	STARTUPINFO si = { 0 }; /*= { sizeof(si); }*/
	si.cb = sizeof(si);
	BOOL bRet = ::CreateProcess(
		szCommandLine,//不在此指定可执行文件的文件名
		NULL, //命令行参数
		NULL,//默认进程的安全性
		NULL,//默认线程的安全性
		FALSE,//指定当前进程内的句柄不可以被子进程继承
		CREATE_SUSPENDED,//为新进程创建一个新的控制台窗口
		NULL,//使用本进程的环境变量
		NULL,//使用本进程的驱动器和目录
		&si,
		&pi);
	return bRet;
}

BOOL WindowsAxy::CreateProcessCmd(LPCTSTR buffer) {
	PROCESS_INFORMATION pi;
	TCHAR szCommandLine[MAX_PATH]{ 0 };
#ifdef UNICODE
	memcpy(szCommandLine, buffer, (wcslen(buffer) + 1) * 2);
#else
	memcpy(szCommandLine, buffer, strlen(buffer) + 1);
#endif
	STARTUPINFO si = { 0 }; /*= { sizeof(si); }*/
	si.cb = sizeof(si);
	BOOL bRet = ::CreateProcess(
		NULL,//不在此指定可执行文件的文件名
		szCommandLine, //命令行参数
		NULL,//默认进程的安全性
		NULL,//默认线程的安全性
		FALSE,//指定当前进程内的句柄不可以被子进程继承
		CREATE_NEW_CONSOLE,//为新进程创建一个新的控制台窗口
		NULL,//使用本进程的环境变量
		NULL,//使用本进程的驱动器和目录
		&si,
		&pi);
	if (bRet) {
		CloseHandle(pi.hProcess);
		CloseHandle(pi.hThread);
	}
	return bRet;
}

BOOL WindowsAxy::CreateProcessAdmAxy(LPCTSTR buffer) {
	SHELLEXECUTEINFO sei = { sizeof(sei) };
	sei.lpVerb = _T("runas");
	sei.lpFile = buffer;
	sei.nShow = SW_SHOWNORMAL;
	return ShellExecuteEx(&sei);
}

std::list<std::string> WindowsAxy::GetProcessList(void) {
	std::list<std::string> strlist;
	HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
	PROCESSENTRY32 pi = { sizeof(PROCESSENTRY32) };
	BOOL bRet = Process32First(hSnapshot, &pi);
	std::string str;
	while (bRet) {
#ifdef UNICODE
		str = wchar_tToString(pi.szExeFile) + ": PID = " + std::to_string(pi.th32ProcessID);
#else
		str = std::string(pi.szExeFile) + ": PID = " + std::to_string(pi.th32ProcessID);
#endif // UNICODE
		strlist.push_back(str);
		bRet = Process32Next(hSnapshot, &pi);
	}
	CloseHandle(hSnapshot);
	return strlist;
}

std::list<PROCESSENTRY32> WindowsAxy::GetProcessInfoList(void) {
	std::list<PROCESSENTRY32> ProcessInfolist;
	HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
	PROCESSENTRY32 pi{ sizeof(pi) };
	BOOL bRet = Process32First(hSnapshot, &pi);
	while (bRet) {
		ProcessInfolist.push_back(pi);
		bRet = Process32Next(hSnapshot, &pi);
	}
	CloseHandle(hSnapshot);
	return ProcessInfolist;
}

BOOL WindowsAxy::GetProcessInfoMap(std::unordered_multimap<DWORD, std::string>& Pid_name) {
	Pid_name.clear();
	HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
	if (hSnapshot == INVALID_HANDLE_VALUE)
		return FALSE;
	PROCESSENTRY32 pi{ sizeof(pi) };
	BOOL bRet = Process32First(hSnapshot, &pi);
	std::string name;
	DWORD pid;
	while (bRet) {
#ifdef UNICODE
		name = wchar_tToString(pi.szExeFile);
#else
		name = std::string(pi.szExeFile);
#endif // UNICODE
		pid = pi.th32ProcessID;
		Pid_name.insert(make_pair(pid, name));
		bRet = Process32Next(hSnapshot, &pi);
	}
	CloseHandle(hSnapshot);
	return TRUE;
}

BOOL WindowsAxy::GetProcessInfoMap(std::unordered_multimap<std::string, DWORD>& Name_Pid) {
	Name_Pid.clear();
	HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
	if (hSnapshot == INVALID_HANDLE_VALUE)
		return FALSE;
	PROCESSENTRY32 pi{ sizeof(pi) };
	BOOL bRet = Process32First(hSnapshot, &pi);
	std::string name;
	DWORD pid;
	DWORD dwIndex = 0;
	while (bRet) {
#ifdef UNICODE
		name = wchar_tToString(pi.szExeFile);
#else
		name = std::string(pi.szExeFile);
#endif // UNICODE
		pid = pi.th32ProcessID;
		Name_Pid.insert(make_pair(name, pid));
		bRet = Process32Next(hSnapshot, &pi);
		dwIndex++;
	}

	CloseHandle(hSnapshot);
	return TRUE;
}

BOOL WindowsAxy::GetProcessInfoMap(std::unordered_multimap<DWORD, PROCESSENTRY32>& mapProcessInfo) {
	HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
	if (hSnap == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	PROCESSENTRY32 pi{ sizeof(pi) };
	BOOL bRet = Process32First(hSnap, &pi);
	while (bRet) {
		mapProcessInfo.insert(std::make_pair(pi.th32ProcessID, pi));
		bRet = Process32Next(hSnap, &pi);
	}
	CloseHandle(hSnap);
	return TRUE;
}

BOOL WindowsAxy::GetProcessInfoMap(std::unordered_multimap<std::string, PROCESSENTRY32>& mapProcessInfo) {
	HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
	if (hSnap == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	PROCESSENTRY32 pi{ sizeof(pi) };
	BOOL bRet = Process32First(hSnap, &pi);
	while (bRet) {
#ifdef UNICODE
		mapProcessInfo.insert(std::make_pair(wchar_tToString(pi.szExeFile), pi));
#else
		mapProcessInfo.insert(std::make_pair(std::string(pi.szExeFile), pi));
#endif
		bRet = Process32Next(hSnap, &pi);
	}
	CloseHandle(hSnap);
	return TRUE;
}

BOOL WindowsAxy::KillProcess(DWORD pid) {
	HANDLE hProcess = OpenProcess(PROCESS_TERMINATE, FALSE, pid);
	if (hProcess != NULL)
		return TerminateProcess(hProcess, 0);
	else return FALSE;
}

DWORD WindowsAxy::GetProcessId(const wchar_t* szProcessName) {
	std::unordered_multimap<std::string, DWORD> Name_Pid;
	GetProcessInfoMap(Name_Pid);
	auto ite = Name_Pid.find(wchar_tToString(szProcessName));

	if (ite != Name_Pid.end())
		return ite->second;
	else
		return 0xFFFFFFFF;
}

DWORD WindowsAxy::GetProcessId(const char* szProcessName) {
	std::unordered_multimap<std::string, DWORD> Name_Pid;
	GetProcessInfoMap(Name_Pid);
	auto ite = Name_Pid.find(szProcessName);
	if (ite != Name_Pid.end())
		return ite->second;
	else
		return 0xFFFFFFFF;
}

std::vector<DWORD> WindowsAxy::GetMulitiProcessId(LPCTSTR szProcessName) {
	std::unordered_multimap<std::string, DWORD> Name_Pid;
	GetProcessInfoMap(Name_Pid);
#ifdef UNICODE
	std::string strProcessName = wchar_tToString(szProcessName);
	auto m = Name_Pid.find(strProcessName);
	std::vector<DWORD> ans;
	for (int k = 0; k != Name_Pid.count(strProcessName); k++, m++)
		ans.push_back(m->second);
	return ans;
#else
	auto m = Name_Pid.find(szProcessName);
	std::vector<DWORD> ans;
	for (int k = 0; k != Name_Pid.count(szProcessName); k++, m++)
		ans.push_back(m->second);
	return ans;
#endif // UNICODE

}

std::string WindowsAxy::GetProcessName(DWORD pid) {
	std::unordered_multimap<DWORD, std::string> Pid_Name;
	GetProcessInfoMap(Pid_Name);
	auto ite = Pid_Name.find(pid);
	if (ite != Pid_Name.end())
		return ite->second;
	else
		return "NO_Find";
}

PROCESSENTRY32 WindowsAxy::GetProcessInfo(DWORD pid) {
	std::unordered_multimap<DWORD, PROCESSENTRY32> mapProcessInfo;
	GetProcessInfoMap(mapProcessInfo);
	auto ite = mapProcessInfo.find(pid);
	if (ite != mapProcessInfo.end())
		return ite->second;
	else {
		return PROCESSENTRY32();
	}
}

std::string WindowsAxy::GetProcessFilePath(DWORD dwProcessId) {
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId);
	std::string ans;
	if (hProcess != INVALID_HANDLE_VALUE) {
		CHAR csFilePath[MAX_PATH]{ 0 };
		GetModuleFileNameExA(hProcess, NULL, csFilePath, MAX_PATH);
		ans = csFilePath;
		CloseHandle(hProcess);
	}
	return ans;
}

BOOL WindowsAxy::GetThreadList(std::list<std::string>& ThreadList, DWORD nProcessId /*= NULL*/) {
	ThreadList.clear();
	std::string str;
	DWORD dwPID = nProcessId;//遍历系统内部所有的线程
	HANDLE hThreadSnap = 0;
	//在创建快照的API里,第一个参数,代表着要获取什么TH32CS_SNAPTHRBAD代表获取系统内所有的线程
	hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, dwPID);
	if (hThreadSnap == INVALID_HANDLE_VALUE) {
		//异常返回,代表线程快照,创建失败
		return FALSE;
	}
	THREADENTRY32 stcTe32 = { sizeof(THREADENTRY32) };
	Thread32First(hThreadSnap, &stcTe32);
	do {
		if (dwPID == NULL) {
			str = "线程ID:" + std::to_string(stcTe32.th32ThreadID);
			ThreadList.push_back(str);
		}
		else if (dwPID == stcTe32.th32OwnerProcessID) {
			str = "线程ID:" + std::to_string(stcTe32.th32ThreadID);
			ThreadList.push_back(str);
		}
	} while (Thread32Next(hThreadSnap, &stcTe32));
	return TRUE;
}

BOOL WindowsAxy::GetThreadInfoList(std::list<THREADENTRY32>& ThreadList, DWORD nProcessId /*= NULL*/) {
	ThreadList.clear();
	DWORD dwPID = nProcessId;//遍历系统内部所有的线程
	HANDLE hThreadSnap = 0;
	//在创建快照的API里,第一个参数,代表着要获取什么TH32CS_SNAPTHRBAD代表获取系统内所有的线程
	hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
	if (hThreadSnap == INVALID_HANDLE_VALUE) {
		//异常返回,代表线程快照,创建失败
		return FALSE;
	}
	THREADENTRY32 stcTe32 = { sizeof(THREADENTRY32) };
	Thread32First(hThreadSnap, &stcTe32);
	do {
		if (dwPID == NULL) {
			ThreadList.push_back(stcTe32);
		}
		else if (dwPID == stcTe32.th32OwnerProcessID) {
			ThreadList.push_back(stcTe32);
		}
	} while (Thread32Next(hThreadSnap, &stcTe32));
	return TRUE;
}

BOOL WindowsAxy::GetThreadIdArray(std::vector<DWORD>& ThreadIdVector, DWORD nProcessId /*= NULL*/) {
	ThreadIdVector.clear();
	DWORD dwPID = nProcessId;//遍历系统内部所有的线程
	HANDLE hThreadSnap = 0;
	//在创建快照的API里,第一个参数,代表着要获取什么TH32CS_SNAPTHRBAD代表获取系统内所有的线程
	hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
	if (hThreadSnap == INVALID_HANDLE_VALUE) {
		//异常返回,代表线程快照,创建失败
		return FALSE;
	}
	THREADENTRY32 stcTe32 = { sizeof(THREADENTRY32) };
	Thread32First(hThreadSnap, &stcTe32);
	do {
		if (dwPID == NULL) {
			ThreadIdVector.push_back(stcTe32.th32ThreadID);
		}
		else if (dwPID == stcTe32.th32OwnerProcessID) {
			ThreadIdVector.push_back(stcTe32.th32ThreadID);
		}
	} while (Thread32Next(hThreadSnap, &stcTe32));
	return TRUE;
}

BOOL WindowsAxy::SuspendThread(DWORD Tid) {
	HANDLE hThread = OpenThread(THREAD_ALL_ACCESS, FALSE, Tid);
	if (hThread) {
		::SuspendThread(hThread);
		CloseHandle(hThread);
		return TRUE;
	}
	else {
		return FALSE;
	}
}

BOOL WindowsAxy::ResumeThread(DWORD Tid) {
	HANDLE hThread = OpenThread(THREAD_ALL_ACCESS, FALSE, Tid);
	if (hThread) {
		::ResumeThread(hThread);
		CloseHandle(hThread);
		return TRUE;
	}
	else {
		return FALSE;
	}
}

BOOL WindowsAxy::KillThread(DWORD Tid) {
	HANDLE hThread = OpenThread(THREAD_ALL_ACCESS, FALSE, Tid);
	if (hThread) {
		::TerminateThread(hThread, 0);
		CloseHandle(hThread);
		return TRUE;
	}
	else {
		return FALSE;
	}
}

HANDLE WindowsAxy::CreateThreadAxy(_Out_ DWORD& Tid, _In_ ThreadCallbackAxy ThreadProc, _In_ LPVOID lp /*= NULL*/, _In_ DWORD dwCreationFlags /*= 0*/, _In_ SIZE_T dwStackSize /*= 0*/, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes /*= NULL*/) {
	return CreateThread(lpThreadAttributes, dwStackSize, ThreadProc, lp, dwCreationFlags, &Tid);
}

HANDLE WindowsAxy::CreateThreadAxy(_In_ ThreadCallbackAxy ThreadProc, _In_ LPVOID lp /*= NULL*/, _In_ DWORD dwCreationFlags /*= 0*/, _In_ SIZE_T dwStackSize /*= 0*/, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes /*= NULL*/) {
	DWORD Tid;
	return CreateThread(lpThreadAttributes, dwStackSize, ThreadProc, lp, dwCreationFlags, &Tid);
}


HANDLE WindowsAxy::CreateRemoteThreadAXY(HANDLE hProcess, ThreadCallbackAxy ThreadProc, LPVOID lp /*= NULL*/) {
	return CreateRemoteThread(hProcess, NULL, NULL, ThreadProc, lp, NULL, NULL);
}

BOOL WindowsAxy::WriteProcessMemory(DWORD ProcessId, LPVOID source, LPVOID target, SIZE_T size) {
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, ProcessId);
	if (hProcess != INVALID_HANDLE_VALUE) {
		BOOL bret = ::WriteProcessMemory(hProcess, source, target, size, NULL);
		CloseHandle(hProcess);
		return bret;
	}
	else return FALSE;
}

BOOL WindowsAxy::WriteProcessMemory(HANDLE hProcess, LPVOID source, LPVOID target, SIZE_T size) {
	return ::WriteProcessMemory(hProcess, source, target, size, NULL);
}

BOOL WindowsAxy::ReadProcessMemory(DWORD ProcessId, LPVOID source, LPVOID target, SIZE_T size) {
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, ProcessId);
	if (hProcess != NULL) {
		return ::ReadProcessMemory(hProcess, source, target, size, NULL);
		CloseHandle(hProcess);
	}
	else return FALSE;
}

BOOL WindowsAxy::ReadProcessMemory(HANDLE hProcess, LPVOID source, LPVOID target, SIZE_T size) {
	return ::ReadProcessMemory(hProcess, source, target, size, nullptr);
}

LPVOID WindowsAxy::MemoryAlloc(SIZE_T dwSize, DWORD flProtect /*= PAGE_EXECUTE_READWRITE*/, LPVOID lpAddress /*= NULL*/, DWORD flAllocationType /*= MEM_COMMIT | MEM_RESERVE*/) {
	return VirtualAlloc(lpAddress, dwSize, flAllocationType, flProtect);
}

LPVOID WindowsAxy::RemoteMemoryAlloc(HANDLE hProcess, SIZE_T dwSize, DWORD flProtect /*= PAGE_EXECUTE_READWRITE*/, LPVOID lpAddress /*= NULL*/, DWORD flAllocationType /*= MEM_COMMIT | MEM_RESERVE*/) {
	return VirtualAllocEx(hProcess, lpAddress, dwSize, flAllocationType, flProtect);
}

LPVOID WindowsAxy::RemoteMemoryAlloc(DWORD dwProcessId, SIZE_T dwSize, DWORD flProtect /*= PAGE_EXECUTE_READWRITE*/, LPVOID lpAddress /*= NULL*/, DWORD flAllocationType /*= MEM_COMMIT | MEM_RESERVE*/) {
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId);
	if (hProcess == INVALID_HANDLE_VALUE) {
		return NULL;
	}
	else {
		lpAddress = VirtualAllocEx(hProcess, lpAddress, dwSize, flAllocationType, flProtect);
		CloseHandle(hProcess);
		return lpAddress;
	}

}

BOOL WindowsAxy::FreeMemory(LPVOID lpAddress) {
	return VirtualFree(lpAddress, 0, MEM_RELEASE);
}

BOOL WindowsAxy::RemoteFreeMemory(HANDLE hProcess, LPVOID lpAddress) {
	return VirtualFreeEx(hProcess, lpAddress, 0, MEM_RELEASE);
}

BOOL WindowsAxy::RemoteFreeMemory(DWORD dwProcessId, LPVOID lpAddress) {
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId);
	if (hProcess == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	else {
		BOOL bRet = VirtualFreeEx(hProcess, lpAddress, 0, MEM_RELEASE);
		CloseHandle(hProcess);
		return bRet;
	}
}

BOOL WindowsAxy::RemoteMemoryProtect(DWORD dwProcessId, LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, DWORD& flOldProtect) {
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId);
	if (hProcess == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	else {
		BOOL bRet = VirtualProtectEx(hProcess, lpAddress, dwSize, flNewProtect, &flOldProtect);
		CloseHandle(hProcess);
		return bRet;
	}
}

BOOL WindowsAxy::RemoteMemoryProtect(HANDLE hProcess, LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, DWORD& flOldProtect) {
	return VirtualProtectEx(hProcess, lpAddress, dwSize, flNewProtect, &flOldProtect);
}


BOOL WindowsAxy::WaitUntilTime(WORD Year, WORD Month, WORD Day, WORD Hour, WORD Minute, WORD Second, WORD ms /*= 0*/) {
	HANDLE g_WaitableTimer = CreateWaitableTimerW(NULL, FALSE, L"TIME1");
	if (g_WaitableTimer == NULL) {
		return FALSE;
	}
	else {
		SYSTEMTIME st;
		FILETIME ftLocal, ftUTC;
		LARGE_INTEGER liUTC;
		st.wYear = Year;
		st.wMonth = Month;
		st.wDayOfWeek = 0;
		st.wDay = Day;
		st.wHour = Hour;
		st.wMinute = Minute;
		st.wSecond = Second;
		st.wMilliseconds = ms;
		SystemTimeToFileTime(&st, &ftLocal);
		LocalFileTimeToFileTime(&ftLocal, &ftUTC);
		liUTC.LowPart = ftUTC.dwLowDateTime;
		liUTC.HighPart = ftUTC.dwHighDateTime;
		//liUTC.QuadPart = -100000000;
		SetWaitableTimer(g_WaitableTimer, &liUTC, 0, NULL, NULL, FALSE);
		WaitForSingleObject(g_WaitableTimer, INFINITE);
		CloseHandle(g_WaitableTimer);
		return TRUE;
	}

}

BOOL WindowsAxy::GetProcessModuleList(_Out_ std::list<MODULEENTRY32>& ModuleList, _In_ LPCTSTR ProcessName) {
	DWORD ProcessID = GetProcessId(ProcessName);
	return GetProcessModuleList(ModuleList, ProcessID);
}

BOOL WindowsAxy::GetProcessModuleList(_Out_ std::list<MODULEENTRY32>& ModuleList, _In_ DWORD dwProcessId) {
	ModuleList.clear();
	HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, dwProcessId);
	if (hSnapshot == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	MODULEENTRY32 me32;
	me32.dwSize = sizeof(MODULEENTRY32);
	BOOL bRet = Module32First(hSnapshot, &me32);
	while (bRet) {
		ModuleList.push_back(me32);

		bRet = Module32Next(hSnapshot, &me32);
	}
	CloseHandle(hSnapshot);
	return TRUE;
}

BOOL WindowsAxy::GetProcessModuleNameList(_Out_ std::list<std::string>& ModuleList, _In_ LPCTSTR ProcessName) {
	DWORD ProcessID = GetProcessId(ProcessName);
	return GetProcessModuleNameList(ModuleList, ProcessID);
}

BOOL WindowsAxy::GetProcessModuleNameList(_Out_ std::list<std::string>& ModuleList, _In_ DWORD dwProcessId) {
	ModuleList.clear();
	HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, dwProcessId);
	if (hSnapshot == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	MODULEENTRY32 me32;
	me32.dwSize = sizeof(MODULEENTRY32);
	BOOL bRet = Module32First(hSnapshot, &me32);
	while (bRet) {
#ifdef UNICODE
		ModuleList.push_back(wchar_tToString(me32.szModule));
#else
		ModuleList.push_back(std::string(me32.szModule));
#endif // UNICODE
		bRet = Module32Next(hSnapshot, &me32);
	}
	return TRUE;
}

BOOL WindowsAxy::GetProcessModuleMap(_Out_ std::unordered_multimap<std::string, MODULEENTRY32>& ModuleMap, _In_ LPCTSTR ProcessName) {
	DWORD ProcessID = GetProcessId(ProcessName);
	return GetProcessModuleMap(ModuleMap, ProcessID);
}

BOOL WindowsAxy::GetProcessModuleMap(_Out_ std::unordered_multimap<std::string, MODULEENTRY32>& ModuleMap, _In_ DWORD dwProcessId) {
	ModuleMap.clear();
	HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, dwProcessId);
	if (hSnapshot == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	MODULEENTRY32 me32;
	me32.dwSize = sizeof(MODULEENTRY32);
	BOOL bRet = Module32First(hSnapshot, &me32);
	while (bRet) {
#ifdef UNICODE
		ModuleMap.insert(make_pair(wchar_tToString(me32.szModule), me32));
#else
		ModuleMap.insert(make_pair(std::string(me32.szModule), me32));
#endif
		bRet = Module32Next(hSnapshot, &me32);
	}
	return TRUE;
}

LONG_PTR WindowsAxy::GetModuleBaseAddr(LPCTSTR ModuleName, DWORD ProcessID) {
	if (ProcessID == 0) {
		ProcessID = GetCurrentProcessId();
	}
	std::unordered_multimap<std::string, MODULEENTRY32> ModuleMap;
	GetProcessModuleMap(ModuleMap, ProcessID);
#ifdef UNICODE
	auto ite = ModuleMap.find(wchar_tToString(ModuleName));
#else
	auto ite = ModuleMap.find(std::string(ModuleName));
#endif // UNICODE
	return (LONG_PTR)ite->second.modBaseAddr;
	// 	HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, ProcessID);
	// 	if (hSnapshot == INVALID_HANDLE_VALUE)
	// 	{
	// 		return 0;
	// 	}
	// 	MODULEENTRY32 me32;
	// 	me32.dwSize = sizeof(MODULEENTRY32);
	// 	BOOL bRet = Module32First(hSnapshot, &me32);
	// 	while (bRet) {
	// 		//std::cout << WindowsAxy::wchar_tToString(me32.szModule) << std::endl;
	// 
	// 		int nFlag = wcscmp(me32.szModule, ModuleName);
	// 		if (nFlag == 0)
	// 		{
	// 			return (DWORD)me32.modBaseAddr;
	// 		}
	// 		bRet = Module32Next(hSnapshot, &me32);
	// 
	// 	}
	// 	return -1;
}



BOOL WindowsAxy::RemoteInject(DWORD dwProcessId, const wchar_t* csDllPath) {
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId);
	if (hProcess == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	LPVOID lpBuffer = VirtualAllocEx(hProcess, NULL, MAX_PATH * 2, MEM_COMMIT, PAGE_READWRITE);
	if (lpBuffer == NULL) {
		CloseHandle(hProcess);
		return FALSE;
	}
	SIZE_T dwRealWrite;
	BOOL bRet = ::WriteProcessMemory(hProcess, lpBuffer, csDllPath, (wcslen(csDllPath) + 1) * 2, &dwRealWrite);
	if (!bRet) {
		CloseHandle(hProcess);
		return FALSE;
	}
	HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)LoadLibraryW, lpBuffer, 0, NULL);
	if (hThread == NULL) {
		CloseHandle(hProcess);
		return FALSE;
	}
	WaitForSingleObject(hThread, -1);
	CloseHandle(hThread);
	VirtualFreeEx(hProcess, lpBuffer, 0, MEM_RELEASE);
	CloseHandle(hProcess);
	return TRUE;
}

BOOL WindowsAxy::RemoteInject(DWORD dwProcessId, const char* csDllPath) {
	std::wstring wcsDllPath = StringToWString(csDllPath);
	return RemoteInject(dwProcessId, wcsDllPath.c_str());
}

BOOL WindowsAxy::RemoteInject(std::string szProcessName, const wchar_t* csDllPath) {
	return RemoteInject(GetProcessId(szProcessName.c_str()), csDllPath);
}

BOOL WindowsAxy::RemoteFreelibrary(DWORD dwProcessId, const wchar_t* csDllPath) {
	MODULEENTRY32 me32 = { sizeof(me32) };
	HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE32 | TH32CS_SNAPMODULE, dwProcessId);
	if (hSnap == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	BOOL bRet = Module32First(hSnap, &me32);
	while (bRet) {
		if (!wcscmp(csDllPath, (const wchar_t*)me32.szExePath) || !wcscmp(csDllPath, (const wchar_t*)me32.szModule)) {
			LONG_PTR dwModeBase = (LONG_PTR)me32.modBaseAddr;
			HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId);
			if (hProcess == INVALID_HANDLE_VALUE) {
				CloseHandle(hSnap);
				return FALSE;
			}
			HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)FreeLibrary, (LPVOID)dwModeBase, 0, NULL);
			if (hThread == NULL) {
				CloseHandle(hSnap);
				CloseHandle(hProcess);
				return FALSE;
			}
			WaitForSingleObject(hThread, -1);
			CloseHandle(hThread);
			CloseHandle(hProcess);
			CloseHandle(hSnap);
			return TRUE;
		}
		bRet = Module32Next(hSnap, &me32);
	}
	CloseHandle(hSnap);
	return FALSE;
}

BOOL WindowsAxy::RemoteFreelibrary(DWORD dwProcessId, const char* csDllPath) {
	std::wstring wcsDllPath = StringToWString(csDllPath);
	return RemoteFreelibrary(dwProcessId, wcsDllPath.c_str());
}

BOOL WindowsAxy::RemoteFreelibrary(std::string szProcessName, const wchar_t* csDllPath) {
	return RemoteFreelibrary(GetProcessId(szProcessName.c_str()), csDllPath);
}

BOOL WindowsAxy::UnTraceInject(DWORD dwProcessId, const wchar_t* csDllPath) {
	RemoteInject(dwProcessId, csDllPath);
	MODULEENTRY32 me32 = { sizeof(me32) };
	HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE32 | TH32CS_SNAPMODULE, dwProcessId);
	if (hSnap == INVALID_HANDLE_VALUE) {
		return false;
	}
	BOOL bRet = Module32First(hSnap, &me32);
	LONG_PTR dwModeBase = 0, dwModeSize = 0;
	while (bRet) {
		if (!wcscmp(csDllPath, (const wchar_t*)me32.szExePath) || !wcscmp(csDllPath, (const wchar_t*)me32.szModule)) {
			dwModeBase = (LONG_PTR)me32.modBaseAddr;
			dwModeSize = (LONG_PTR)me32.modBaseSize;
			break;
		}
		bRet = Module32Next(hSnap, &me32);
	}
	CloseHandle(hSnap);
	if (!bRet) {
		return false;
	}
	char* szBuffer = new char[dwModeSize] {0};
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId);
	if (hProcess == INVALID_HANDLE_VALUE) {
		//		CloseHandle(hSnap);
		return false;
	}
	bRet = ::ReadProcessMemory(hProcess, (LPVOID)dwModeBase, szBuffer, dwModeSize, NULL);
	if (!bRet) {
		CloseHandle(hProcess);
		return false;
	}
	bRet = RemoteFreelibrary(dwProcessId, csDllPath);
	if (!bRet) {
		CloseHandle(hProcess);
		return false;
	}
	LPVOID lpModule = VirtualAllocEx(hProcess, (LPVOID)dwModeBase, dwModeSize, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
	if (lpModule == NULL) {
		CloseHandle(hProcess);
		return false;
	}
	bRet = ::WriteProcessMemory(hProcess, (LPVOID)dwModeBase, szBuffer, dwModeSize, NULL);
	CloseHandle(hProcess);
	return bRet;
}

BOOL WindowsAxy::UnTraceInject(DWORD dwProcessId, const char* csDllPath) {
	std::wstring wcsDllPath = StringToWString(csDllPath);
	return UnTraceInject(dwProcessId, wcsDllPath.c_str());
}

BOOL WindowsAxy::UnTraceInject(std::string szProcessName, const wchar_t* csDllPath) {
	return UnTraceInject(GetProcessId(szProcessName.c_str()), csDllPath);
}

BOOL WindowsAxy::ReadFile(LPCTSTR szFilePath, std::vector<unsigned char>& szBuffer) {
	HANDLE hFile = CreateFile(szFilePath, \
		GENERIC_READ, \
		0, NULL, \
		OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
	if (hFile == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	DWORD dwRealRead;
	DWORD dwLength = GetFileSize(hFile, NULL);
	char* szbuffer = new char[dwLength];
	BOOL bRet = ::ReadFile(hFile, szbuffer, dwLength, &dwRealRead, NULL);
	for (DWORD i = 0; i < dwLength; i++) {
		szBuffer.push_back(szbuffer[i]);
	}
	delete[]szbuffer;
	CloseHandle(hFile);
	return bRet;
}

char* WindowsAxy::ReadFile(LPCTSTR szFilePath) {
	HANDLE hFile = CreateFile(szFilePath, \
		GENERIC_READ, \
		0, NULL, \
		OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
	if (hFile == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	DWORD dwRealRead;
	DWORD dwLength = GetFileSize(hFile, NULL);
	char* szbuffer = new char[dwLength] {0};
	BOOL bRet = ::ReadFile(hFile, szbuffer, dwLength, &dwRealRead, NULL);
	if (!bRet) {
		delete[]szbuffer;
		return nullptr;
	}
	CloseHandle(hFile);
	return szbuffer;
}

BOOL WindowsAxy::ReadFile(LPCTSTR szFilePath, unsigned char* szBuffer, DWORD dwLength) {
	HANDLE hFile = CreateFile(szFilePath, \
		GENERIC_READ, \
		0, NULL, \
		OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
	if (hFile == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	DWORD dwRealRead;
	BOOL bRet = ::ReadFile(hFile, szBuffer, dwLength, &dwRealRead, NULL);
	CloseHandle(hFile);
	return bRet;
}

BOOL WindowsAxy::WriteFile(LPCTSTR szFilePath, std::string str) {
	HANDLE hFile = CreateFile(szFilePath, \
		GENERIC_WRITE, \
		0, NULL, \
		OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
	if (hFile == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	DWORD dwNumberOfBytesWritten;
	BOOL bRet = ::WriteFile(hFile, str.c_str(), (DWORD)str.length(), &dwNumberOfBytesWritten, NULL);
	CloseHandle(hFile);
	return bRet;
}



BOOL WindowsAxy::WriteFile(LPCTSTR szFilePath, unsigned char* ucbyte, DWORD dwLength, int nPos /*= 0*/) {
	HANDLE hFile = CreateFile(szFilePath, \
		GENERIC_WRITE, \
		0, NULL, \
		OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
	if (hFile == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	DWORD dwNumberOfBytesWritten;
	DWORD dwFliePointer = SetFilePointer(hFile, nPos, NULL, FILE_BEGIN);
	BOOL bRet = ::WriteFile(hFile, ucbyte, dwLength, &dwNumberOfBytesWritten, NULL);
	CloseHandle(hFile);
	return bRet;
}

BOOL WindowsAxy::WriteFile_pushback(LPCTSTR szFilePath, std::string str) {
	HANDLE hFile = CreateFile(szFilePath, \
		GENERIC_WRITE, \
		0, NULL, \
		OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
	if (hFile == INVALID_HANDLE_VALUE) {
		return FALSE;
	}
	DWORD dwNumberOfBytesWritten;
	DWORD dwFliePointer = SetFilePointer(hFile, 0, NULL, FILE_END);
	BOOL bRet = ::WriteFile(hFile, str.c_str(), (DWORD)str.length(), &dwNumberOfBytesWritten, NULL);
	CloseHandle(hFile);
	return bRet;
}



std::string WindowsAxy::ReadClipboard() {
	std::string szBuffer;
	if (OpenClipboard(NULL)) {
		if (IsClipboardFormatAvailable(CF_TEXT)) {
			HGLOBAL hGlobalClip = GetClipboardData(CF_TEXT);
			if (hGlobalClip)
				szBuffer = std::string((char*)GlobalLock(hGlobalClip));
			GlobalUnlock(hGlobalClip);
		}
		CloseClipboard();
	}
	return szBuffer;
}

BOOL WindowsAxy::WriteClipboard(const std::string& str) {
	BOOL bRet = OpenClipboard(NULL);
	if (bRet) {
		char* szBuffer = NULL;
		EmptyClipboard();
		HGLOBAL hGlobalClip = GlobalAlloc(GHND, str.length() + 1);
		if (hGlobalClip) {
			LPVOID lpBuffer = GlobalLock(hGlobalClip);
			if (lpBuffer != NULL) {
				memcpy(lpBuffer, str.c_str(), str.length() + 1);
			}
			GlobalUnlock(hGlobalClip);
			SetClipboardData(CF_TIFF, hGlobalClip);
			CloseClipboard();
			return TRUE;
		}
	}
	return FALSE;
}

std::list<HWND> WindowsAxy::GetWindowList() {
	HWND hWnd = GetTopWindow(0);
	std::list<HWND> hWndList;
	hWnd = GetWindow(hWnd, GW_HWNDFIRST);
	while (hWnd) {
		if (IsWindowVisible(hWnd) && !GetParent(hWnd)) {
			hWndList.push_back(hWnd);
		}
		hWnd = GetWindow(hWnd, GW_HWNDNEXT);
	}
	return hWndList;
}

std::list<WndInfo> WindowsAxy::GetWindowInfoList() {
	WndInfo stcWndInfo;
	std::list<WndInfo> listWndInfo;
	HWND hWnd = GetTopWindow(0);
	hWnd = GetWindow(hWnd, GW_HWNDFIRST);
	while (hWnd) {
		if (IsWindowVisible(hWnd) && !GetParent(hWnd) && hWnd) {
			CHAR csWindowsName[MAX_PATH]{ 0 };
			int nLen = ::GetWindowTextLengthA(hWnd);
			::GetWindowTextA(hWnd, csWindowsName, nLen + 1);
			stcWndInfo.szWndName = csWindowsName;
			if (!stcWndInfo.szWndName.empty()) {
				stcWndInfo.bFlag = !IsHungAppWindow(hWnd);
				stcWndInfo.dwThreadId = GetWindowThreadProcessId(hWnd, &(stcWndInfo.dwProcessId));
				stcWndInfo.hWnd = hWnd;
				stcWndInfo.hIcon = (HICON)::SendMessage(hWnd, WM_GETICON, FALSE, 0);
				HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, stcWndInfo.dwProcessId);
				GetModuleFileNameExA(hProcess, NULL, csWindowsName, MAX_PATH);
				CloseHandle(hProcess);
				stcWndInfo.szPath = csWindowsName;
				if (stcWndInfo.hIcon == NULL) {
#ifdef UNICODE
					stcWndInfo.hIcon = ::ExtractIcon(NULL, StringToWString(stcWndInfo.szPath).c_str(), 0);
#else
					stcWndInfo.hIcon = ::ExtractIcon(NULL, stcWndInfo.szPath.c_str(), 0);
#endif // UNICODE
					if (stcWndInfo.hIcon == NULL) {
						stcWndInfo.hIcon = LoadIcon(NULL, IDI_APPLICATION);
					}
				}
				listWndInfo.push_back(stcWndInfo);
			}
		}
		hWnd = GetWindow(hWnd, GW_HWNDNEXT);
	}
	return listWndInfo;
}

std::vector<std::string> WindowsAxy::GetAllSubKeyPath(HKEY hKey, std::string szKeyPath) {
	HKEY key;
	DWORD dwBufferSize = 255;
	std::vector<std::string> ans;
	if (RegOpenKeyExA(HKEY_LOCAL_MACHINE, szKeyPath.c_str(), 0, KEY_ALL_ACCESS, &key) == ERROR_SUCCESS) {
		char szSubKeyPath[MAX_PATH]{ 0 };
		DWORD dwIndex = 0;
		while (SHEnumKeyExA(key, dwIndex++, szSubKeyPath, &dwBufferSize) != ERROR_NO_MORE_ITEMS) {
			dwBufferSize = MAX_PATH;
			std::string str = szKeyPath + "\\" + szSubKeyPath;
			ans.push_back(str);
		}
		RegCloseKey(hKey);
	}
	return ans;
}

std::list<InstallInfo> WindowsAxy::GetInstallInfoList() {
	std::vector<std::string> szSubKeyPath = GetAllSubKeyPath(HKEY_LOCAL_MACHINE, \
		"SOFTWARE\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall");
	DWORD dwSize = MAX_PATH;
	DWORD dwType = REG_SZ;
	HKEY hSubKey;
	InstallInfo stcSoftInfo;
	std::list<InstallInfo> InstallInfoList;
	for (auto ite = szSubKeyPath.begin(); ite != szSubKeyPath.end(); ite++) {
		if (RegOpenKeyExA(HKEY_LOCAL_MACHINE, ite->c_str(), 0, KEY_ALL_ACCESS, &hSubKey) == ERROR_SUCCESS) {
			char szBuffer[MAX_PATH]{ 0 };
			RegQueryValueExA(hSubKey, "DisplayName", NULL, &dwType, (LPBYTE)szBuffer, &dwSize);
			dwSize = MAX_PATH;
			stcSoftInfo.szName = szBuffer;
			if (stcSoftInfo.szName.empty()) {
				RegCloseKey(hSubKey);
				continue;
			}
			RegQueryValueExA(hSubKey, "DisplayVersion", NULL, &dwType, (LPBYTE)szBuffer, &dwSize);
			dwSize = MAX_PATH;
			stcSoftInfo.szVersion = szBuffer;
			RegQueryValueExA(hSubKey, "InstallLocation", NULL, &dwType, (LPBYTE)szBuffer, &dwSize);
			dwSize = MAX_PATH;
			stcSoftInfo.szInstallPath = szBuffer;
			RegQueryValueExA(hSubKey, "Publisher", NULL, &dwType, (LPBYTE)szBuffer, &dwSize);
			dwSize = MAX_PATH;
			stcSoftInfo.szPublish = szBuffer;
			RegQueryValueExA(hSubKey, "UninstallString", NULL, &dwType, (LPBYTE)szBuffer, &dwSize);
			dwSize = MAX_PATH;
			stcSoftInfo.szUnistallPath = szBuffer;
			RegQueryValueExA(hSubKey, "InstallDate", NULL, &dwType, (LPBYTE)szBuffer, &dwSize);
			dwSize = MAX_PATH;
			stcSoftInfo.szInstallData = szBuffer;
			RegCloseKey(hSubKey);
			InstallInfoList.push_back(stcSoftInfo);
		}
	}
	return InstallInfoList;
}

std::unordered_map<std::string, std::string> WindowsAxy::GetAllKeyValue(HKEY Key, const char* szPath) {
	std::unordered_map<std::string, std::string> mapNameValue;
	HKEY cpp_key;
	LPCSTR cpp_data = szPath;
	//尝试打开注册表,‘HKEY_LOCAL_MACHINE’要打开的根表;‘cpp_data’要打开的子表项;‘0’固定值;‘KEY_ALL_ACCESS’申请的权限;‘&cpp_key’返回句柄;
	if (ERROR_SUCCESS == RegOpenKeyExA(Key, cpp_data, 0, KEY_READ, &cpp_key)) {
		DWORD dwIndex = 0, NameSize, NameCnt, NameMaxLen, Type;
		DWORD KeyCnt, KeyMaxLen, DateSize, MaxDateLen;
		if (ERROR_SUCCESS == RegQueryInfoKeyA(cpp_key, NULL, NULL, 0, &KeyCnt, &KeyMaxLen, NULL, &NameCnt, &NameMaxLen, &MaxDateLen, NULL, NULL)) {
			for (DWORD dwIndex = 0; dwIndex < NameCnt; dwIndex++)    //枚举键值
			{
				DateSize = MaxDateLen + 1;
				NameSize = NameMaxLen + 1;
				char* szValueName = (char*)malloc(NameSize);
				LPBYTE szValueDate = (LPBYTE)malloc(DateSize);
				RegEnumValueA(cpp_key, dwIndex, szValueName, &NameSize, NULL, &Type, szValueDate, &DateSize);//读取键值
				if (Type == REG_SZ) {
					mapNameValue.insert(make_pair(std::string(szValueName), std::string((char*)szValueDate)));
				}
			}
		}
	}
	RegCloseKey(cpp_key);//关闭句柄
	return mapNameValue;
}

void WindowsAxy::SetAutoRun(LPCSTR szFilePath) {
	/*	if (GetModuleFileNameA(NULL, (LPSTR)szFilePath, MAX_PATH)) {*/
	HKEY hKey;
	std::string strRegPath = "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run";
	if (RegOpenKeyExA(HKEY_LOCAL_MACHINE, strRegPath.c_str(), 0, KEY_SET_VALUE, &hKey) == ERROR_SUCCESS) {
		RegSetValueExA(hKey, "AutoRun", 0, REG_SZ, (LPBYTE)szFilePath, (strlen(szFilePath) + 1) * sizeof(TCHAR));
	}
	RegCloseKey(hKey);
	/*	}*/
}

// BOOL WindowsAxy::ExeShell(const char* cmd, char* result) {
// 	char szBuffer[MAX_PATH] = { 0 };
// 	FILE* pipe = _popen(cmd, "r");
// 	while (!feof(pipe)) {
// 		if (fgets(szBuffer, MAX_PATH, pipe)) {
// 			strcat(result, szBuffer);
// 		}
// 	}
// 	_pclose(pipe);
// 	return TRUE;
// }

wchar_t* WindowsAxy::stringToWchar_t(std::string str) {
	std::string temp = str;
	int len = MultiByteToWideChar(CP_ACP, 0, (LPCSTR)temp.c_str(), -1, NULL, 0);
	wchar_t* wszUtf8 = new wchar_t[(LONG64)len + 1];
	memset(wszUtf8, 0, (LONG64)len * 2 + 2);
	MultiByteToWideChar(CP_ACP, 0, (LPCSTR)temp.c_str(), -1, (LPWSTR)wszUtf8, len);
	return wszUtf8;
}

std::string WindowsAxy::wchar_tToString(const wchar_t* wchar) {
	std::string szDst;
	wchar_t* wText = (wchar_t*)wchar;
	DWORD dwNum = WideCharToMultiByte(CP_OEMCP, NULL, wText, -1, NULL, 0, NULL, FALSE);
	char* psText;
	psText = new char[dwNum];
	WideCharToMultiByte(CP_OEMCP, NULL, wText, -1, psText, dwNum, NULL, FALSE);
	szDst = psText;
	delete[]psText;
	return szDst;
}
#ifndef _WIN64
bool WindowsAxy::IsDebuggerPresentAXY() {
	bool bRet = FALSE;
	__asm {
		mov eax, fs: [0x30]
		mov al, byte ptr[eax + 2]
		mov bRet, al
	}
	return bRet;
}
#endif


std::wstring WindowsAxy::Utf8ToUnicode(const std::string& strUTF8) {
	int len = MultiByteToWideChar(CP_UTF8, 0, strUTF8.c_str(), -1, NULL, 0);
	if (len == 0) {
		return L"";
	}

	wchar_t* pRes = new wchar_t[len];
	if (pRes == NULL) {
		return L"";
	}

	MultiByteToWideChar(CP_UTF8, 0, strUTF8.c_str(), -1, pRes, len);
	pRes[len - 1] = L'\0';
	std::wstring result = pRes;
	delete[] pRes;

	return result;
}

std::string WindowsAxy::UnicodeToUtf8(const std::wstring& strUnicode) {
	int len = WideCharToMultiByte(CP_UTF8, 0, strUnicode.c_str(), -1, NULL, 0, NULL, NULL);
	if (len == 0) {
		return "";
	}
	char* pRes = new char[len];
	if (pRes == NULL) {
		return "";
	}
	WideCharToMultiByte(CP_UTF8, 0, strUnicode.c_str(), -1, pRes, len, NULL, NULL);
	pRes[len - 1] = '\0';
	std::string result = pRes;
	delete[] pRes;

	return result;
}

std::wstring WindowsAxy::StringToWString(const std::string& str) {
	int len = MultiByteToWideChar(CP_ACP, 0, str.c_str(), -1, NULL, 0);
	if (len == 0) {
		return L"";
	}

	wchar_t* pRes = new wchar_t[len];
	if (pRes == NULL) {
		return L"";
	}
	MultiByteToWideChar(CP_ACP, 0, str.c_str(), -1, pRes, len);
	pRes[len - 1] = L'\0';
	std::wstring result = pRes;
	delete[] pRes;
	return result;
}

std::string WindowsAxy::WStringToString(const std::wstring& wstr) {
	int len = WideCharToMultiByte(CP_ACP, 0, wstr.c_str(), -1, NULL, 0, NULL, NULL);
	if (len == 0) {
		return "";
	}

	char* pRes = new char[len];
	if (pRes == NULL) {
		return "";
	}

	WideCharToMultiByte(CP_ACP, 0, wstr.c_str(), -1, pRes, len, NULL, NULL);
	pRes[len - 1] = '\0';
	std::string result = pRes;
	delete[] pRes;

	return result;
}

std::string WindowsAxy::Utf8ToANSI(const std::string& strUtf8) {
	return WStringToString(Utf8ToUnicode(strUtf8));
}

std::string WindowsAxy::ANSIToUtf8(const std::string& strANSI) {
	return UnicodeToUtf8(StringToWString(strANSI));
}
Core Objects
关注
专栏目录
Windows学习总结(22)——Windows基线检查加固脚本
科技D人生
07-15 2623
Windows的批处理脚本(一键加固:根据自身要求修改) echo 现在开始Windows安全加固,确认请按任意键 pause echo [version] >account.inf REM帐户口令授权配置模块 echo signature="$CHICAGO$" >>account.inf echo [System Access] >>account.inf echo MinimumPasswordLength=6 >>account.inf REM 修改帐.
windows系统学习总结
穷则独善其身,达则兼济天下。
01-10 3251
windows学习指南 常用电脑技巧 视频播放如果flash无法播放,可以尝试右键html5播放。 游览器字体显示不正常可采用放大字体的方式。 如何去掉有道云笔记的广告,修改代码,变为“0,0,0,0” 更改matlab默认文件夹,userpath(‘F:\program’); 设置软件是否自启动-取消微信自启动 部分电脑管理软件会关闭系统自动更新。 有哪些可以删除的文...
渗透学习总结-Windows基础
cainiao17441898的博客
10-28 3317
文章目录Windows账户和组账户**组**Windows的Log(日志)系统 Windows账户和组 这里比较常用就不细说了。简要的概括下。 账户 默认账户: Administrator-默认的超级管理员 系统超级管理员账户,具有最高权限。在域中和计算机中具有不受限制的权限,可以管理本地或域中的任何计算机,如创建账户、创建组、实施安全策略等。 不被锁定,不能删除,可以重命名 Guest-默认来宾账户 默认被禁用,不能删除,可重命名 权限有限,不能修改系统设置和安装程序,只能读取计算机系统信息
windows系统应用 学习心得
2301_77677710的博客
11-06 952
Windows系统应用课程是一门介绍Windows操作系统及其应用程序的课程。该课程主要涵盖以下内容:Windows操作系统的基础知识:介绍Windows操作系统的特点、版本、系统要求、安装和升级等基础知识。Windows系统管理:介绍Windows系统管理的基本操作、安全性和维护等内容,包括用户和组、文件和文件夹、磁盘管理、备份和还原等。Windows应用程序:介绍Windows操作系统中的常用应用程序,如Office办公软件、浏览器、邮件客户端、媒体播放器、图像编辑器等。Windows网络配置:介绍Wi
【转载】Windows学习总结(26)—— Windows 或者 Window Server 服务开机自启动的四种方式
热门推荐
qq120631157的博客
10-18 1万+
【转载】Windows学习总结(26)—— Windows 或者 Window Server 服务开机自启动的四种方式
windows上配置本地深度学习工作站
YasmineC的博客
10-23 2794
安装Anaconda、创建python环境、安装Jetbrains Toolbox、安装Pycharm、Professional/Community、安装cuda、安装cudnn、安装pytorch、配置环境变量、激活powershell的base环境
windows技能学习1】
itboy_szjj的博客
04-17 1127
目录共享访问格式:1)访问共享目录:\\目标机器ip地址\2)访问C盘共享目录:\\目标机器ip地址\c$3)访问D盘共享目录:\\目标机器ip地址\d$windowxp/windows7均有该漏洞,XP系统开启共享功能的情况下,在访问IP地址后面加上c$就能访问c盘所有文件,如下图所演示。
C++ Windows客户端开发学习路线(超级详细)
数据结构和算法教程(C语言版)
08-25 1278
但是,调用 API 之前你需要知道它的优势和劣势,明确它能够胜任的具体场景,此时就需要你了解数据结构和算法的底层原理。Windows GUI 开发涉及到的技能板块非常繁杂,短期内不可能全部都掌握,为了加快学习进度,尽早开发出一款实用的软件,我们需要暂时先舍弃一些技能,或者对一些技能浅尝辄止,等到以后有余力了再回来学习。事实上,只学习C语言也能进行 Windows GUI 开发,也能做出类似 QQ、迅雷等待界面的程序,但C语言开发效率低,第三方库较少,实际项目中没有程序员会这样做,大家都转向了 C++
Windows逆向学习提纲
于高山之巅,方见大河奔涌;于群峰之上,更觉长风浩荡。
03-18 893
Windows逆向学习提纲
Windows下Docker学习总结
qq_46181653的博客
12-31 2604
Docker笔记
windows内存学习总结
03-14
Windows操作系统中,内存管理是系统性能的关键因素之一。它涉及到如何有效地分配、使用和回收内存资源,确保程序的高效运行。以下是对Windows内存管理的深入解析: 一、内存分配 1. **基本概念**:内存是计算机...
Windows学习总结(25)—— Windows 11 cmd 命令大全
科技D人生
12-13 3254
Windows 11 中,你可以用几种方式和方法来访问 CMD(又称终端)。通常的方法是在开始菜单中搜索 CMD,或者你可以在运行对话框中输入 CMD,或者按 Windows + X 或在开始菜单上右键单击,打开终端(又称 CMD)。命令功能介绍Help显示基本的CMD命令和每个命令的工作原理说明assoc查看和编辑文件扩展名(你可以指定用哪个程序来打开哪些文件)bitsadmin创建或下载或上传任务并监控其进度call。
Windows学习总结(24)—— 升级到 Windows 11 版本的九个理由
科技D人生
05-25 1033
一、更优质的界面 不知道你对之前版本的 Windows 系统界面作何评价,对我来说稍显沉闷、极客,少了一些精致的感觉。作为七年以来的第一次大版本更新,Win 11 系统带来了全新设计的操作界面,圆滑的窗角、紧凑的任务栏和平板模式下对触控的支持都更加赏心悦目,当然,还有全新的系统声音。 二、新版内置应用程序 Win 11 中的内置应用程序相比 Win 10 来说有了较大的改进。新版的内置媒体播放器在音频和视 频的支持上都有了较大的进步,支持流媒体 URL、支持所有标准音频文件格式,包括无损...
WindowsTerminal 美化-壁纸随机更换
最新发布
菜鸟记录
10-06 1001
WindowsTerminal 美化-壁纸随机更换
Stream流的中间方法
程小白的博客
10-02 409
【代码】Stream流的中间方法。
cmd命令大全详解
huxyc的博客
09-28 2249
cmdschtasks /create /tn [任务名] /tr [任务运行的命令] /sc [任务触发器]cmdbitsadmin /transfer [任务名] /download [源URL] [目标文件路径]cmdrobocopy [源路径] [目标路径] [文件名]cmdcopy [源文件路径] [目标文件路径]cmdmove [源文件路径] [目标文件路径]cmdfind [要查找的字符串] [文件名]cmdshutdown /s /t [秒数]cmdassoc [文件扩展名]
顺序表的实现
2301_81172092的博客
10-02 935
顺序表的c语言实现
代码随想录Day24
m0_62475528的博客
10-02 337
本题明确要求只会分成4段,所以不能用切割线切到最后作为终止条件,而是分割的段数作为终止条件。或者直接先记录,就可以避免需要先录入空数组。
Map: 地图
2303_80050865的博客
10-05 358
对全国2023年各省市的人口分布情况,做出地图展示效果。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值