窗口透明度修改_dstinvert-优快云博客

/********************************************************************

created: 2008/01/23

created: 23:1:2008 19:50

file base: app

file ext: cpp

author: deletex

purpose: 半成品.未完成的部分有tooltip显示帮助信息,异常检测

*********************************************************************/

#include < windows.h >

#include < CommCtrl.h >

#include < Tlhelp32.h >

#include < tchar.h >

#include " resource.h "

#pragma comment(lib,"comctl32.lib")

typedef LONG (WINAPI * GETWINDOWLONG)(HWND, int );

typedef LONG (WINAPI * SETWINDOWLONG)(HWND, int ,LONG);

typedef BOOL (WINAPI * SETLAYEREDWINDOWATTRIBUTES)(HWND ,COLORREF,BYTE,DWORD);

// 写到远程进度的结构体

typedef struct

{

HWND hwnd;

LONG style;

BYTE bAlpha;

GETWINDOWLONG fn_get;

SETWINDOWLONG fn_set;

SETLAYEREDWINDOWATTRIBUTES fn;

} INJDATA, * PINJDATA;

// 函数声明

void getProcessList(HWND hwnd);

void StartInject(HWND hwnd);

void Fn_Blt(HDC hdc,RECT rect);

BOOL InjectCode(DWORD ProcessID,HANDLE hp);

BOOL CALLBACK EnumWindowsProc(HWND hwnd,LPARAM lParam);

BOOL CALLBACK DialogProc (HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam);

// 全局变量

HINSTANCE g_hInstance;

RECT g_rect;

HWND hnewfind,holdfind;

INJDATA g_InjData;

// WinMain和DialogProc

int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)

{

INITCOMMONCONTROLSEX icex;

icex.dwSize = sizeof(icex);

icex.dwICC = ICC_BAR_CLASSES;

if(!InitCommonControlsEx(&icex))

return NULL;

g_hInstance=hInstance;

return (int) DialogBox (hInstance, MAKEINTRESOURCE(IDD_DIALOG1), NULL, DialogProc);

}

BOOL CALLBACK DialogProc (HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam)

{

static HBITMAP bitmap1,bitmap2;

static HWND hPicture;

static BOOL bCapture;

static HCURSOR hCurARROW,hCur;

switch(message)

{

case WM_INITDIALOG:

{

//对结构体进行初始化

HMODULE huser=LoadLibrary(__T("user32.dll"));

g_InjData.fn_get = (GETWINDOWLONG)GetProcAddress(huser,("GetWindowLongA"));

g_InjData.fn_set = (SETWINDOWLONG)GetProcAddress(huser,("SetWindowLongA"));

g_InjData.fn = (SETLAYEREDWINDOWATTRIBUTES)GetProcAddress(huser,("SetLayeredWindowAttributes"));

FreeLibrary(huser);

bitmap1 = LoadBitmap( g_hInstance,MAKEINTRESOURCE(IDB_BITMAP1) );

bitmap2 = LoadBitmap( g_hInstance,MAKEINTRESOURCE(IDB_BITMAP2) );

hCurARROW = LoadCursor (NULL, IDC_ARROW);

hCur = LoadCursor (g_hInstance, MAKEINTRESOURCE(IDC_CURSOR1));

hPicture = GetDlgItem(hDlg,IDC_PICTURE);

SendMessage(GetDlgItem(hDlg,IDC_SLIDER1),TBM_SETRANGE,0,MAKELONG (0,255));

SendMessage(GetDlgItem(hDlg,IDC_SLIDER1),TBM_SETPOS,TRUE,128);

SendMessage(GetDlgItem(hDlg,IDC_SLIDER1),TBM_SETLINESIZE,0,1);

SendMessage(GetDlgItem(hDlg,IDC_CHECK1),BM_SETCHECK,BST_CHECKED,0);

//获取进程列表

getProcessList(hDlg);

}

return (TRUE);

case WM_DESTROY:

case WM_CLOSE:

EndDialog(hDlg,0);

return (TRUE);

case WM_COMMAND:

switch (LOWORD(wParam))

{

case IDCANCEL://我懒得不行了,,这个也懒得改了,,

getProcessList(hDlg);

return (TRUE);

case IDOK:

StartInject(hDlg);

return (TRUE);

}

return (FALSE);

case WM_LBUTTONDOWN:

{

if (!bCapture)

{

POINT pt;

RECT rect;

pt.x = MAKEPOINTS(lParam).x;

pt.y = MAKEPOINTS(lParam).y;

ClientToScreen (hDlg, &pt);

GetWindowRect(hPicture,&rect);

if(PtInRect(&rect,pt))

{

SendMessage (hPicture,STM_SETIMAGE,IMAGE_BITMAP,(long)bitmap1);

SetCursor(hCur);

SetCapture(hDlg);

memset(&g_rect,0,sizeof(RECT));

hnewfind=0;

holdfind=0;

bCapture=TRUE;

}

return TRUE;

case WM_LBUTTONUP:

if (bCapture)

{

SendMessage (hPicture,STM_SETIMAGE,IMAGE_BITMAP,(long)bitmap2);

SetCursor(hCurARROW);

ReleaseCapture();

Fn_Blt(GetDC(NULL),g_rect);

bCapture=FALSE;

}

return TRUE;

case WM_MOUSEMOVE:

{

if (bCapture)

{

POINT pt;

RECT rect;

pt.x = MAKEPOINTS(lParam).x;

pt.y = MAKEPOINTS(lParam).y;

ClientToScreen(hDlg,&pt);

HWND deskwnd=GetDesktopWindow();

HDC hdc=GetWindowDC(deskwnd);

HWND hchild=WindowFromPoint(pt);

//是否找到最小窗口的BOOL变量

BOOL bFind=FALSE;

//开始找最小窗口

RECT tempRect;

HWND htemp=GetWindow(hchild,GW_CHILD);

while (htemp)

{

GetWindowRect(htemp,&tempRect);

if(PtInRect(&tempRect,pt))

{

bFind=TRUE;

break;

}

htemp=GetWindow(htemp,GW_HWNDNEXT);

}

if (bFind)

{

bFind=FALSE;

hnewfind=htemp;

}

else

{

hnewfind=hchild;

}

//已经找到最小窗口

if (hnewfind!=holdfind)

{

Fn_Blt(hdc,g_rect);

ClientToScreen (hDlg, &pt);

GetWindowRect(hnewfind,&g_rect);

Fn_Blt(hdc,g_rect);

}

holdfind=hnewfind;

ReleaseDC(deskwnd,hdc);

}//end if (bCapture)

}

return TRUE;

}

return (FALSE);

}

// 注入的代码

static DWORD WINAPI FunThreed(INJDATA * pData)

{

//The SetLayeredWindowAttributes function sets the opacity and transparency color key of a layered window.

pData->style=pData->fn_get(pData->hwnd,GWL_EXSTYLE);

pData->style^=0x80000;//0x80000即WS_EX_LAYERED

pData->fn_set(pData->hwnd,GWL_EXSTYLE,pData->style);

pData->fn(pData->hwnd,0,pData->bAlpha,2);//第4个参数即LWA_COLORKEY|LWA_ALPHA

return 0;

}

// 画边框

void Fn_Blt(HDC hdc,RECT rect)

{

PatBlt(hdc, rect.left, rect.top, rect.right - rect.left, 2, DSTINVERT);

PatBlt(hdc, rect.left, rect.bottom - 2, 2,

-(rect.bottom - rect.top - 2 * 2), DSTINVERT);

PatBlt(hdc, rect.right - 2, rect.top + 2, 2,

rect.bottom - rect.top - 2 * 2, DSTINVERT);

PatBlt(hdc, rect.right, rect.bottom - 2, -(rect.right - rect.left),

2, DSTINVERT);

}

// 进程列表

void getProcessList(HWND hwnd)

{

HWND HList = GetDlgItem(hwnd,IDC_LIST);

HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);

if (INVALID_HANDLE_VALUE==hProcessSnap)

{

return ;

}

SendMessage(HList,LB_RESETCONTENT,0,0);//Removes all items from a list box.

PROCESSENTRY32 pe;

memset(&pe,0,sizeof(PROCESSENTRY32));

pe.dwSize=sizeof(pe);

int i=0;

if( Process32First(hProcessSnap,&pe) )

{

while(Process32Next(hProcessSnap,&pe))

{

SendMessage(HList,LB_INSERTSTRING,i,(LPARAM)pe.szExeFile);

SendMessage(HList,LB_SETITEMDATA,i,(LPARAM)pe.th32ProcessID);

i++;

}

CloseHandle(hProcessSnap);

}

// 在这里调用注入函数

void StartInject(HWND hwnd)

{

DWORD ProcessID;

HANDLE hp;

if( BST_CHECKED & SendMessage(GetDlgItem(hwnd,IDC_CHECK1),BM_GETSTATE,0,0) ) //选中IDC_CHECK1

{

g_InjData.bAlpha=SendMessage(GetDlgItem(hwnd,IDC_SLIDER1),TBM_GETPOS,0,0);//透明度

g_InjData.hwnd = holdfind;//透明的窗口的句柄

GetWindowThreadProcessId(holdfind,&ProcessID);

hp=OpenProcess(PROCESS_ALL_ACCESS,TRUE,ProcessID);

}

else

{

HWND HList=GetDlgItem(hwnd,IDC_LIST);

DWORD index=SendMessage(HList,LB_GETCURSEL,0,0);

ProcessID=SendMessage(HList,LB_GETITEMDATA,index,0);

hp=OpenProcess(PROCESS_ALL_ACCESS,TRUE,ProcessID);

EnumWindows(EnumWindowsProc,ProcessID);

}

if (g_InjData.hwnd)

{

InjectCode(ProcessID,hp);

}

// 开始注入了

BOOL InjectCode(DWORD ProcessID,HANDLE hp)

{

const DWORD CodeSize=0xA8;//反汇编计算出要注入的代码的长度

//向要注入的进程写入结构体

PINJDATA lpaddress;

lpaddress=(PINJDATA) VirtualAllocEx(hp,0,sizeof(INJDATA),MEM_COMMIT, PAGE_READWRITE);

WriteProcessMemory(hp,lpaddress,&g_InjData,sizeof(INJDATA),NULL);

//向要注入的进程写入代码

void *lpcode;

lpcode=VirtualAllocEx(hp,0,CodeSize,MEM_COMMIT,PAGE_EXECUTE_READWRITE);

WriteProcessMemory(hp,lpcode,&FunThreed,CodeSize,NULL);

//执行注入的代码

HANDLE hthread=CreateRemoteThread(hp,NULL,0,(LPTHREAD_START_ROUTINE)lpcode,lpaddress,0,NULL);

if (hthread)

{

return FALSE;

}

WaitForSingleObject(hthread,INFINITE);

if (lpaddress)

{

VirtualFree(lpaddress,sizeof(INJDATA),MEM_RELEASE);

}

if (lpcode)

{

VirtualFree(lpcode,CodeSize,MEM_RELEASE);

}

if (hthread)

{

CloseHandle(hthread);

}

return TRUE;

}

BOOL CALLBACK EnumWindowsProc(HWND hwnd,LPARAM lParam)

{

HWND parentwnd;

DWORD ProcessID;

GetWindowThreadProcessId(hwnd,&ProcessID);

if (ProcessID==lParam)

{

while ( (parentwnd=GetParent(hwnd))!=NULL )

{

hwnd=parentwnd;

}

g_InjData.hwnd=hwnd;

return FALSE;

}

return TRUE;

}