private static void OnCreateProcessCall(int procId, int childPid, int mainThreadId, bool is64BitProcess)
{
if (procId == iePid)
{
//only process main IE child processes
try
{
Console.Write("Child IE process #" + childPid.ToString() + " launched. Hooking... ");
lock (processesList)
{
processesList.Add(childPid, "");
}
remoteBridge.Hook(childPid, eNktHookFlags.flgDebugPrintInterfaces);
remoteBridge.WatchComInterface(childPid, CLSID_HTMLDocument, IID_IUnknown);
Console.WriteLine("OK");
}
catch (Exception ex)
{
Console.WriteLine("ERROR");
Console.WriteLine(ex.ToString());
return;
}
}
}
static void Main(string[] args)
{
object continueEvent;
//Console.Write("Press any key to continue... ");
//Console.ReadKey(true);
//Console.WriteLine("OK");
processesList = new SortedList<Int32, string>();
remoteBridge = new NktRemoteBridge();
if (remoteBridge == null)
{
Console.Write("Error: NktRemoteBridge not registered.");
return;
}
remoteBridge.OnCreateProcessCall += new DNktRemoteBridgeEvents_OnCreateProcessCallEventHandler(OnCreateProcessCall);
remoteBridge.OnComInterfaceCreated += new DNktRemoteBridgeEvents_OnComInterfaceCreatedEventHandler(OnComInterfaceCreated);
remoteBridge.OnProcessUnhooked += new DNktRemoteBridgeEvents_OnProcessUnhookedEventHandler(OnProcessUnhooked);
try
{
string s;
s = Registry.GetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE", "", null) as string;
if (s == null)
{
Console.WriteLine("failed.");
return;
}
Console.Write("Launching & hooking IEXPLORE.EXE... ");
s = "\"" + s + "\" http://www.bbc.co.uk";
iePid = remoteBridge.CreateProcess(s, true, out continueEvent);
if (iePid == 0)
{
Console.WriteLine("failed.");
return;
}
lock (processesList)
{
processesList.Add(iePid, "");
}
remoteBridge.Hook(iePid, eNktHookFlags.flgDebugPrintInterfaces);
remoteBridge.WatchComInterface(iePid, CLSID_HTMLDocument, IID_IUnknown);
remoteBridge.ResumeProcess(iePid, continueEvent);
Console.WriteLine("OK");
}
catch (Exception ex)
{
Console.WriteLine("ERROR");
Console.WriteLine(ex.ToString());
return;
}
while (true)
{
bool b;
lock (processesList)
{
b = (processesList.Count > 0);
}
if (b == false)
{
Console.WriteLine("Hooked process has ended. Quitting.");
break;
}
if (Console.KeyAvailable == false)
{
System.Threading.Thread.Sleep(10);
continue;
}
Char ch = Console.ReadKey(true).KeyChar;
if (ch == 27)
break;
}
return;
}
static void Main(string[] args)
{
object continueEvent;
//Console.Write("Press any key to continue... ");
//Console.ReadKey(true);
//Console.WriteLine("OK");
processesList = new SortedList <Int32, string>();
remoteBridge = new NktRemoteBridge();
if (remoteBridge == null)
{
Console.Write("Error: NktRemoteBridge not registered.");
return;
}
remoteBridge.OnCreateProcessCall += new DNktRemoteBridgeEvents_OnCreateProcessCallEventHandler(OnCreateProcessCall);
remoteBridge.OnComInterfaceCreated += new DNktRemoteBridgeEvents_OnComInterfaceCreatedEventHandler(OnComInterfaceCreated);
remoteBridge.OnProcessUnhooked += new DNktRemoteBridgeEvents_OnProcessUnhookedEventHandler(OnProcessUnhooked);
try
{
string s;
s = Registry.GetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE", "", null) as string;
if (s == null)
{
Console.WriteLine("failed.");
return;
}
Console.Write("Launching & hooking IEXPLORE.EXE... ");
s = "\"" + s + "\" http://www.bbc.co.uk";
iePid = remoteBridge.CreateProcess(s, true, out continueEvent);
if (iePid == 0)
{
Console.WriteLine("failed.");
return;
}
lock (processesList)
{
processesList.Add(iePid, "");
}
remoteBridge.Hook(iePid, eNktHookFlags.flgDebugPrintInterfaces);
remoteBridge.WatchComInterface(iePid, CLSID_HTMLDocument, IID_IUnknown);
remoteBridge.ResumeProcess(iePid, continueEvent);
Console.WriteLine("OK");
}
catch (Exception ex)
{
Console.WriteLine("ERROR");
Console.WriteLine(ex.ToString());
return;
}
while (true)
{
bool b;
lock (processesList)
{
b = (processesList.Count > 0);
}
if (b == false)
{
Console.WriteLine("Hooked process has ended. Quitting.");
break;
}
if (Console.KeyAvailable == false)
{
System.Threading.Thread.Sleep(10);
continue;
}
Char ch = Console.ReadKey(true).KeyChar;
if (ch == 27)
{
break;
}
}
return;
}
//static string IID_IUnknown = "{00000000-0000-0000-C000-000000000046}";
static void Main(string[] args)
{
NktRemoteBridge remoteBridge;
object continueEv;
Process procNotepad;
if (Environment.OSVersion.Version.Major < 6)
{
Console.Write("Error: This application requires Windows Vista or later to work.");
return;
}
remoteBridge = new NktRemoteBridge();
if (remoteBridge == null)
{
Console.Write("Error: NktRemoteBridge not registered.");
return;
}
try
{
int pid;
Console.Write("Launching NOTEPAD.EXE... ");
pid = remoteBridge.CreateProcess("notepad.exe", (DoDelayedHook(args) != false) ? false : true, out continueEv);
if (pid == 0)
{
Console.WriteLine("failed.");
return;
}
procNotepad = Process.GetProcessById(pid);
Console.WriteLine("OK");
}
catch (Exception ex)
{
Console.WriteLine("failed.");
Console.WriteLine(ex.ToString());
return;
}
//----------------
try
{
Console.Write("Injecting... ");
remoteBridge.Hook(procNotepad.Id, eNktHookFlags.flgDebugPrintInterfaces);
if (continueEv != null)
remoteBridge.ResumeProcess(procNotepad.Id, continueEv);
remoteBridge.WatchComInterface(procNotepad.Id, ShellCLSIDGuid.FileOpenDialog, ShellIIDGuid.IFileDialog);
Console.WriteLine("OK");
}
catch (Exception ex)
{
Console.WriteLine("failed.");
Console.WriteLine(ex.ToString());
return;
}
//----------------
Console.WriteLine("Ready.");
Console.WriteLine("Usage:");
Console.WriteLine(" This demo launches a Windows' Notepad application and scans 'File Open' dialog boxes.");
Console.WriteLine(" When a file open dialog box is created, you can take the following actions:");
Console.WriteLine(" 1) Press the 'F' key to retrieve the typed file name in the dialog box.");
Console.WriteLine(" 2) Press the 'C' key to close the dialog box window using the OK button.");
Console.WriteLine(" 3) Press 'ESC' key to quit this demo!");
while (true)
{
if (procNotepad.HasExited != false)
{
Console.WriteLine("Hooked process has ended. Quitting.");
break;
}
if (Console.KeyAvailable == false)
{
System.Threading.Thread.Sleep(10);
continue;
}
Char ch = Console.ReadKey(true).KeyChar;
if (ch == 27)
break;
switch (ch)
{
case 'f':
case 'F':
DoGetOpenFileDialogFilename(remoteBridge, procNotepad);
break;
case 'c':
case 'C':
DoCloseOpenFileDialog(remoteBridge, procNotepad);
break;
}
}
return;
}
//static string IID_IUnknown = "{00000000-0000-0000-C000-000000000046}";
static void Main(string[] args)
{
NktRemoteBridge remoteBridge;
object continueEv;
Process procNotepad;
if (Environment.OSVersion.Version.Major < 6)
{
Console.Write("Error: This application requires Windows Vista or later to work.");
return;
}
remoteBridge = new NktRemoteBridge();
if (remoteBridge == null)
{
Console.Write("Error: NktRemoteBridge not registered.");
return;
}
try
{
int pid;
Console.Write("Launching NOTEPAD.EXE... ");
pid = remoteBridge.CreateProcess("notepad.exe", (DoDelayedHook(args) != false) ? false : true, out continueEv);
if (pid == 0)
{
Console.WriteLine("failed.");
return;
}
procNotepad = Process.GetProcessById(pid);
Console.WriteLine("OK");
}
catch (Exception ex)
{
Console.WriteLine("failed.");
Console.WriteLine(ex.ToString());
return;
}
//----------------
try
{
Console.Write("Injecting... ");
remoteBridge.Hook(procNotepad.Id, eNktHookFlags.flgDebugPrintInterfaces);
if (continueEv != null)
remoteBridge.ResumeProcess(procNotepad.Id, continueEv);
remoteBridge.WatchComInterface(procNotepad.Id, ShellCLSIDGuid.FileOpenDialog, ShellIIDGuid.IFileDialog);
Console.WriteLine("OK");
}
catch (Exception ex)
{
Console.WriteLine("failed.");
Console.WriteLine(ex.ToString());
return;
}
//----------------
Console.WriteLine("Ready.");
Console.WriteLine("Usage:");
Console.WriteLine(" This demo launches a Windows' Notepad application and scans 'File Open' dialog boxes.");
Console.WriteLine(" When a file open dialog box is created, you can take the following actions:");
Console.WriteLine(" 1) Press the 'F' key to retrieve the typed file name in the dialog box.");
Console.WriteLine(" 2) Press the 'C' key to close the dialog box window using the OK button.");
Console.WriteLine(" 3) Press 'ESC' key to quit this demo!");
while (true)
{
if (procNotepad.HasExited != false)
{
Console.WriteLine("Hooked process has ended. Quitting.");
break;
}
if (Console.KeyAvailable == false)
{
System.Threading.Thread.Sleep(10);
continue;
}
Char ch = Console.ReadKey(true).KeyChar;
if (ch == 27)
break;
switch (ch)
{
case 'f':
case 'F':
DoGetOpenFileDialogFilename(remoteBridge, procNotepad);
break;
case 'c':
case 'C':
DoCloseOpenFileDialog(remoteBridge, procNotepad);
break;
}
}
return;
}
