一份好玩的代码通过检测OD菜单检测OD是否存在
本帖最后由 komany 于 2013-2-24 15:30 编辑#include <windows.h>
#include <string.h>
#include <stdlib.h>
#include <CONIO.H>
BOOL g_IsContinue = FALSE;
void GetErrorMsg()
{
LPVOID lpMsgBuf;
FormatMessage(
FORMAT_MESSAGE_ALLOCATE_BUFFER |
FORMAT_MESSAGE_FROM_SYSTEM |
FORMAT_MESSAGE_IGNORE_INSERTS,
NULL,
GetLastError(),
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
(LPTSTR) &lpMsgBuf,
0,
NULL
);
OutputDebugString((LPCTSTR)lpMsgBuf);
LocalFree( lpMsgBuf );
}
BOOL CALLBACK EnumWindowsProc(HWND hwnd,LPARAM lParam)
{
HMENU hMenu = GetMenu(hwnd);
GetErrorMsg();
if (hMenu != NULL)
{
WCHAR lpString = {0};
char lpString2 = {0};
GetMenuStringW(hMenu, 3, lpString, 255, MF_BYPOSITION);
GetErrorMsg();
GetMenuStringA(hMenu, 3, lpString2, 255, MF_BYPOSITION);
GetErrorMsg();
if (((wcslen(lpString)) != 0 && (wcscmp(L"调试(&D)", lpString) == 0))
|| (strlen(lpString2) != 0) && (strcmp("&Debug", lpString2) == 0))
{
DWORD dwPID = 0;
HANDLE hPro = NULL;
GetWindowThreadProcessId(hwnd, &dwPID);
GetErrorMsg();
hPro = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPID);
if (hPro != NULL)
{
printf("发现调试工具,现在关闭!\r\n");
TerminateProcess(hPro, -1);
CloseHandle(hPro);
hPro = NULL;
return FALSE;
}
}
}
return TRUE;
}
DWORD WINAPI ThreadProc(LPVOID lpParameter)
{
while (g_IsContinue)
{
EnumWindows(EnumWindowsProc, NULL);
Sleep(1000);
}
return 0;
}
int main(int argc, char* argv[])
{
DWORD dwTid = 0;
HANDLE hThread = CreateThread(NULL, NULL, ThreadProc, NULL, CREATE_SUSPENDED, &dwTid);
if (hThread == NULL)
{
GetErrorMsg();
return -1;
}
g_IsContinue = TRUE;
ResumeThread(hThread);
WaitForSingleObject(hThread, INFINITE);
CloseHandle(hThread);
hThread = NULL;
return 0;
}
这个源码太弱了,检测到又咋样?,大牛还是一样把那验证秒过的 {:1_907:}在SOD的庇护下,甚么时候EnumWindows能够枚举到OD的窗口啦. 不错不错~~收藏了··
页:
[1]