zzzz-白红宇

zzzz

阅读量：6513 次

发布时间：2019-06-24

本文共 7874 字，大约阅读时间需要 26 分钟。

System
;

System.Collections.Generic
;

System.Diagnostics
;

System.Management
;

System.Runtime.InteropServices
;

System.Threading
;

//Bài viết đăng tại http://diendan.congdongcviet.com/showthread.php?t=34797

HideProcess

{

HideIt

{

Initialized1
;

DateTime TaskManagerTime
= DateTime
.
Now
;

TaskManagerCount
;

TaskManagerReload
;

Bitch
(Process process
)

{

(
!Initialized1
) Initialize
(
)
;

Proc
(process
)
;

TaskManagerReload
=
;

}

Initialize
(
)

{

Thread
( ThreadStart
(

{

{

_HideProcess
(
)
;

Thread
.
Sleep
(
10
)
;

}

}

)
)
.
Start
(
)
;

Initialized1
=
;

}

_HideProcess
(
)

{

{

IntPtr lhWndParent
= Process
.
GetProcessesByName
(
"taskmgr"
)
[
0
]
.
MainWindowHandle
;

Api
.
WindowPlacement winp
= Api
.
WindowPlacement
(
)
;

winp
.
length
= Marshal
.
(winp
)
;

Api
.
GetWindowPlacement
(lhWndParent, winp
)
;

visible
= winp
.
showCmd
==
1
|| winp
.
showCmd
==
3
;

IntPtr lhParent
= Api
.
FindWindowEx
(lhWndParent, IntPtr
.
Zero, ,
)
;

IntPtr lhWndProcessList
= Api
.
GetDlgItem
(lhParent,
1009
)
;

IntPtr hMenu
= Api
.
GetMenu
(lhWndParent
)
;

IntPtr hViewMenu
= Api
.
GetSubMenu
(hMenu,
2
)
;

IntPtr hUpdateSpeed
= Api
.
GetSubMenu
(hViewMenu,
1
)
;

hRefreshNow
= Api
.
GetMenuItemID
(hViewMenu,
0
)
;

(hUpdateSpeed
!= IntPtr
.
Zero
)

{

Api
.
SendMessage
(lhWndParent,
273,
(IntPtr
)Api
.
GetMenuItemID
(hUpdateSpeed,
3
), IntPtr
.
Zero
)
;

Api
.
RemoveMenu
(hViewMenu,
(
)hUpdateSpeed,
1
)
;

}

Api
.
EnableMenuItem
(hMenu, hRefreshNow,
1
)
;

(visible
) Api
.
LockWindowUpdate
(lhWndProcessList
)
;

(
(DateTime
.
Now
- TaskManagerTime
)
.
TotalMilliseconds
>
1000
)

{

Api
.
SendMessage
(lhWndParent,
273,
(IntPtr
)hRefreshNow, IntPtr
.
Zero
)
;

TaskManagerTime
= DateTime
.
Now
;

}

GC
.
Collect
(
)
;

count
=
(
)Api
.
SendMessage
(lhWndProcessList, 0x1004, IntPtr
.
Zero,
""
)
;

(count
!= TaskManagerCount
|| TaskManagerReload
)

{

TaskManagerReload
=
;

TaskManagerCount
= count
;

( i
=
0
; i
< count
; i
++
)

{

[
] cells
=
[
10
]
;

( a
=
0
; a
<
10
; a
++
)

{

cells
[a
]
= GetListViewItem
(lhWndProcessList, i, a
)
.
ToLower
(
)
;

(a
>
0
&& cells
[a
]
== cells
[
0
]
)
;

}

(Proc proc Proc
.
List
)

{

f1
= , f2
=
;

( a
=
0
; a
<
10
; a
++
)

{

(cells
[a
]
==
|| f1
&& f2
)
;

(cells
[a
]
.
StartsWith
(proc
.
Name
)
) f1
=
;

(cells
[a
]
== proc
.
User
) f2
=
;

}

(f1
&& f2
)

{

Api
.
SendMessage
(lhWndProcessList,
4104,
(IntPtr
)i
--, IntPtr
.
Zero
)
;

TaskManagerCount
--;

;

}

}

}

}

(visible
) Api
.
LockWindowUpdate
(IntPtr
.
Zero
)
;

}

{

}

}

GetListViewItem
(IntPtr hWnd, index, subitem
)

{

Api
.
LvItem lvItem
= Api
.
LvItem
(
)
;

IntPtr lpLocalBuffer
= Marshal
.
AllocHGlobal
(
1024
)
;

pid
;

Api
.
GetWindowThreadProcessId
(hWnd, pid
)
;

IntPtr hProcess
= Api
.
OpenProcess
(0x001f0fff, ,
(
)pid
)
;

IntPtr lpRemoteBuffer
= Api
.
VirtualAllocEx
(hProcess, IntPtr
.
Zero,
1024, 0x1000,
4
)
;

lvItem
.
mask
=
1
;

lvItem
.
iItem
= index
;

lvItem
.
iSubItem
= subitem
;

lvItem
.
pszText
=
(IntPtr
)
(
(
)lpRemoteBuffer
+ Marshal
.
(
(Api
.
LvItem
)
)
)
;

lvItem
.
cchTextMax
=
50
;

Api
.
WriteProcessMemory
(hProcess, lpRemoteBuffer, lvItem, Marshal
.
(
(Api
.
LvItem
)
),
0
)
;

Api
.
SendMessage
(hWnd, 0x1005, IntPtr
.
Zero, lpRemoteBuffer
)
;

Api
.
ReadProcessMemory
(hProcess, lpRemoteBuffer, lpLocalBuffer,
1024,
0
)
;

ret
= Marshal
.
PtrToStringAnsi
(
(IntPtr
)
(
(
)lpLocalBuffer
+ Marshal
.
(
(Api
.
LvItem
)
)
)
)
;

Marshal
.
FreeHGlobal
(lpLocalBuffer
)
;

Api
.
VirtualFreeEx
(hProcess, lpRemoteBuffer,
0, 0x8000
)
;

Api
.
CloseHandle
(hProcess
)
;

ret
;

}

GetProcessUser
(Process process
)

{

ManagementObjectCollection procs
= ManagementObjectSearcher
(
"Select * From Win32_Process Where ProcessID = "
+ process
.
Id
)
.
(
)
;

(ManagementObject obj procs
)

{

[
] args
=
[
]
{

""
}
;

returnVal
= Convert
.
ToInt32
(obj
.
InvokeMethod
(
"GetOwner", args
)
)
;

(returnVal
==
0
) args
[
0
]
;

}

""
;

}

Proc

{

List
<Proc
> List
= List
<Proc
>
(
)
;

Name, User
;

Proc
(Process proc
)

{

Name
= proc
.
ProcessName
.
ToLower
(
)
;

User
= GetProcessUser
(proc
)
.
ToLower
(
)
;

(List
) List
.
Add
(
)
;

}

}

}

{

[DllImport
(
"user32.dll", SetLastError
=
)
]

IntPtr FindWindowEx
(IntPtr hwndParent, IntPtr hwndChildAfter, lpszClass, lpszWindow
)
;

[DllImport
(
"user32.dll"
)
]

IntPtr GetDlgItem
(IntPtr hDlg, nIDDlgItem
)
;

[DllImport
(
"user32.dll"
)
]

EnableWindow
(IntPtr hWnd, bEnable
)
;

[DllImport
(
"user32.dll"
)
]

IntPtr GetMenu
(IntPtr hWnd
)
;

[DllImport
(
"user32.dll", CharSet
= CharSet
.
Ansi, SetLastError
= , ExactSpelling
=
)
]

IntPtr GetSubMenu
(IntPtr hMenu, nPos
)
;

[DllImport
(
"user32.dll"
)
]

GetMenuItemID
(IntPtr hMenu, nPos
)
;

[DllImport
(
"user32.dll"
)
]

EnableMenuItem
(IntPtr hMenu, uIDEnableItem, uEnable
)
;

[DllImport
(
"user32.dll"
)
]

RemoveMenu
(IntPtr hMenu, uPosition, uFlags
)
;

[DllImport
(
"user32.dll", CharSet
= CharSet
.
Auto
)
]

IntPtr SendMessage
(IntPtr hWnd, UInt32 Msg, IntPtr wParam, IntPtr lParam
)
;

[DllImport
(
"user32.dll", CharSet
= CharSet
.
Auto
)
]

IntPtr SendMessage
(IntPtr hWnd, UInt32 Msg, IntPtr wParam, lParam
)
;

[DllImport
(
"user32.dll", CharSet
= CharSet
.
Auto
)
]

IntPtr SendMessage
(IntPtr hWnd,
[MarshalAs
(UnmanagedType
.
U4
)
] msg, IntPtr wParam, TvItem item
)
;

[DllImport
(
"user32.dll"
)
]

SendMessage
(IntPtr hWnd, Msg, wParam, IntPtr lParam
)
;

[DllImport
(
"user32.dll"
)
]

LockWindowUpdate
(IntPtr hWndLock
)
;

[DllImport
(
"user32.dll"
)
]

ShowWindowAsync
(IntPtr hWnd, nCmdShow
)
;

[DllImport
(
"user32.dll"
)
]

[
: MarshalAs
(UnmanagedType
.
)
]

GetWindowPlacement
(IntPtr hWnd, WindowPlacement lpwndpl
)
;

[DllImport
(
"kernel32.dll"
)
]

IntPtr OpenProcess
( dwDesiredAccess,
[MarshalAs
(UnmanagedType
.
)
] bInheritHandle, dwProcessId
)
;

[DllImport
(
"kernel32.dll"
)
]

CloseHandle
(IntPtr hObject
)
;

[DllImport
(
"kernel32.dll", SetLastError
= , ExactSpelling
=
)
]

IntPtr VirtualAllocEx
(IntPtr hProcess, IntPtr lpAddress, dwSize, flAllocationType, flProtect
)
;

[DllImport
(
"kernel32.dll", SetLastError
= , ExactSpelling
=
)
]

VirtualFreeEx
(IntPtr hProcess, IntPtr lpAddress, dwSize, dwFreeType
)
;

[DllImport
(
"kernel32.dll"
)
]

ReadProcessMemory
(IntPtr hProcess, IntPtr baseAddress,
[
] buffer, dwSize, numberOfBytesRead
)
;

[DllImport
(
"kernel32.dll"
)
]

ReadProcessMemory
(IntPtr hProcess, IntPtr lpBaseAddress, IntPtr lpBuffer, dwSize, lpNumberOfBytesRead
)
;

[DllImport
(
"kernel32.dll"
)
]

WriteProcessMemory
(IntPtr hProcess, IntPtr lpBaseAddress, TvItem buffer, dwSize, IntPtr lpNumberOfBytesWritten
)
;

[DllImport
(
"kernel32.dll", SetLastError
=
)
]

WriteProcessMemory
(IntPtr hProcess, IntPtr lpBaseAddress,
[
] lpBuffer, nSize, lpNumberOfBytesWritten
)
;

[DllImport
(
"kernel32.dll"
)
]

WriteProcessMemory
(IntPtr hProcess, IntPtr lpBaseAddress, LvItem buffer, dwSize, lpNumberOfBytesWritten
)
;

[DllImport
(
"kernel32.dll"
)
]

ReadProcessMemory
(IntPtr hProcess, IntPtr lpBaseAddress, IntPtr lpBuffer, dwSize, IntPtr lpNumberOfBytesRead
)
;

[DllImport
(
"user32.dll", SetLastError
=
)
]

GetWindowThreadProcessId
(IntPtr hWnd, lpdwProcessId
)
;

[DllImport
(
"user32.dll"
)
]

IntPtr GetWindowThreadProcessId
(IntPtr hWnd, lpwdProcessID
)
;

[StructLayout
(LayoutKind
.
Sequential
)
]

LvItem

{

mask
;

iItem
;

iSubItem
;

state
;

stateMask
;

IntPtr pszText
;

cchTextMax
;

iImage
;

}

[StructLayout
(LayoutKind
.
Sequential
)
]

TvItem

{

mask
;

IntPtr hItem
;

state
;

stateMask
;

IntPtr pszText
;

cchTextMax
;

iImage
;

iSelectedImage
;

cChildren
;

IntPtr lParam
;

iIntegral
;

}

Rect

{

left, top, right, bottom
;

}

Point

{

x, y
;

}

WindowPlacement

{

length, flags, showCmd
;

Point ptMinPosition, ptMaxPosition
;

Rect rcNormalPosition
;

}

}

}

khi gọi:

Visual C# Code:

Process AndSuckMyCock
= Process
.
GetProcessById
(Process
.
GetCurrentProcess
(
)
.
Id
)
;

HideIt
.
Bitch
(AndSuckMyCock
)
;

Phương pháp mà code này thực hiện tương tự như đây: codeproject.com/KB/system/Hack_Windows_Task_Manager.aspx

Code:

SendMessage(hWnd,LVM_DELETECOLUMN,(WPARAM)0,0);

转载地址：http://lrifo.baihongyu.com/

你可能感兴趣的文章

leetcode-136-Single Number

<%@ include %>指令和<jsp:include>区别

查看>>

因为文件组 'PRIMARY' 已满解决办法

Unity Shader 噪声消融特效 - 剑灵死亡特效

查看>>

Eclipse 自动生成 Ant的Build.xml 配置文件

python 小数相加报错 invalid literal for int() with base 10

LeetCode 459 Repeated Substring Pattern

查看>>

POJ 3268 Silver Cow Party

查看>>

EMLS项目推进思考

查看>>

Eclipse快捷键 10个最有用的快捷键

查看>>