API tools faq
paste
Advertisement
Guest User

attempting to change process name winXP

a guest
Sep 17th, 2014
275
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 6.26 KB | None | 0 0
raw download clone embed print report
  1. import sys, os
  2. sys.path.append(sys.prefix)
  3.  
  4. os.environ['PATH'] += ';' + sys.prefix
  5.  
  6. from win32con import PAGE_READWRITE, MEM_COMMIT, MEM_RESERVE, MEM_RELEASE,\
  7.     PROCESS_ALL_ACCESS, PROCESS_VM_OPERATION
  8. from commctrl import LVM_GETITEMTEXT, LVM_GETITEMCOUNT, LVM_SETITEMTEXTA
  9.  
  10. import struct
  11. import ctypes
  12. import win32api
  13. import win32gui
  14.  
  15. GetWindowThreadProcessId = ctypes.windll.user32.GetWindowThreadProcessId
  16. VirtualAllocEx = ctypes.windll.kernel32.VirtualAllocEx
  17. VirtualFreeEx = ctypes.windll.kernel32.VirtualFreeEx
  18. OpenProcess = ctypes.windll.kernel32.OpenProcess
  19. WriteProcessMemory = ctypes.windll.kernel32.WriteProcessMemory
  20. ReadProcessMemory = ctypes.windll.kernel32.ReadProcessMemory
  21. memcpy = ctypes.cdll.msvcrt.memcpy
  22.  
  23.  
  24. def readListViewItems(hwnd, item=0, subitem=0):
  25.  
  26.     # Allocate virtual memory inside target process
  27.     pid = ctypes.create_string_buffer(4)
  28.     p_pid = ctypes.addressof(pid)
  29.     GetWindowThreadProcessId(hwnd, p_pid) # process owning the given hwnd
  30.     hProcHnd = OpenProcess(PROCESS_ALL_ACCESS, False, struct.unpack("i",pid)[0])
  31.     pLVI = VirtualAllocEx(hProcHnd, 0, 4096, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE)
  32.     pBuffer = VirtualAllocEx(hProcHnd, 0, 4096, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE)
  33.  
  34.     # Prepare an LVITEM record and write it to target process memory
  35.     lvitem_str = struct.pack('iiiiiiiii', *[0,item,subitem,0,0,pBuffer,4096,0,0])
  36.     lvitem_buffer = ctypes.create_string_buffer(lvitem_str)
  37.     copied = ctypes.create_string_buffer(4)
  38.     p_copied = ctypes.addressof(copied)
  39.     WriteProcessMemory(hProcHnd, pLVI, ctypes.addressof(lvitem_buffer), ctypes.sizeof(lvitem_buffer), p_copied)
  40.  
  41.     # iterate items in the SysListView32 control
  42.     num_items = win32gui.SendMessage(hwnd, LVM_GETITEMCOUNT)
  43.     #item_texts = []
  44.     item_text = ''
  45.     #for item_index in range(num_items):
  46.     #    win32gui.SendMessage(hwnd, LVM_GETITEMTEXT, item_index, pLVI)
  47.     #    target_buff = ctypes.create_string_buffer(4096)
  48.     #    ReadProcessMemory(hProcHnd, pBuffer, ctypes.addressof(target_buff), 4096, p_copied)
  49.     #    item_texts.append(target_buff.value)
  50.     win32gui.SendMessage(hwnd, LVM_GETITEMTEXT, item, pLVI)
  51.     target_buff = ctypes.create_string_buffer(4096)
  52.     ReadProcessMemory(hProcHnd, pBuffer, ctypes.addressof(target_buff), 4096, p_copied)
  53.     item_text = target_buff.value
  54.  
  55.     VirtualFreeEx(hProcHnd, pBuffer, 0, MEM_RELEASE)
  56.     VirtualFreeEx(hProcHnd, pLVI, 0, MEM_RELEASE)
  57.     win32api.CloseHandle(hProcHnd)
  58.     return item_text
  59.  
  60. def SetItemText(Handle, pStr, Index , SubIndex = 0):
  61.  
  62.     # Allocate virtual memory inside target process
  63.     pid = ctypes.create_string_buffer(4)
  64.     p_pid = ctypes.addressof(pid)
  65.     GetWindowThreadProcessId(Handle, p_pid) # process owning the given hwnd
  66.     hProcHnd = OpenProcess(PROCESS_ALL_ACCESS, False, struct.unpack("i",pid)[0])
  67.     pLVI = VirtualAllocEx(hProcHnd, 0, 4096, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE)
  68.  
  69.     #c_string = pStr.encode('ascii') + '\x00'
  70.     c_string = ctypes.c_wchar_p(pStr)
  71.     strSize = ctypes.sizeof(c_string)+4
  72.  
  73.     #alloc some shared memory for our string
  74.     SharedProcMemString = VirtualAllocEx(hProcHnd, 0, strSize, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE)
  75.    
  76.     # Prepare an LVITEM record and write it to target process memory
  77.     lvitem_str = struct.pack('iiiiiiiii', *[0,Index,SubIndex,0,0,SharedProcMemString,strSize,0,0])
  78.     lvitem_buffer = ctypes.create_string_buffer(lvitem_str)
  79.     copied = ctypes.create_string_buffer(4)
  80.     p_copied = ctypes.addressof(copied)
  81.     print ctypes.sizeof(lvitem_buffer)
  82.     print strSize
  83.     print WriteProcessMemory(hProcHnd, SharedProcMemString, c_string, strSize , p_copied)
  84.     print WriteProcessMemory(hProcHnd, pLVI, ctypes.addressof(lvitem_buffer), ctypes.sizeof(lvitem_buffer), p_copied)
  85.  
  86.    
  87.     #set the text
  88.     win32gui.SendMessage(Handle, LVM_SETITEMTEXTA, Index, pLVI)
  89.    
  90.     #'clean up
  91.     #FreeMemSharedNT hProcess, SharedProcMem, LVISize
  92.     #FreeMemSharedNT hProcess, SharedProcMemString, strSize
  93.     VirtualFreeEx(hProcHnd, SharedProcMemString, 0, MEM_RELEASE)
  94.     VirtualFreeEx(hProcHnd, pLVI, 0, MEM_RELEASE)
  95.     win32api.CloseHandle(hProcHnd)
  96.  
  97.  
  98.  
  99. import win32gui
  100.  
  101.  
  102. if __name__ == '__main__':
  103.     print  "starting main"
  104.     RetVal0 = win32gui.FindWindow('#32770', 'Windows Task Manager')
  105.     RetVal1 = win32gui.FindWindowEx(RetVal0, 0, '#32770', None)
  106.     RetVal = win32gui.FindWindowEx(RetVal1, 0, 'SysListView32', 'Processes')
  107.     pSource = 'pythonw.exe'
  108.     pDest = 'myGui.exe'
  109.  
  110.     if RetVal:
  111.         ii=0
  112.         i=0
  113.         while ii < 26:
  114.             RetStr = readListViewItems(RetVal, i, ii)
  115.             #print readListViewItems1(RetVal, i)
  116.             #print RetStr
  117.             if RetStr == '': # Then ' we've come to the end of the columns
  118.                 if i == 0: #'was the first loop thru
  119.                     i = 1  #'could be the correct column, but .exe not found so add +1
  120.                     ii = -1 #'start the column count over
  121.                 else:
  122.                     break
  123.                
  124.             elif ".exe" in RetStr.lower(): #'we found the Process column
  125.                 #tCount = win32gui.GetItemCount(RetVal)
  126.                 # iterate items in the SysListView32 control
  127.                 tCount = win32gui.SendMessage(RetVal, LVM_GETITEMCOUNT)
  128.                 for i in range(i, tCount - 1):
  129.                     RetStr = readListViewItems(RetVal, i, ii)
  130.                     if RetStr.lower()  == pSource.lower():
  131.                         #If Delete Then
  132.                         #    Call DeleteItem(RetVal, i) #'doesnt work as well
  133.                         #Else
  134.                         print 'calling SetItemText'
  135.                         print RetStr
  136.                         print pSource
  137.                         SetItemText(RetVal, pDest, i, ii)
  138.                         #End If
  139.                         #ModifyExe = True
  140.                        
  141.                         #'[EXIT DO] can be taken out if the app runs multiple instances
  142.                         #'the reason why i put it here is because i am trying to limit
  143.                         #' the amount of unneeded sendmessage calls to taskmanager
  144.                         #Exit Do #'should only find 1 instance of itself.
  145.                         #break
  146.             ii = ii + 1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!