Get Handle of the Current Process ?

cool_tester · Post by **cool_tester** » Wed Nov 03, 2004 6:18 pm

Isit possible to get the Window Handle of the Process where my Dll is loaded.
I tried GetCurrentModal but that gave my something else..

Thanks.

Post by **madshi** » Thu Nov 04, 2004 7:37 am

Your question is wrong. You talk about "the windows handle", but there's nothing like that in win32 programming. Each process can have zero, one or multiple windows.

cool_tester · Post by **cool_tester** » Thu Nov 04, 2004 10:11 am

so is there anyway to get the handle of the main window... where my dll is loaded..for example. let say i hook createFile API on Word2000 so whenever word tries to open a file, i need to know the handle of the main window, so for example i can hide the main window or maximize it and so on..... or simply how do i run this API on the calling process:
ShowWindow(Handle?,SW_SHOW);

using Delphi... where do i get Handle? of word from....

Thanks..

Post by **madshi** » Thu Nov 04, 2004 10:17 am

You can use EnumWindows and then for each enumerated window call GetWindowThreadProcessID to ask to which process ID each window belongs. If the enumerated window belongs to the current process, check whether it's shown in the taskbar. Check the internet to find out how you can do that.

However, doing windows enumeration for every CreateFile call doesn't sound like a good idea to me. I'd fear for reduced OS performance if you do that. Also please note that you are not allowed to call EnumWindows inside of system processes. That means if you use EnumWindows, you must not use the special flag "SYSTEM_PROCESSES" when calling InjectLibrary. Otherwise you'll blue screen your OS.

cool_tester · Post by **cool_tester** » Thu Nov 04, 2004 10:22 am

So how does MadKernel Doing it, i mean it does have these Functions:

Code: Select all

property  IWindow.Visible : boolean;
procedure IWindow.Hide;
procedure IWindow.Show (activate : boolean = true);

which i beleive it is using ShowWindow to cal these functions? so it must know the windows handle of the process it is injecting... correct?

Post by **madshi** » Thu Nov 04, 2004 10:28 am

When using e.g. IProcess.Minimize, this enumerates all windows of the process which are shown in the taskbar and minimizes them all, one by one.

cool_tester · Post by **cool_tester** » Thu Nov 04, 2004 10:30 am

OK got it so MadKernel does use the enum to find out which process it is calling..?
Thanks...

cool_tester · Post by **cool_tester** » Thu Nov 04, 2004 11:41 am

madshi wrote:You can use EnumWindows and then for each enumerated window call GetWindowThreadProcessID to ask to which process ID each window belongs. If the enumerated window belongs to the current process, check whether it's shown in the taskbar. Check the internet to find out how you can do that.

However, doing windows enumeration for every CreateFile call doesn't sound like a good idea to me. I'd fear for reduced OS performance if you do that. Also please note that you are not allowed to call EnumWindows inside of system processes. That means if you use EnumWindows, you must not use the special flag "SYSTEM_PROCESSES" when calling InjectLibrary. Otherwise you'll blue screen your OS.

When i used EnumWindows and GetWindowThreadProcessID the process IDs that are returned are the not the actual Process ID of the window. because when i compared it with a SPY Program that shows windows handle and the processID of the window which the mouse is over. and sure enough when i tried to hook into the window using the returned ProcessID from GetWindowThreadProcessID nothing happened and when i used the ProcessID returned by the SPy it worked which tells me that GetWindowThreadProcessID is returning something else, and not the actual process ID, so now is there a function that would return the actual processID using a handle.?

cool_tester · Post by **cool_tester** » Thu Nov 04, 2004 12:06 pm

Ah i think i have figure it out GetWindowThreadProcessID returns the ThreadProcessID so using CreatetoolSnapShot allowed to loop through the and get what i want,, now ONE LAST QUESTION: What does EXACLTY GETCALLINGMODULE Returns?

Post by **madshi** » Thu Nov 04, 2004 12:17 pm

GetWindowThreadProcessID returns both the threadID and the processID - check the documentation!!

GetCallingModule tells you which DLL (handle) has called the API which you have hooked.

cool_tester · Post by **cool_tester** » Thu Nov 04, 2004 12:42 pm

Here is what i have and i'm getting the wrong stuff:

Code: Select all

function GetWindows(Handle: HWND; Info: Pointer): BOOL; stdcall;
var
Dest: array[0..80] of char;
begin
   Result := True;
   GetWindowThreadProcessID(Handle,info);
   GetWindowText(handle, Dest, sizeof(Dest) - 1);
   Form1.Memo1.lines.add('Handle='+IntToStr(Handle) + 'and ProcessID='+IntToStr(GetWindowThreadProcessID(Handle,info)) + 'and Window Caption=' + Dest);
end;

I call it like this:
procedure TForm1.Button3Click(Sender: TObject);
var
   TopWindow: HWND;
begin
      TopWindow := Handle;
      EnumWindows(@GetWindows,Longint(@TopWindow));
end;

Which fills Memo1 with the information: but when i compare the ProcessID i get a different number then the Spy program.. am I doing something wrong... or am I requesting the wrong info.?

cool_tester · Post by **cool_tester** » Thu Nov 04, 2004 12:50 pm

Oops i got it, i was requesting teh wrong info, after reading the docs the function should be like this:

Code: Select all

function GetWindows(Handle: HWND; Info: Pointer): BOOL; stdcall;
var
Dest: array[0..80] of char;
ProcID    : DWord;
begin
   Result := True;
   GetWindowThreadProcessID(Handle,info);
   GetWindowText(handle, Dest, sizeof(Dest) - 1);
   GetWindowThreadProcessID(Handle,@ProcID) ;
   Form1.Memo1.lines.add('Handle='+IntToStr(Handle) + '>ProcessID='+IntToStr(ProcID) + '>Window Caption=' + Dest);
end;

Which returns the correct value..
Thanks for all your help.