源码
Import "win32.dll" 'WinApi扩展插件 下载地址 dnxl.ys168.com
const LVM_FIRST = &H1000&
const LVM_GETITEMCOUNT = &H1004&
const LVM_GETHEADER = &H101F&
Const LVM_GETITEMW = &H104B&
const LVM_SETITEMW = &H104C&
const PROCESS_ALL_ACCESS = &H1F0FFF&
const MEM_COMMIT = &H1000&
const MEM_RELEASE = &H8000&
const MEM_RESERVE = &H2000&
Const LVIF_TEXT = 1
Dim u32, k32, pt, LVITEM64, Hwnd
Set u32 = win32.load("user32.dll")
Set k32 = win32.load("kernel32.dll")
Set pt = win32.newstruct 'Point
pt.add "x", "long"
pt.add "y", "long"
Set LVITEM64 = win32.newstruct
With LVITEM64 '目标进程64位,结构体需要扩展
.add "mask","long"
.add "iItem" ,"long"
.add "iSubItem", "long"
.add "state" ,"long"
.add "stateMask","long"
.add "Reserved0","long" '8字节对齐 目标32位的话把这行注释
.add "pszText", "long" 'wchar* 这里本应该是64位指针占8字节,咱是32位进程用不了,就把这个指针分为高低4位,这是低4位
.add "Reserved1","long" '对齐 补上一成员高4位 目标32位的话把这行注释
.add "cchTextMax","long"
.add "iImage","long"
.add "lParam", "long" 'lParam 这里本应该是64位指针占8字节,咱是32位进程用不了,就把这个指针分为高低4位,这是低4位
.add "Reserved2","long" '对齐 补上一成员高4位 目标32位的话把这行注释
.add "iIndent","long"
.add "iGroupId","long"
.add "cColumns","long"
.add "Reserved3","long" '对齐 8字节 目标32位的话把这行注释
.add "puColumns","long" 'IntPtr 这里本应该是64位指针占8字节,咱是32位进程用不了,就把这个指针分为高低4位,这是低4位
.add "Reserved4","long" '对齐 补上一成员高4位 目标32位的话把这行注释
.add "piColFmt","long" 'IntPtr 这里本应该是64位指针占8字节,咱是32位进程用不了,就把这个指针分为高低4位,这是低4位
.add "Reserved5","long" '对齐 补上一成员高4位 目标32位的话把这行注释
.add "iGroup","long" 'IntPtr 这里本应该是64位指针占8字节,咱是32位进程用不了,就把这个指针分为高低4位,这是低4位
.add "Reserved6","long" '对齐 补上一成员高4位 目标32位的话把这行注释
End With
Function GetMousePoint //得到当前鼠标指向的窗口句柄
pt.ptr = k32.LocalAlloc(64, pt.size)
Call u32.GetCurSorPos(pt.ptr)//得到鼠标当前位置
GetMousePoint = u32.WindowFromPoint(pt.x, pt.y)//得到当前鼠标指向的窗口句柄
Call k32.LocalFree(pt.ptr)
End Function
Function GetItemLines(WndHandle) '取ListView控件行数(控件窗口句柄)
GetItemLines = u32.SendMessageW(WndHandle, LVM_GETITEMCOUNT, 0, 0)//得到ListView控件行数
End Function
Function GetItemCount(WndHandle) '取ListView控件例数(控件窗口句柄)
GetItemCount = u32.SendMessageW(u32.SendMessageW(WndHandle, LVM_GETHEADER, 0, 0), &H1200, 0, 0) //得到ListView控件例数
End Function
Function GetListViewText64(WndHandle, line, index) '取ListView控件指定格内容(控件窗口句柄,第N行,第N列) 可以把控件显示内容看作一个二维数组
Dim pid, hProcess, vCount, lines,vPointer,vBuffer
vCount = GetItemCount(WndHandle) //得到列数
If vCount < index Then Exit Function
Lines = GetItemLines(WndHandle) //得到总行数
If Lines < line Then Exit Function
vBuffer = k32.LocalAlloc(64, 1024) '在堆上分配1024个字节的内存空间
Call u32.GetWindowThreadProcessId(WndHandle, vBuffer)//通过窗口句柄获取目标进程ID
pid = Win32.Pint(vBuffer)
hProcess = k32.OpenProcess(PROCESS_ALL_ACCESS, false, pid) '打开进程
vPointer = k32.VirtualAllocEx(hProcess, 0, 4096, MEM_COMMIT, 64) '在目标进程申请4096字节内存空间
LVITEM64.Ptr = K32.LocalAlloc(64, LVITEM64.Size) '给结构体分配内存
lvitem64.Mask = LVIF_TEXT '将要操作文本
LVITEM64.iItem = line '将要操作的行
lvitem64.isubitem = index '将要操作的列
lvitem64.cchTextMax = 256 '最大字符数
lvitem64.pszText = vPointer + lvitem64.size '文本指针
Call k32.WriteProcessMemory(hProcess, vPointer, lvitem64.ptr, lvitem64.size, 0) '将数据写入目标进程
Call u32.SendMessageW(WndHandle, LVM_GETITEMW, line, vPointer) '发消息告诉目标,我想取文本,按照vPointer里面的要求获取,取第N行第N列的文本数据,存到指定地址vPointer + lvitem64.size
Call k32.ReadProcessMemory(hProcess, lvitem64.pszText, vBuffer, 256, 0)'从目标内存指定地址把数据读出来存到vBuffer这块内存里
Call k32.VirtualFreeEx(hProcess, vPointer, 0, MEM_RELEASE)'释放在目标进程申请的内存空间
GetListViewText64 = Win32.PbStr(vBuffer) '以字符串类型从地址vBuffer取出数据,作为函数返回
Call k32.CloseHandle(hProcess) '关闭进程,打开进程必需关闭
Call k32.LocalFree(lvitem64.Ptr) '释放结构体空间
Call k32.LocalFree(vBuffer) '释放vBuffer空间
End Function
Sub SetListViewText64(WndHandle, Line, Index, ItemText) '设置ListView控件指定格内容(控件窗口句柄,第N行,第N列,内容) 可以把控件显示内容看作一个二维数组
Dim pid, hProcess, vCount, Lines,vPointer,vBuffer
vCount = GetItemCount(WndHandle) //得到列数
If vCount < index Then Exit Sub
Lines = GetItemLines(WndHandle) //得到总行数
If Lines < line Then Exit Sub
vBuffer = k32.LocalAlloc(64, 1024)
Call u32.GetWindowThreadProcessId(WndHandle, vbuffer)//通过窗口获取进程ID
pid = Win32.Pint(vbuffer)
hProcess = k32.OpenProcess(PROCESS_ALL_ACCESS, false, pid)
vPointer = k32.VirtualAllocEx(hProcess, 0, 4096, MEM_COMMIT, 64)
LVITEM64.Ptr = K32.LocalAlloc(64, LVITEM64.Size)
lvitem64.mask = LVIF_TEXT
LVITEM64.iItem = line
lvitem64.isubitem = index
lvitem64.cchTextMax = Len(ItemText) * 2 + 2
lvitem64.pszText = vPointer + lvitem64.size
Call k32.WriteProcessMemory(hProcess, lvitem64.pszText, ItemText, lvitem64.cchTextMax, 0) '把想修改的内容写入目标进程
Call k32.WriteProcessMemory(hProcess, vPointer, lvitem64.ptr, lvitem64.size, 0) '把想修改的内容写入目标进程
Call u32.SendMessageW(WndHandle, LVM_SETITEMW, line, vPointer)'发消息告诉目标窗口,我要修改数据,数据在vPointer这个地址里
Call k32.VirtualFreeEx(hProcess, vPointer, 0, MEM_RELEASE)
Call k32.CloseHandle(hProcess)
Call k32.LocalFree(lvitem64.Ptr)
Call k32.LocalFree(vBuffer)
End Sub
Hwnd = GetMousePoint
TracePrint GetListViewText64(Hwnd, 0, 0) & " " & GetListViewText64(Hwnd, 0, 1)
TracePrint GetListViewText64(Hwnd, 1, 0) & " " & GetListViewText64(Hwnd, 1, 1)
TracePrint GetListViewText64(Hwnd, 2, 0) & " " & GetListViewText64(Hwnd, 2, 1)
'Call SetListViewText64(Hwnd, 1, 0, "abcd.exe")
Import "win32.dll" 'WinApi扩展插件 下载地址 dnxl.ys168.com
const LVM_FIRST = &H1000&
const LVM_GETITEMCOUNT = &H1004&
const LVM_GETHEADER = &H101F&
Const LVM_GETITEMW = &H104B&
const LVM_SETITEMW = &H104C&
const PROCESS_ALL_ACCESS = &H1F0FFF&
const MEM_COMMIT = &H1000&
const MEM_RELEASE = &H8000&
const MEM_RESERVE = &H2000&
Const LVIF_TEXT = 1
Dim u32, k32, pt, LVITEM64, Hwnd
Set u32 = win32.load("user32.dll")
Set k32 = win32.load("kernel32.dll")
Set pt = win32.newstruct 'Point
pt.add "x", "long"
pt.add "y", "long"
Set LVITEM64 = win32.newstruct
With LVITEM64 '目标进程64位,结构体需要扩展
.add "mask","long"
.add "iItem" ,"long"
.add "iSubItem", "long"
.add "state" ,"long"
.add "stateMask","long"
.add "Reserved0","long" '8字节对齐 目标32位的话把这行注释
.add "pszText", "long" 'wchar* 这里本应该是64位指针占8字节,咱是32位进程用不了,就把这个指针分为高低4位,这是低4位
.add "Reserved1","long" '对齐 补上一成员高4位 目标32位的话把这行注释
.add "cchTextMax","long"
.add "iImage","long"
.add "lParam", "long" 'lParam 这里本应该是64位指针占8字节,咱是32位进程用不了,就把这个指针分为高低4位,这是低4位
.add "Reserved2","long" '对齐 补上一成员高4位 目标32位的话把这行注释
.add "iIndent","long"
.add "iGroupId","long"
.add "cColumns","long"
.add "Reserved3","long" '对齐 8字节 目标32位的话把这行注释
.add "puColumns","long" 'IntPtr 这里本应该是64位指针占8字节,咱是32位进程用不了,就把这个指针分为高低4位,这是低4位
.add "Reserved4","long" '对齐 补上一成员高4位 目标32位的话把这行注释
.add "piColFmt","long" 'IntPtr 这里本应该是64位指针占8字节,咱是32位进程用不了,就把这个指针分为高低4位,这是低4位
.add "Reserved5","long" '对齐 补上一成员高4位 目标32位的话把这行注释
.add "iGroup","long" 'IntPtr 这里本应该是64位指针占8字节,咱是32位进程用不了,就把这个指针分为高低4位,这是低4位
.add "Reserved6","long" '对齐 补上一成员高4位 目标32位的话把这行注释
End With
Function GetMousePoint //得到当前鼠标指向的窗口句柄
pt.ptr = k32.LocalAlloc(64, pt.size)
Call u32.GetCurSorPos(pt.ptr)//得到鼠标当前位置
GetMousePoint = u32.WindowFromPoint(pt.x, pt.y)//得到当前鼠标指向的窗口句柄
Call k32.LocalFree(pt.ptr)
End Function
Function GetItemLines(WndHandle) '取ListView控件行数(控件窗口句柄)
GetItemLines = u32.SendMessageW(WndHandle, LVM_GETITEMCOUNT, 0, 0)//得到ListView控件行数
End Function
Function GetItemCount(WndHandle) '取ListView控件例数(控件窗口句柄)
GetItemCount = u32.SendMessageW(u32.SendMessageW(WndHandle, LVM_GETHEADER, 0, 0), &H1200, 0, 0) //得到ListView控件例数
End Function
Function GetListViewText64(WndHandle, line, index) '取ListView控件指定格内容(控件窗口句柄,第N行,第N列) 可以把控件显示内容看作一个二维数组
Dim pid, hProcess, vCount, lines,vPointer,vBuffer
vCount = GetItemCount(WndHandle) //得到列数
If vCount < index Then Exit Function
Lines = GetItemLines(WndHandle) //得到总行数
If Lines < line Then Exit Function
vBuffer = k32.LocalAlloc(64, 1024) '在堆上分配1024个字节的内存空间
Call u32.GetWindowThreadProcessId(WndHandle, vBuffer)//通过窗口句柄获取目标进程ID
pid = Win32.Pint(vBuffer)
hProcess = k32.OpenProcess(PROCESS_ALL_ACCESS, false, pid) '打开进程
vPointer = k32.VirtualAllocEx(hProcess, 0, 4096, MEM_COMMIT, 64) '在目标进程申请4096字节内存空间
LVITEM64.Ptr = K32.LocalAlloc(64, LVITEM64.Size) '给结构体分配内存
lvitem64.Mask = LVIF_TEXT '将要操作文本
LVITEM64.iItem = line '将要操作的行
lvitem64.isubitem = index '将要操作的列
lvitem64.cchTextMax = 256 '最大字符数
lvitem64.pszText = vPointer + lvitem64.size '文本指针
Call k32.WriteProcessMemory(hProcess, vPointer, lvitem64.ptr, lvitem64.size, 0) '将数据写入目标进程
Call u32.SendMessageW(WndHandle, LVM_GETITEMW, line, vPointer) '发消息告诉目标,我想取文本,按照vPointer里面的要求获取,取第N行第N列的文本数据,存到指定地址vPointer + lvitem64.size
Call k32.ReadProcessMemory(hProcess, lvitem64.pszText, vBuffer, 256, 0)'从目标内存指定地址把数据读出来存到vBuffer这块内存里
Call k32.VirtualFreeEx(hProcess, vPointer, 0, MEM_RELEASE)'释放在目标进程申请的内存空间
GetListViewText64 = Win32.PbStr(vBuffer) '以字符串类型从地址vBuffer取出数据,作为函数返回
Call k32.CloseHandle(hProcess) '关闭进程,打开进程必需关闭
Call k32.LocalFree(lvitem64.Ptr) '释放结构体空间
Call k32.LocalFree(vBuffer) '释放vBuffer空间
End Function
Sub SetListViewText64(WndHandle, Line, Index, ItemText) '设置ListView控件指定格内容(控件窗口句柄,第N行,第N列,内容) 可以把控件显示内容看作一个二维数组
Dim pid, hProcess, vCount, Lines,vPointer,vBuffer
vCount = GetItemCount(WndHandle) //得到列数
If vCount < index Then Exit Sub
Lines = GetItemLines(WndHandle) //得到总行数
If Lines < line Then Exit Sub
vBuffer = k32.LocalAlloc(64, 1024)
Call u32.GetWindowThreadProcessId(WndHandle, vbuffer)//通过窗口获取进程ID
pid = Win32.Pint(vbuffer)
hProcess = k32.OpenProcess(PROCESS_ALL_ACCESS, false, pid)
vPointer = k32.VirtualAllocEx(hProcess, 0, 4096, MEM_COMMIT, 64)
LVITEM64.Ptr = K32.LocalAlloc(64, LVITEM64.Size)
lvitem64.mask = LVIF_TEXT
LVITEM64.iItem = line
lvitem64.isubitem = index
lvitem64.cchTextMax = Len(ItemText) * 2 + 2
lvitem64.pszText = vPointer + lvitem64.size
Call k32.WriteProcessMemory(hProcess, lvitem64.pszText, ItemText, lvitem64.cchTextMax, 0) '把想修改的内容写入目标进程
Call k32.WriteProcessMemory(hProcess, vPointer, lvitem64.ptr, lvitem64.size, 0) '把想修改的内容写入目标进程
Call u32.SendMessageW(WndHandle, LVM_SETITEMW, line, vPointer)'发消息告诉目标窗口,我要修改数据,数据在vPointer这个地址里
Call k32.VirtualFreeEx(hProcess, vPointer, 0, MEM_RELEASE)
Call k32.CloseHandle(hProcess)
Call k32.LocalFree(lvitem64.Ptr)
Call k32.LocalFree(vBuffer)
End Sub
Hwnd = GetMousePoint
TracePrint GetListViewText64(Hwnd, 0, 0) & " " & GetListViewText64(Hwnd, 0, 1)
TracePrint GetListViewText64(Hwnd, 1, 0) & " " & GetListViewText64(Hwnd, 1, 1)
TracePrint GetListViewText64(Hwnd, 2, 0) & " " & GetListViewText64(Hwnd, 2, 1)
'Call SetListViewText64(Hwnd, 1, 0, "abcd.exe")
