register window message

i registed my message on DlgMain WM_PK_MESSAGE by RegisterWindowMessage and i have a DLL..have InjectDLL Function callback to a wndproc i want my DLL get WM_PK_MESSAGE.. can you have some ideas for me ;) tk so much

i try ... tk so much ;)

ok thanks....i had HWND của desktop window... and then...may i paint on it?

i want draw lines on desktop.not on bitmap can you help me?

thanks so much :)

i understand your idea but i don't know how make it.. can you write a sample ( function GetEvent) for me? or any document to understand it... thanks Hans :) :)

i have checkbox... i want when i check my checkbox,my DLL know that i checked someone have solution? thanks so much

i open spy++ and i right click\propeties.i see winproc:001....(address) of a window may i redefine this winproc of this window to send WM_KEYDOWN. because this window had security...i can't sendmessage,postmessage,defwinproc can you help me . thanks so much

i have address a function of a process example :73D7469D i don't know how to read this function of that process and interact with this function plz help me thanks so much..sorry if my english isn't good

i sent code for you...plz help me :) thanks so much

i try free objectTypeInfo but still stack over flow.. can you help me?.. so hard to use this Undocument Api.... :sigh:

i have function void CShowHandlesOfProc::AddHandlesToList(CListCtrl *m_list,DWORD pid) { int nItem=0; NTSTATUS status; PSYSTEM_HANDLE_INFORMATION handleInfo=new SYSTEM_HANDLE_INFORMATION; ULONG handleInfoSize ; HANDLE processHandle; ULONG i; _NtQuerySystemInformation NtQuerySystemInformation = (_NtQuerySystemInformation)GetLibraryProcAddress("ntdll.dll", "NtQuerySystemInformation"); _NtDuplicateObject NtDuplicateObject = (_NtDuplicateObject)GetLibraryProcAddress("ntdll.dll", "NtDuplicateObject"); _NtQueryObject NtQueryObject = (_NtQueryObject)GetLibraryProcAddress("ntdll.dll", "NtQueryObject"); if(!(processHandle = OpenProcess(PROCESS_DUP_HANDLE|PROCESS_QUERY_INFORMATION|PROCESS_VM_READ,FALSE,pid))) return; // handleInfo = (PSYSTEM_HANDLE_INFORMATION)malloc(handleInfoSize); //while((status = NtQuerySystemInformation(SystemHandleInformation,handleInfo,handleInfoSize,NULL)) == STATUS_INFO_LENGTH_MISMATCH) //handleInfo = (PSYSTEM_HANDLE_INFORMATION)realloc(handleInfo, handleInfoSize *= 2); DWORD size=sizeof(SYSTEM_HANDLE_INFORMATION); DWORD needed=0; status = NtQuerySystemInformation(SystemHandleInformation,handleInfo,size,&needed); if(!NT_SUCCESS(status)) { if(needed==0) return ; delete handleInfo; size = needed + 1024; handleInfo= (PSYSTEM_HANDLE_INFORMATION)new BYTE[size]; status = NtQuerySystemInformation(SystemHandleInformation,handleInfo,size,&needed); if(status==STATUS_INFO_LENGTH_MISMATCH) MessageBox(L"Khong du Length cho NtQuerySystem"); if(!NT_SUCCESS(status)) { delete handleInfo; return; } } for(i = 0; i < handleInfo->HandleCount; i++) { SYSTEM_HANDLE handle = handleInfo->Handles[i]; HANDLE dupHandle = NULL; POBJECT_TYPE_INFORMATION objectTypeInfo=new OBJECT_TYPE_INFORMATION; DWORD sizeType=0; PVOID objectNameInfo; UNICODE_STRING objectName; ULONG returnLength; if(handle.ProcessId != pid) continue; status=NtDuplicateObject( processHandle, (HANDLE)handle.Handle, GetCurrentProcess(), &dupHandle, 0, 0, 0 ); /* if (status=STATUS_ACCESS_DENIED) { MessageBox(L"deny access handle"); continue;

thanks for reply :)... i'll reseach :)

i posted my function and my struct for reply of Code-o-mat(member).. this i System infomation class http://undocumented.ntinternals.net/UserMode/Undocumented%20Functions/System%20Information/SYSTEM_INFORMATION_CLASS.html[^] plz help me :).. thansk for reply sorry if my english is not good

this is my function

void CShowHandlesOfProc::AddHandlesToList(CListCtrl *m_list,DWORD pid)
{
int nItem=0;
NTSTATUS status;
PSYSTEM_HANDLE_INFORMATION handleInfo;
ULONG handleInfoSize = 0x10000;
HANDLE processHandle;
ULONG i;

\_NtQuerySystemInformation NtQuerySystemInformation = 
(\_NtQuerySystemInformation)GetLibraryProcAddress("ntdll.dll", "NtQuerySystemInformation");

\_NtDuplicateObject NtDuplicateObject =
(\_NtDuplicateObject)GetLibraryProcAddress("ntdll.dll", "NtDuplicateObject");

\_NtQueryObject NtQueryObject =
(\_NtQueryObject)GetLibraryProcAddress("ntdll.dll", "NtQueryObject");

if(!(processHandle = OpenProcess(PROCESS\_DUP\_HANDLE|PROCESS\_QUERY\_INFORMATION|PROCESS\_VM\_READ,FALSE,pid))) return;

handleInfo = (PSYSTEM\_HANDLE\_INFORMATION)malloc(handleInfoSize);

while((status = NtQuerySystemInformation(SystemHandleInformation,handleInfo,handleInfoSize,NULL)) == STATUS\_INFO\_LENGTH\_MISMATCH)
handleInfo = (PSYSTEM\_HANDLE\_INFORMATION)realloc(handleInfo, handleInfoSize \*= 2);

if(!NT\_SUCCESS(status)) return;

for(i = 0; i < handleInfo->HandleCount; i++)
{
    SYSTEM\_HANDLE handle     = handleInfo->Handles\[i\];
    HANDLE dupHandle         = NULL;
    POBJECT\_TYPE\_INFORMATION objectTypeInfo;
    PVOID                    objectNameInfo;
    UNICODE\_STRING           objectName;
    ULONG                    returnLength;

    if(handle.ProcessId != pid) continue;
    if(!NT\_SUCCESS(NtDuplicateObject(processHandle,(HANDLE)handle.Handle,GetCurrentProcess(),&dupHandle,0,0,0))) continue;
    objectTypeInfo = (POBJECT\_TYPE\_INFORMATION)malloc(0x1000);

    if(!NT\_SUCCESS(NtQueryObject(dupHandle,ObjectTypeInformation,objectTypeInfo,0x1000,NULL)))
    {
        CloseHandle(dupHandle);
        continue;
    }

    if((handle.GrantedAccess != 0x0012019f)
    && (handle.GrantedAccess != 0x001a019f)
    && (handle.GrantedAccess != 0x00120189)
    && (handle.GrantedAccess != 0x00100000))
    {
        wprintf(L"%s - 0x%X - ",objectTypeInfo->Name.Buffer, handle.Handle);
        //wprintf(L"0x%X",handle.GrantedAccess);
		CString szType,szHandle,szName;
		szHandle.Format(L"0x%X",handle.Handle);
		m\_list->InsertItem(nItem,szHandle);
		nItem++;
        objectNameInfo = malloc(0x1000);

i use NtQuerySystemInformation but i get a error

if(!NtQuerySystemInformation(16,&hInfo,sizeof(hInfo),NULL))
{
printf("Load NtQuery Unsucessfull");
Sleep(-1);
return 1;
}
CString szTam;
szTam.Format(L"%d",hInfo.HandleCount);
MessageBox(0,szTam,0,0);

for(int i=0;i < hInfo.HandleCount;i++)
{
	**SYSTEM\_HANDLE hSystem=hInfo.Handles\[i\];** //error here
	HANDLE hdupHandle=NULL;
       ......
    }

can you help me? or i must ReadProcessMemory?

thanks very clearly :).. i'll try

thanks. i 'll research...do you have a help document for me?

In Process Explorer software have function view handles of process i don't know how to get handles same that function someone give me idea>? thanks so much sorry if my english is not good

hi everybody i want to make a tree in a listctrl.. but i don't know how i search but i don't find something about that help me Plz sorry if my english isn't good