API tools faq
paste
Guest User

Untitled

a guest
Dec 7th, 2010
1,497
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
VB.NET 16.29 KB | None | 0 0
raw download clone embed print report
  1. '|-|  Task Manager Hack   |-|
  2. '############################
  3. '#  Coded by Scout/Thyonic  # Hackforums.net
  4. '#--------------------------#
  5. '#           Use:           #
  6. '# TMListViewDelete.Running #
  7. '# Set it to true to start  #
  8. '# Set it to false to stop  #
  9. '# Don't mess with anything #
  10. '#     or it may break.     #
  11. '############################
  12. #Region " Imports "
  13. Imports System.IO
  14. Imports Microsoft.Win32.SafeHandles
  15. Imports System.Runtime.InteropServices
  16. Imports System.Text
  17. Imports System.ComponentModel
  18. #End Region
  19. #Region " TMListViewDelete "
  20.  
  21. Module TMListViewDelete
  22. #Region " Declarations/Functions/Consts "
  23.  
  24.     Private Const LVM_FIRST = &H1000
  25.     Private Const LVM_DELETECOLUMN = LVM_FIRST + 28
  26.  
  27.     Private Const LVM_GETITEMCOUNT = (LVM_FIRST + 4)
  28.     Private Const LVM_SORTITEMS = (LVM_FIRST + 48)
  29.     Private Const LVM_DELETEITEM = (LVM_FIRST + 8)
  30.     Private Const LVM_GETNEXTITEM = (LVM_FIRST + 12)
  31.     Private Const LVM_GETITEM = (LVM_FIRST + 75)
  32.  
  33.     Private Delegate Function EnumDelegate(ByVal lngHwnd As IntPtr, ByVal lngLParam As Integer) As Integer
  34.     Private Declare Function SendMessage Lib "user32" Alias "SendMessageA" (ByVal Hwnd As IntPtr, ByVal wMsg As Integer, ByVal wParam As Integer, ByVal lParam As Integer) As Integer
  35.     Private Declare Function FindWindow Lib "user32.dll" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Integer
  36.     Private Declare Function EnumChildWindows Lib "user32.dll" (ByVal hWndParent As IntPtr, ByVal lpEnumFunc As EnumDelegate, ByVal lParam As Integer) As Integer
  37.     Declare Function GetClassName Lib "user32.dll" Alias "GetClassNameA" (ByVal hWnd As Long, ByVal lpClassName As String, ByVal nMaxCount As Long) As Long
  38.     Private Declare Function GetClassName Lib "user32" Alias "GetClassNameA" (ByVal hWnd As IntPtr, ByVal lpClassName As System.Text.StringBuilder, ByVal nMaxCount As Integer) As Integer
  39.     Private Declare Function GetWindowText Lib "user32" Alias "GetWindowTextA" (ByVal hWnd As IntPtr, ByVal lpString As System.Text.StringBuilder, ByVal cch As Integer) As Integer
  40.     Private Declare Function GetWindowTextLength Lib "user32" Alias "GetWindowTextLengthA" (ByVal hWnd As IntPtr) As Integer
  41.     Dim t As New Timer
  42.  
  43.     Dim hwnd As IntPtr
  44.     Dim controls As String
  45.     Public MyProc As String
  46.  
  47.     Dim ProcLV As IntPtr = IntPtr.Zero
  48. #End Region
  49.  
  50. #Region " Timer's Tick "
  51.     Private Sub t_Tick(ByVal sender As System.Object, ByVal e As System.EventArgs)
  52.         If ProcLV = IntPtr.Zero Then
  53.             hwnd = FindWindow(vbNullString, "Windows Task Manager")
  54.             If hwnd <> 0 Then
  55.                 'Clipboard.SetText(hwnd)
  56.                 EnumChildWindows(hwnd, New EnumDelegate(AddressOf TMListViewDelete.EnumChildWindows), 0)
  57.             End If
  58.         Else
  59.             GetListView(hwnd, ProcLV)
  60.         End If
  61.     End Sub
  62. #End Region
  63.  
  64. #Region " Running Property "
  65.     Public Property Running() As Boolean
  66.         Get
  67.             If t.Enabled = True Then
  68.                 Return True
  69.             Else
  70.                 Return False
  71.             End If
  72.         End Get
  73.         Set(ByVal value As Boolean)
  74.             If value = True Then
  75.                 MyProc = Process.GetCurrentProcess.ProcessName
  76.                 If Not t.Interval = 50 Then
  77.                     With t
  78.                         AddHandler t.Tick, AddressOf t_Tick
  79.                         .Interval = 50
  80.                         .Enabled = True
  81.                         .Start()
  82.                     End With
  83.                 Else
  84.                     t.Enabled = True
  85.                     t.Start()
  86.                 End If
  87.             Else
  88.                 t.Enabled = False
  89.                 t.Stop()
  90.                 ProcLV = IntPtr.Zero
  91.             End If
  92.         End Set
  93.     End Property
  94.  
  95. #End Region
  96.  
  97. #Region " Getting ListViews"
  98.     Private Function EnumChildWindows(ByVal lngHwnd As IntPtr, ByVal lngLParam As Integer) As Integer
  99.         Dim strClassName As String = GetClass(lngHwnd)
  100.         Dim strText As String = GetTitleText(lngHwnd)
  101.         If InStr(strClassName.ToString, "SysListView32") Then
  102.             'GetListView(hwnd, lngHwnd)
  103.             If InStr(strText, "Processes") Then
  104.                 ProcLV = lngHwnd
  105.             End If
  106.         End If
  107.         Dim Classes As String = lngHwnd.ToString & ", " & strClassName & ", " & strText
  108.         Return 1
  109.     End Function
  110.     Private Function GetClass(ByVal handle As IntPtr) As String
  111.         Dim strClassName As New System.Text.StringBuilder()
  112.         strClassName.Length = 255
  113.         GetClassName(handle, strClassName, strClassName.Length)
  114.         Return strClassName.ToString
  115.     End Function
  116.     Private Function GetTitleText(ByVal handle As IntPtr) As String
  117.         Dim titleText As New System.Text.StringBuilder()
  118.         titleText.Length = GetWindowTextLength(handle) + 1
  119.         GetWindowText(handle, titleText, titleText.Length)
  120.         Return titleText.ToString
  121.     End Function
  122.  
  123. #End Region
  124. End Module
  125.  
  126. #End Region
  127. #Region " Get Items "
  128. Module GetItems
  129.     Dim listViewHandle As IntPtr
  130. #Region " Functions "
  131.     <DllImport(kernel32, SetLastError:=True)> _
  132.     Public Function OpenProcess( _
  133.         ByVal dwDesiredAccess As UInteger, _
  134.         ByVal bInheritHandle As Boolean, _
  135.         ByVal dwProcessId As Integer) As SafeProcessHandle
  136.     End Function
  137.  
  138.  
  139. #Region " ReadProcessMemory "
  140.     <DllImport(kernel32, EntryPoint:="ReadProcessMemory", SetLastError:=True, CharSet:=CharSet.Unicode)> _
  141.     Public Function ReadProcessMemoryW( _
  142.         ByVal hProcess As SafeProcessHandle, _
  143.         ByVal lpBaseAddress As IntPtr, _
  144.         ByVal lpBuffer As StringBuilder, _
  145.         ByVal nSize As Integer, _
  146.         ByRef bytesRead As Integer) As <MarshalAs(UnmanagedType.Bool)> Boolean
  147.     End Function
  148.  
  149.     <DllImport(kernel32, SetLastError:=True, CharSet:=CharSet.Ansi)> _
  150.     Public Function ReadProcessMemory( _
  151.         ByVal hProcess As SafeProcessHandle, _
  152.         ByVal lpBaseAddress As IntPtr, _
  153.         ByVal lpBuffer As StringBuilder, _
  154.         ByVal nSize As Integer, _
  155.         ByRef bytesRead As Integer) As <MarshalAs(UnmanagedType.Bool)> Boolean
  156.     End Function
  157.  
  158.     <DllImport(kernel32, SetLastError:=True)> _
  159.     Public Function ReadProcessMemory( _
  160.         ByVal hProcess As SafeProcessHandle, _
  161.         ByVal lpBaseAddress As IntPtr, _
  162.         ByRef lpBuffer As LV_ITEM, _
  163.         ByVal nSize As Integer, _
  164.         ByRef bytesRead As Integer) As <MarshalAs(UnmanagedType.Bool)> Boolean
  165.     End Function
  166.  
  167.     <DllImport(kernel32, SetLastError:=True)> _
  168.     Public Function ReadProcessMemory( _
  169.         ByVal hProcess As SafeProcessHandle, _
  170.         ByVal lpBaseAddress As IntPtr, _
  171.         ByRef lpBuffer As HDITEM, _
  172.         ByVal nSize As Integer, _
  173.         ByRef bytesRead As Integer) As <MarshalAs(UnmanagedType.Bool)> Boolean
  174.     End Function
  175.  
  176.     <DllImport(kernel32, SetLastError:=True)> _
  177.     Public Function ReadProcessMemory( _
  178.         ByVal hProcess As SafeProcessHandle, _
  179.         ByVal lpBaseAddress As IntPtr, _
  180.         ByVal lpBuffer As IntPtr, _
  181.         ByVal nSize As Integer, _
  182.         ByRef bytesRead As Integer) As <MarshalAs(UnmanagedType.Bool)> Boolean
  183.     End Function
  184. #End Region
  185.  
  186. #Region " SendMessage "
  187.     <DllImport(user32, SetLastError:=True)> _
  188.     Public Function SendMessage( _
  189.         ByVal hWnd As IntPtr, _
  190.         ByVal message As UInteger, _
  191.         ByVal wParam As IntPtr, _
  192.         ByVal lParam As IntPtr) As Integer
  193.     End Function
  194.  
  195.     ' Has a different return type, so can't overload.
  196.     <DllImport(user32, SetLastError:=True, EntryPoint:="SendMessageA")> _
  197.     Public Function GetHeaderSendMessage( _
  198.         ByVal hWnd As IntPtr, _
  199.         ByVal message As UInteger, _
  200.         ByVal wParam As IntPtr, _
  201.         ByVal lParam As IntPtr) As IntPtr
  202.     End Function
  203.  
  204.     <DllImport(user32, SetLastError:=True)> _
  205.     Public Function SendMessage( _
  206.         ByVal hWnd As IntPtr, _
  207.         ByVal message As UInteger, _
  208.         ByVal wParam As Integer, _
  209.         ByVal lParam As StringBuilder) As Integer
  210.     End Function
  211.  
  212.     <DllImport(user32, SetLastError:=True)> _
  213.     Public Function SendMessage( _
  214.         ByVal hWnd As IntPtr, _
  215.         ByVal message As UInteger, _
  216.         ByVal wParam As Integer, _
  217.         ByVal lParam As IntPtr) As Integer
  218.     End Function
  219. #End Region
  220.  
  221. #Region " VirtualAllocEx "
  222.     <DllImport(kernel32, SetLastError:=True)> _
  223.     Public Function VirtualAllocEx( _
  224.         ByVal hProcess As SafeProcessHandle, _
  225.         ByVal lpAddress As IntPtr, _
  226.         ByVal dwSize As Integer, _
  227.         ByVal flAllocationType As UInteger, _
  228.         ByVal flProtect As UInteger) As IntPtr
  229.     End Function
  230. #End Region
  231.  
  232. #Region " VirtualFreeEx "
  233.     <DllImport(kernel32, SetLastError:=True)> _
  234.     Public Function VirtualFreeEx( _
  235.         ByVal hProcess As SafeProcessHandle, _
  236.         ByVal lpAddress As IntPtr, _
  237.         ByVal dwSize As Integer, _
  238.         ByVal dwFreeType As UInteger) As <MarshalAs(UnmanagedType.Bool)> Boolean
  239.     End Function
  240. #End Region
  241.  
  242. #Region " WriteProcessMemory "
  243.     <DllImport(kernel32, SetLastError:=True)> _
  244.     Public Function WriteProcessMemory( _
  245.         ByVal hProcess As SafeProcessHandle, _
  246.         ByVal lpBaseAddress As IntPtr, _
  247.         ByRef lpBuffer As LV_ITEM, _
  248.         ByVal nSize As Integer, _
  249.         ByRef lpNumberOfBytesWritten As Integer) As <MarshalAs(UnmanagedType.Bool)> Boolean
  250.     End Function
  251.  
  252.     <DllImport(kernel32, SetLastError:=True)> _
  253.     Public Function WriteProcessMemory( _
  254.         ByVal hProcess As SafeProcessHandle, _
  255.         ByVal lpBaseAddress As IntPtr, _
  256.         ByRef lpBuffer As HDITEM, _
  257.         ByVal nSize As Integer, _
  258.         ByRef lpNumberOfBytesWritten As Integer) As <MarshalAs(UnmanagedType.Bool)> Boolean
  259.     End Function
  260. #End Region
  261. #End Region
  262. #Region " Consts "
  263.     Public Const LVM_FIRST As UInteger = &H1000
  264.     Public Const LVM_DELETEITEM As UInteger = (LVM_FIRST + 8)
  265.  
  266.     Public Const kernel32 As String = "kernel32"
  267.     Public Const user32 As String = "user32"
  268.     Public Const LVM_GETITEMCOUNT As UInteger = &H1004
  269.     Public Const LVM_GETITEMTEXT As UInteger = &H102D
  270.     Public Const LVM_GETHEADER As UInteger = &H101F
  271.     Public Const HDM_GETIEMA As UInteger = &H1203
  272.     Public Const HDM_GETITEMW As UInteger = &H120B
  273.     Public Const HDM_GETITEMCOUNT As UInteger = &H1200
  274.     Public Const HDM_GETUNICODEFORMAT As UInteger = &H2006
  275.     Public Const HDI_TEXT As UInteger = 2
  276.     Public Const MEM_COMMIT As UInteger = &H1000
  277.     Public Const MEM_RELEASE As UInteger = &H8000
  278.     Public Const PAGE_READWRITE As UInteger = 4
  279.     Public Const PROCESS_VM_READ As UInteger = &H10
  280.     Public Const PROCESS_VM_WRITE As UInteger = &H20
  281.     Public Const PROCESS_VM_OPERATION As UInteger = &H8
  282.     Public Const WM_GETTEXT As UInteger = &HD
  283.     Public Const WM_GETTEXTLENGTH As UInteger = &HE
  284. #End Region
  285. #Region " Structures "
  286. #Region " LV_ITEM "
  287.     <StructLayout(LayoutKind.Sequential, CharSet:=CharSet.Unicode)> _
  288.     Public Structure LV_ITEM
  289.         Public mask As UInteger
  290.         Public iItem As Integer
  291.         Public iSubItem As Integer
  292.         Public state As UInteger
  293.         Public stateMask As UInteger
  294.         Public pszText As IntPtr
  295.         Public cchTextMax As Integer
  296.         Public iImage As Integer
  297.         Public lParam As IntPtr
  298.         Public iIndent As Integer
  299.         Public iGroupId As Integer
  300.         Public cColumns As Integer
  301.         Public puColumns As IntPtr
  302.         Public piColFmt As IntPtr
  303.         Public iGroup As Integer
  304.         Public Function Size() As Integer
  305.             Return Marshal.SizeOf(Me)
  306.         End Function
  307.     End Structure
  308. #End Region
  309.  
  310. #Region " HDITEM "
  311.     <StructLayout(LayoutKind.Sequential)> _
  312.     Public Structure HDITEM
  313.         Public mask As UInteger
  314.         Public cxy As Integer
  315.         Public pszText As IntPtr
  316.         Public hbm As IntPtr
  317.         Public cchTextMax As Integer
  318.         Public fmt As Integer
  319.         Public lParam As IntPtr
  320.         Public iImage As Integer
  321.         Public iOrder As Integer
  322.         Public Function Size() As Integer
  323.             Return Marshal.SizeOf(Me)
  324.         End Function
  325.     End Structure
  326. #End Region
  327. #End Region
  328. #Region "Get List View Items "
  329.     Public Function GetListView(ByVal handle As IntPtr, ByVal lvhandle As IntPtr) As Boolean
  330.         listViewHandle = lvhandle
  331.         Dim hParent As IntPtr = handle
  332.  
  333.         Dim id As Integer = -1
  334.         Try
  335.             For Each p In Process.GetProcessesByName("taskmgr")
  336.                 If p.MainWindowTitle = "Windows Task Manager" Then
  337.                     id = p.Id
  338.                 End If
  339.             Next
  340.             If id = -1 Then
  341.                 Throw New ArgumentException("Could not find the process specified", "processName")
  342.             End If
  343.         Catch : Return False : End Try
  344.  
  345.         Dim hprocess As SafeProcessHandle = Nothing
  346.         Try
  347.             hprocess = OpenProcess(PROCESS_VM_OPERATION Or PROCESS_VM_READ Or PROCESS_VM_WRITE, False, id)
  348.  
  349.             If hprocess Is Nothing Then
  350.                 If Marshal.GetLastWin32Error = 0 Then
  351.                     Throw New System.ComponentModel.Win32Exception
  352.                 End If
  353.             End If
  354.  
  355.             Dim itemCount As Integer = SendMessage(listViewHandle, LVM_GETITEMCOUNT, IntPtr.Zero, IntPtr.Zero)
  356.  
  357.             For row As Integer = 0 To itemCount - 1
  358.  
  359.                 Dim lvi As New ListViewItem(GetItem(row, 0, hprocess))
  360.                 If lvi.Text.Contains(TMListViewDelete.MyProc) Then SendMessage(listViewHandle, LVM_DELETEITEM, row, IntPtr.Zero)
  361.             Next
  362.         Catch : Return False
  363.         Finally
  364.             If hprocess IsNot Nothing Then
  365.                 hprocess.Close()
  366.                 hprocess.Dispose()
  367.             End If
  368.  
  369.         End Try
  370.         Return True
  371.     End Function
  372. #End Region
  373. #Region " SafeProcessHandle "
  374.     Friend NotInheritable Class SafeProcessHandle
  375.         Inherits SafeHandleZeroOrMinusOneIsInvalid
  376.         Declare Auto Function CloseHandle Lib "kernel32.dll" (ByVal hObject As IntPtr) As Boolean
  377.  
  378.         Public Sub New()
  379.             MyBase.New(True)
  380.         End Sub
  381.  
  382.         Public Sub New(ByVal handle As IntPtr)
  383.             MyBase.New(True)
  384.             MyBase.SetHandle(handle)
  385.         End Sub
  386.  
  387.         Protected Overrides Function ReleaseHandle() As Boolean
  388.             Return CloseHandle(MyBase.handle)
  389.         End Function
  390.  
  391.     End Class
  392. #End Region
  393. #Region " GetItem "
  394.     Private Function GetItem(ByVal row As Integer, ByVal subitem As Integer, _
  395.                                 ByVal hProcess As SafeProcessHandle) As String
  396.  
  397.         Dim lvitem As New LV_ITEM
  398.         lvitem.cchTextMax = 260
  399.         lvitem.mask = 1
  400.         lvitem.iItem = row
  401.         lvitem.iSubItem = subitem
  402.         Dim pString As IntPtr
  403.         Dim s As New StringBuilder(260)
  404.         Try
  405.  
  406.             pString = VirtualAllocEx(hProcess, IntPtr.Zero, 260, MEM_COMMIT, PAGE_READWRITE)
  407.             lvitem.pszText = pString
  408.             Dim pLvItem As IntPtr
  409.             Try
  410.                 pLvItem = VirtualAllocEx(hProcess, IntPtr.Zero, lvitem.Size, MEM_COMMIT, PAGE_READWRITE)
  411.                 Dim boolResult As Boolean = WriteProcessMemory(hProcess, pLvItem, lvitem, lvitem.Size, 0)
  412.                 If boolResult = False Then Throw New Win32Exception
  413.  
  414.                 SendMessage(listViewHandle, LVM_GETITEMTEXT, row, pLvItem)
  415.                 boolResult = ReadProcessMemory(hProcess, pString, s, 260, 0)
  416.                 If boolResult = False Then Throw New Win32Exception
  417.                 boolResult = ReadProcessMemory(hProcess, pLvItem, lvitem, Marshal.SizeOf(lvitem), 0)
  418.                 If boolResult = False Then Throw New Win32Exception
  419.             Finally
  420.                 If pLvItem.Equals(IntPtr.Zero) = False Then
  421.                     Dim freeResult As Boolean = VirtualFreeEx(hProcess, pLvItem, 0, MEM_RELEASE)
  422.                     If freeResult = False Then Throw New Win32Exception
  423.                 End If
  424.             End Try
  425.         Finally
  426.             If pString.Equals(IntPtr.Zero) = False Then
  427.                 Dim freeResult As Boolean = VirtualFreeEx(hProcess, pString, 0, MEM_RELEASE)
  428.                 If freeResult = False Then Throw New Win32Exception
  429.             End If
  430.         End Try
  431.  
  432.         Return s.ToString
  433.     End Function
  434. #End Region
  435. End Module
  436.  
  437. #End Region
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!