Exemplo n.º 1
0
    /// <summary>
    /// Checks  Window Caption and optionally inspects Dialog text
    /// </summary>

    public static bool Report(IntPtr hWnd, int lParam)
    {
        IntPtr lngPid = System.IntPtr.Zero;

        GetWindowThreadProcessId(hWnd, out lngPid);
        int PID = Convert.ToInt32(/* Marshal.ReadInt32 */ lngPid.ToString());

        if (x == null)
        {
            x = new ConfigRead();
        }
        x.LoadConfiguration("Configuration/WindowDetection/Window", "Text");
        string s = x.DetectorExpression;

        string res = String.Empty;
        Regex  r   = new Regex(s,
                               RegexOptions.ExplicitCapture | RegexOptions.IgnoreCase);
        string          sToken = GetText(hWnd);
        MatchCollection m      = r.Matches(sToken);

        if (sToken != null && m.Count != 0)
        {
            Console.WriteLine(String.Format("==>{0}", sToken));

            EnumPropsEx(hWnd, EnumPropsExManaged, 0);

            bHasEnemyChild = false;
            GetChildWindows(hWnd);

            if (bHasEnemyChild)
            {
                if (DEBUG)
                {
                    Console.WriteLine("Window process ID is " + PID.ToString());
                    Console.WriteLine("Window handle is " + hWnd);
                    Console.WriteLine("Window title is " + sToken);
                    Console.WriteLine("Window match " + m.Count.ToString());
                }

                // Fire the event.

                evt.FireToolSpecificEvent(PID, CommandLine, sToken, sDialogText);
            }
        }
        return(true);
    }
Exemplo n.º 2
0
    public void Perform()
    {
        Process[] myProcesses;
        myProcesses        = Process.GetProcesses();
        MyFormPoster       = new FormPoster();
        MyConsoleLogger    = new ConsoleLogger();
        MyNTEventLogLogger = new NTEventLogLogger();
        myDiscovery        = new ToolSpecificEvent();

        myDiscovery.ActionEvent += new ToolSpecificEventHandler(MyConsoleLogger.handler);
        myDiscovery.ActionEvent += new ToolSpecificEventHandler(MyNTEventLogLogger.handler);
        myDiscovery.ActionEvent += new ToolSpecificEventHandler(MyFormPoster.handler);
        configuration_from_xml   = new ConfigRead();
        configuration_from_xml.LoadConfiguration("Configuration/ProcessDetection/Process", "ProcessName");
        string process_detector_expression = configuration_from_xml.DetectorExpression;
        Regex  process_detector_regex      = new Regex(process_detector_expression, RegexOptions.ExplicitCapture | RegexOptions.IgnoreCase);

        foreach (Process myProcess in myProcesses)
        {
            string res    = String.Empty;
            string sProbe = myProcess.ProcessName;
            //  myProcess.StartInfo.FileName - not accessible
            if (Debug)
            {
                Console.WriteLine("Process scan: {0}", process_detector_expression);
            }
            MatchCollection m = process_detector_regex.Matches(sProbe);
            if (sProbe != null && m.Count != 0)
            {
                try
                {
                    DialogDetected       = true;
                    process_command_line = new ProcessCommandLine(myProcess.Id.ToString());
                    if (Debug)
                    {
                        Console.WriteLine("{0}{1}", myProcess.Id.ToString(), process_command_line.CommandLine);
                    }
                    CommandLine = process_command_line.CommandLine;
                    // CommandLine = myProcess.ProcessName;
                    Console.WriteLine("--> {0} {1} {2} {3}", sProbe, myProcess.ProcessName, myProcess.Id, DateTime.Now - myProcess.StartTime);
                }
                catch (Win32Exception e) {
                    System.Diagnostics.Trace.Assert(e != null);
                }
            }
        }
        CallBackPtr callBackPtr = new CallBackPtr(EnumReport.Report);

        if (DialogDetected)
        {
            EnumReport.evt         = myDiscovery;
            EnumReport.CommandLine = CommandLine;
            EnumReport.EnumWindows(callBackPtr, 0);
        }
    }
    public void Perform()
    {
        Process[] myProcesses;
        myProcesses = Process.GetProcesses();
        MyFormPoster = new FormPoster();
        MyConsoleLogger = new ConsoleLogger();
        MyNTEventLogLogger = new NTEventLogLogger();
        myDiscovery = new ToolSpecificEvent();

        myDiscovery.ActionEvent += new ToolSpecificEventHandler(MyConsoleLogger.handler);
        myDiscovery.ActionEvent += new ToolSpecificEventHandler(MyNTEventLogLogger.handler);
        myDiscovery.ActionEvent += new ToolSpecificEventHandler(MyFormPoster.handler);
        configuration_from_xml = new ConfigRead();
        configuration_from_xml.LoadConfiguration("Configuration/ProcessDetection/Process", "ProcessName");
        string process_detector_expression = configuration_from_xml.DetectorExpression;
        Regex process_detector_regex = new Regex(process_detector_expression, RegexOptions.ExplicitCapture | RegexOptions.IgnoreCase);

        foreach (Process myProcess in myProcesses)
        {
            string res = String.Empty;
            string sProbe = myProcess.ProcessName;
            //  myProcess.StartInfo.FileName - not accessible
            if (Debug) Console.WriteLine("Process scan: {0}", process_detector_expression); MatchCollection m = process_detector_regex.Matches(sProbe);
            if (sProbe != null && m.Count != 0)
            {
                try
                {
                    DialogDetected = true;
                    process_command_line = new ProcessCommandLine(myProcess.Id.ToString());
                    if (Debug) Console.WriteLine("{0}{1}", myProcess.Id.ToString(), process_command_line.CommandLine);
                    CommandLine = process_command_line.CommandLine;
                    // CommandLine = myProcess.ProcessName;
                    Console.WriteLine("--> {0} {1} {2} {3}", sProbe, myProcess.ProcessName, myProcess.Id, DateTime.Now - myProcess.StartTime);
                }
                catch (Win32Exception e) {
                     System.Diagnostics.Trace.Assert(e != null);
                }
            }
        }
        CallBackPtr callBackPtr = new CallBackPtr(EnumReport.Report);
        if (DialogDetected)
        {
            EnumReport.evt = myDiscovery;
            EnumReport.CommandLine = CommandLine;
            EnumReport.EnumWindows(callBackPtr, 0);
        }
    }