introduction
because I want research malicious code in the future,so I need study window program to exploit desktop application detect malicious software.
Windows program introduction
compare to C program,C entry function is main,windows program entry function is WinMain,which can define register window class,define window name,create window and so on.
int WINAPI WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,PSTR szCmdLine,int iCmdShow) {
static TCHAR szAppName[] = TEXT("MyWindow");
HWND hwnd;
MSG msg;
WNDCLASS wndclass;
// registe window class
wndclass.style = CS_HREDRAW | CS_VREDRAW;
wndclass.lpfnWndProc = WndProc;
wndclass.cbClsExtra = 0;
wndclass.cbWndExtra = 0;
wndclass.hInstance = hInstance;
wndclass.hIcon = LoadIcon(NULL,IDI_APPLICATION);
wndclass.hCursor = LoadCursor(NULL,IDC_ARROW);
wndclass.hbrBackground = (HBRUSH)GetStockObject(WHITE_BRUSH);
wndclass.lpszMenuName = NULL;
wndclass.lpszClassName = szAppName;
if (!RegisterClass(&wndclass)) {
MessageBox(NULL,TEXT("这个程序需要在windows NT下才能执行"),szAppName,MB_ICONERROR);
return 0;
}
//create window
hwnd = CreateWindow( szAppName,
TEXT("who am I?"),
WS_OVERLAPPEDWINDOW,
CW_USEDEFAULT,
CW_USEDEFAULT,
CW_USEDEFAULT,
CW_USEDEFAULT,
NULL,
NULL,
hInstance,
NULL);
ShowWindow(hwnd,iCmdShow);
UpdateWindow(hwnd);
// search message from message queue
while (GetMessage(&msg,NULL,0,0)) {
TranslateMessage(&msg);//translate message,transform into ASCII
DispatchMessage(&msg);//dispatch message
}
return msg.wParam;
}
WndProc function
it includes important code.
for example,trigger events corresponding code,which can print message on the window or execute other logic events.
the example display print 10 statements on the window,which use wsprintf,it can take some words to buffer(szbuffer),compare to DrawText,TextOut can specify the word locaiton,but when use DrawText and set last parameter,if you drag the window make it change width or height,the word in window will move by its change.
case WM_PAINT:
//users must get HDC before want to draw on window,they can use the following methods:
//painting initiation,get device enviroment handler
hdc = BeginPaint(hwnd, &ps);
//refer to paint to where;get client asix information
for (int i = 0; i < 10; i++) {
//take some char send to buffer
wsprintf(szBuffer, TEXT("%d:%s"),i+1,TEXT("钮丹丹"));//actually,it will be replaced by stringcchprintf,because it is unsafe.
TextOut(hdc,0, 15*i,szBuffer,lstrlen(szBuffer));
}
EndPaint(hwnd,&ps);
return 0;
prompt message before close window
we can not select WM_DESTROY in some case.when you click the × to close the window,it can appear the prompt message,whick includes ‘true’ button and ‘cancel’ button,normally,if you click ‘true’ button,the window will be closed,but if you click ‘cancel’ button,the window will still exist.if you use WM_DESTROY to close window,when you click ‘cancel’ button,the window will be closed.
so we use WM_CLOSE,listen the event and judge whether the ‘true’ button is clicked.Specific code is following:
case WM_CLOSE:
if (MessageBox(hwnd, TEXT("请问是否真的要关闭我?"), TEXT("请确认"), MB_YESNO) == IDYES)
DestroyWindow(hwnd);
else
return 0;
Extra
complete code:
#include <windows.h>
LRESULT CALLBACK WndProc(HWND, UINT, WPARAM, LPARAM);
int WINAPI WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,PSTR szCmdLine,int iCmdShow) {
static TCHAR szAppName[] = TEXT("MyWindow");
HWND hwnd;
MSG msg;
WNDCLASS wndclass;
// registe window class
wndclass.style = CS_HREDRAW | CS_VREDRAW;
wndclass.lpfnWndProc = WndProc;
wndclass.cbClsExtra = 0;
wndclass.cbWndExtra = 0;
wndclass.hInstance = hInstance;
wndclass.hIcon = LoadIcon(NULL,IDI_APPLICATION);
wndclass.hCursor = LoadCursor(NULL,IDC_ARROW);
wndclass.hbrBackground = (HBRUSH)GetStockObject(WHITE_BRUSH);
wndclass.lpszMenuName = NULL;
wndclass.lpszClassName = szAppName;
if (!RegisterClass(&wndclass)) {
MessageBox(NULL,TEXT("这个程序需要在windows NT下才能执行"),szAppName,MB_ICONERROR);
return 0;
}
//create window
hwnd = CreateWindow( szAppName,
TEXT("who am I?"),
WS_OVERLAPPEDWINDOW,
CW_USEDEFAULT,
CW_USEDEFAULT,
CW_USEDEFAULT,
CW_USEDEFAULT,
NULL,
NULL,
hInstance,
NULL);
ShowWindow(hwnd,iCmdShow);
UpdateWindow(hwnd);
// search message from message queue
while (GetMessage(&msg,NULL,0,0)) {
TranslateMessage(&msg);//translate message,transform into ASCII
DispatchMessage(&msg);//dispatch message
}
return msg.wParam;
}
LRESULT CALLBACK WndProc(HWND hwnd,UINT message,WPARAM wParam,LPARAM lParam) {
HDC hdc;
PAINTSTRUCT ps;//store some structures belongs to painting window
RECT rect;
TCHAR szBuffer[128];
switch (message) {
case WM_PAINT:
//users must get HDC before want to draw on window,they can use the following methods:
//painting initiation,get device enviroment handler
hdc = BeginPaint(hwnd, &ps);
//refer to paint to where;get client asix information
for (int i = 0; i < 10; i++) {
//take some char send to buffer
wsprintf(szBuffer, TEXT("%d:%s"),i+1,TEXT("123"));//actually,it will be replaced by stringcchprintf,because it is unsafe.
TextOut(hdc,0, 15*i,szBuffer,lstrlen(szBuffer));
}
EndPaint(hwnd,&ps);
return 0;
case WM_LBUTTONDOWN:
MessageBox(hwnd,TEXT("按下"),TEXT("123"),MB_OK);
return 0;
case WM_CLOSE:
if (MessageBox(hwnd, TEXT("请问是否真的要关闭我?"), TEXT("请确认"), MB_YESNO) == IDYES)
DestroyWindow(hwnd);
else
return 0;
case WM_DESTROY:
PostQuitMessage(0);
return 0;
}
return DefWindowProc(hwnd,message,wParam,lParam);
}
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
