|
-
Aug 14th, 2000, 05:44 PM
#1
Following my previous thread about SubClassing, I have another question:
Since Subclassing using SetWindowLong API is limited to windows in your own thread, I tried to think about ways to Subclass other windows:
When I SetWindowLong with the new address of the proccess, I assume what it does is change the value of the address in the memory.
Is it possible to Subclass othwer windows using CopyMemory in any way?
I'd appreciate any reply.
Thanks.
-
Aug 19th, 2000, 04:05 AM
#2
To the top!!!!!
Ok this isnt my thread, but I would be interested in seeing the answer.....
-
Aug 19th, 2000, 05:36 AM
#3
-
Aug 19th, 2000, 08:59 AM
#4
Frenzied Member
other way around
in fact the problem with subclassing other processes in VB isn't the GWL_WNDPROC variable. The problem is the address of your substitute process.
I'm not sure if my terminoligy is correct for 32 bit windows, but I'd assume these names havn't changed since windows 3.x
All the Data you can access using Get/Set window long is stored in one area of memory, called the BurgerMaster (named after a restaraunt where Bill and his pals used to hang out while working on Windows 1.0)
the hWnd of a window is its address in the BurgerMaster, get.set Window long take an offset from this address to the address of the variable you want (they're all -ve, the hWnd is the address of the next free bit of memory after the window data) This can be accessed from any process.
When the window recieves a message it looks at the value of its GWL_WNDPROC variable and looks at that memory address in the process that the window is associated with, this memory address contains something called a thunk.
a thunk is a bit of machine code that calls your code for you, it is used to set up the chip registers and page tables and copy parameters to the right bits of memory.
so when the window gets the message it calls this thunk.
If you set the GWL_WNDPROC variable to the address of a thunk in your own process the window still looks in its process for the thunk, but the address its given only contains a valid thunk in your process, in its process it could contain anything. So it crashes.
A while ago I experimented with playing around a bit with these thunks, and I found you could use copymemory to copy the thunk from the address given by the addressof operator of a function into a byte array, and you could still subclass using the address of the byte array instead of the address of the procedure.
My next step was going to be to attempt to copy the thunk file of my process into another process using virtualallocex and write process memory, then set the GWL_WNDPROC variable to the address I copied it to, making sure I didn't use any variables in my window procedure, instead making the area of memory I allocated big enough to hold any data I needed and using read/write ProccessMemory to get/set these variables.
Needless to say I decided not to do this and to learn C++ instead.
but If you wnat to try that feel free.
-
Aug 19th, 2000, 10:41 AM
#5
Wow! That sounds a little complicated 
I hope that in the future VB will be able to create standard DLLs.
But the WH_JOURNALRECORD sounds interesting.
-
Aug 19th, 2000, 10:43 AM
#6
How do you do this smiley that looks up?
-
Aug 19th, 2000, 12:15 PM
#7
-
Aug 19th, 2000, 12:30 PM
#8
cool.
do you have some other codes for other faces?
-
Aug 19th, 2000, 01:27 PM
#9
-
Aug 19th, 2000, 01:29 PM
#10
here is how you use them
:D big grin
:confused: confused
:cool: cool
:eek: eek!
:o embarrasment
:( frown
:mad: mad
:rolleyes: roll eyes (sarcastic)
:) smile
:p stick out tongue
;) wink
-
Aug 19th, 2000, 02:16 PM
#11
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote
Sort of...
big grin 
confused 
cool 
eek! 
embarrasment 
frown 
mad 
stick out tongue 
wink 
Thanks...