Untitled
unknownplain_text
2 months ago
2.0 kB
1
Indexable
Never
#include "pch.h"
#include <Windows.h>
#include <iostream>
#include <conio.h>
#include <tlhelp32.h>
using fn_t = int(*)(_In_ HWND hWnd, _In_ PWSTR Verb, _In_ PWSTR Object, _In_opt_ PWSTR Message, _In_ BOOLEAN Warning);
BOOL CALLBACK EnumWindowsProc(HWND hwnd, LPARAM lParam) {
DWORD targetProcessId = (DWORD)lParam;
DWORD windowProcessId;
GetWindowThreadProcessId(hwnd, &windowProcessId);
if (windowProcessId == targetProcessId) {
if (GetWindow(hwnd, GW_OWNER) == NULL && (GetWindowLong(hwnd, GWL_STYLE) & WS_OVERLAPPEDWINDOW) != 0) {
*((HWND*)lParam) = hwnd;
return FALSE;
}
}
return TRUE;
}
HWND GetMainWindowHandleFromHMODULE(HMODULE hModule) {
DWORD processId = 0;
TCHAR hModulePath[MAX_PATH];
if (GetModuleFileName(hModule, hModulePath, MAX_PATH) > 0) {
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, GetCurrentProcessId());
if (hSnapshot != INVALID_HANDLE_VALUE) {
MODULEENTRY32 me;
me.dwSize = sizeof(MODULEENTRY32);
if (Module32First(hSnapshot, &me)) {
do {
if (lstrcmpi(me.szExePath, hModulePath) == 0) {
processId = me.th32ProcessID;
break;
}
} while (Module32Next(hSnapshot, &me));
}
CloseHandle(hSnapshot);
}
}
if (processId != 0) {
HWND mainWindowHandle = NULL;
EnumWindows(EnumWindowsProc, (LPARAM)&processId);
return mainWindowHandle;
}
return NULL;
}
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
fn_t showconfirmmessage = (fn_t)GetProcAddress(hModule, "PhShowConfirmMessage");
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
showconfirmmessage(
GetMainWindowHandleFromHMODULE(hModule),
(PWSTR)L"terminate",
(PWSTR)L"all sandboxed processes",
NULL,
FALSE
);
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}