public static string GetShortName(string sLongFileName) { var buffer = new StringBuilder(259); int len = DllHandler.GetShortPathName(sLongFileName, buffer, buffer.Capacity); if (len == 0) { throw new System.ComponentModel.Win32Exception(); } return(buffer.ToString()); }
public void MonitorProcess() { mExeOutput.Text = string.Empty; ProcessStartInfo startInfo = new ProcessStartInfo(mTextBoxPath.Text) { WindowStyle = ProcessWindowStyle.Normal, UseShellExecute = false, RedirectStandardOutput = true, CreateNoWindow = true }; Func <string> mGetTime = () => { return(DateTime.Now.ToString("[ yyyy-MM-dd HH::mm::ss::fff ] ")); }; Process process = null; try { process = Process.Start(startInfo); } catch (Exception) { DllHandler.RunAsAdmin(mTextBoxPath.Text); Hide(); Close(); return; } process.OutputDataReceived += (o, e1) => { mExeOutput.Dispatcher.BeginInvoke(new Action(() => { mExeOutput.Text += mGetTime() + e1.Data + Environment.NewLine; mExeOutput.SelectionStart = mExeOutput.Text.Length; mExeOutput.ScrollToEnd(); }), null); }; process.BeginOutputReadLine(); }
public void GetOutput(TextBox textbox, string dllpath, string arg) { textbox.Clear(); bool IsDecrptySymbol = (bool)checkbox.IsChecked; Task.Run(() => { ProcessStartInfo startInfo = new ProcessStartInfo("cmd.exe", "/c " + "dumpbin.exe " + DllHandler.GetShortName(dllpath) + arg + "&exit") { WindowStyle = ProcessWindowStyle.Hidden, UseShellExecute = false, RedirectStandardOutput = true, CreateNoWindow = true }; Process process = Process.Start(startInfo); string output = process.StandardOutput.ReadToEnd(); process.WaitForExit(); process.Close(); if (textbox == mImports && IsDecrptySymbol) { { Regex regex = new Regex(@"\?(.*)[Zz]"); var newSource = regex.Replace(output, new MatchEvaluator((Match m) => { var t = DllHandler.GetDecryptSymbolName(m.Value.Trim()); return((t == m.Value.Trim()) ? (" " + m.Value) : (" 解码函数: " + t)); })); output = newSource; } { Regex regex = new Regex(@"\?(.*)[A]"); var newSource = regex.Replace(output, new MatchEvaluator((Match m) => { var t = DllHandler.GetDecryptSymbolName(m.Value); return((t == m.Value.Trim()) ? (" " + m.Value) : (" 解码变量: " + t)); })); output = newSource; } } else if (textbox == mExports && IsDecrptySymbol) { { Regex regex = new Regex(@"\?(.*)[Zz]"); var newSource = regex.Replace(output, new MatchEvaluator((Match m) => { string t = m.Value.Trim(); t = DllHandler.GetDecryptSymbolName(m.Value.Trim()); return((t == m.Value.Trim()) ? (" " + m.Value) : (" 解码函数: " + t)); })); output = newSource; } { Regex regex = new Regex(@"\(\?(.*)[Zz]\)"); var newSource = regex.Replace(output, new MatchEvaluator((Match m) => { var t = m.Value.Substring(1, m.Value.Length - 2); return((t == m.Value.Trim()) ? (" " + m.Value) : (" 解码函数: " + t)); })); output = newSource; } { Regex regex = new Regex(@"\?(.*)[A]"); var newSource = regex.Replace(output, new MatchEvaluator((Match m) => { var t = DllHandler.GetDecryptSymbolName(m.Value); return((t == m.Value.Trim()) ? (" " + m.Value) : (" 解码变量: " + t)); })); output = newSource; } } else if (textbox == mHeaderBox) { Dispatcher.BeginInvoke(new Action(() => { if (output.Contains("machine (x86)")) { mBitVersion.Text = "32 位"; } else if (output.Contains("machine (x64)")) { mBitVersion.Text = "64 位"; } else { mBitVersion.Text = "未知"; } })); } else if (textbox == mDependents) { var re = Regex.Match(output, "File Type:(.+)"); Dispatcher.BeginInvoke(new Action(() => { if (re.Success) { mFileType.Text = re.Groups[0].Value.Replace("File Type:", "").Trim(); if (output.Contains("KERNEL32.dll")) { mFileType.Text += " Native"; } else if (output.Contains("mscoree.dll")) { mFileType.Text += " CLR"; } } else { mFileType.Text = "未知"; } })); } int cnt = output.Length; if (cnt > 1024 * 1024) { output = output.Substring(0, 1024 * 1024); GC.Collect(); } textbox.Dispatcher.BeginInvoke(new Action(() => textbox.AppendText(output)), null); }); }