crash.software
Projects
Pull Requests
Issues
Builds
SearchAvailableExe
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY SearchAvailableExe Commits 9f40cae0
🤬

  • 添加线程监控是否有报错框

  • Loading...
  • maoku committed 2 months ago
    9f40cae0
    1 parent 29d38c02
  • ■ ■ ■ ■ ■ ■
    SearchAvailableExe/SearchAvailableExe.cpp
    skipped 108 lines
    109 109   exit(0);
    110 110  }
    111 111   
     112 +std::map<DWORD, bool> processIdMap;
     113 +BOOL CALLBACK lpEnumFunc(HWND hwnd, LPARAM lParam) {
     114 + DWORD processId;
     115 + GetWindowThreadProcessId(hwnd, &processId);
     116 + 
     117 + CHAR windowText[256];
     118 + GetWindowTextA(hwnd, windowText, ARRAYSIZE(windowText));
     119 + 
     120 + if (processIdMap[processId]) {
     121 + PostMessage(hwnd, WM_CLOSE, 0, 0);
     122 + }
     123 + 
     124 + return TRUE;
     125 +}
     126 + 
     127 +DWORD WINAPI MonitorThread(LPVOID lpParam) {
     128 + HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
     129 + PROCESSENTRY32 process = { sizeof(PROCESSENTRY32) };
     130 + 
     131 + // 遍历进程
     132 + while (Process32Next(hProcessSnap, &process)) {
     133 + if (strstr(wstring2string(process.szExeFile).c_str(), "csrss.exe"))
     134 + processIdMap[process.th32ProcessID] = true;
     135 + }
     136 + 
     137 + while (1)
     138 + EnumWindows(lpEnumFunc, (LPARAM)&processIdMap);
     139 +
     140 + return 0;
     141 +}
     142 + 
    112 143  int main(int argc, char* argv[]) {
    113 144  
    114 145   memset(&c, 0, sizeof(c));
    skipped 36 lines
    151 182   
    152 183   *output << "dll信息统计完毕,初步符合要求的白程序有:" << results.size() << "个" << endl;
    153 184   
     185 + HANDLE hThread = CreateThread(NULL, 0, MonitorThread, NULL, 0, NULL);
     186 + 
    154 187   //运行目标程序,判断是否会加载hook的dll
    155 188   RunPE();
     189 + 
     190 + TerminateThread(hThread, 0);
    156 191  
    157 192   *output << "找到可利用白文件:" << results.size() << "个" << endl;
    158 193   
    skipped 35 lines
  • ■ ■ ■ ■
    SearchAvailableExe/SearchAvailableExe.vcxproj.user
    skipped 4 lines
    5 5   <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
    6 6   </PropertyGroup>
    7 7   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
    8  - <LocalDebuggerCommandArguments>-i "D:\Code\TeamWorkspace\beacon\+ "</LocalDebuggerCommandArguments>
     8 + <LocalDebuggerCommandArguments>-i "D:"</LocalDebuggerCommandArguments>
    9 9   <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
    10 10   </PropertyGroup>
    11 11  </Project>
  • ■ ■ ■ ■
    SearchAvailableExe/Tools.cpp
    skipped 753 lines
    754 754   }
    755 755   
    756 756   // 等待进程结束
    757  - WaitForSingleObject(pi.hProcess, 2 * 1000);
     757 + WaitForSingleObject(pi.hProcess, 1000);
    758 758   
    759 759   TerminateProcess(pi.hProcess, 0);
    760 760   
    skipped 52 lines
  • ■ ■ ■ ■ ■ ■
    SearchAvailableExe/Tools.h
    skipped 10 lines
    11 11  #include <mutex>
    12 12  #include <random>
    13 13  #include <map>
     14 +#include <psapi.h>
     15 +#include <TlHelp32.h>
    14 16   
    15 17  using namespace std;
    16 18   
    skipped 18 lines
    35 37   
    36 38  BOOL VerifyFileSignature(LPCWSTR filePath);
    37 39  std::wstring ConvertToWideString(const char* input);
     40 +string wstring2string(wstring wstr);
    38 41  void RunPE();
    39 42   
Please wait...
Page is in error, reload to recover