Anfidya'nın arka bahçesi..

There is dark web in the deep web..

Archive for the ‘Anti Cheat’ Category

[Delphi] ProcessID ile Görüntü Yolu Bulma (GetModuleFileNameEx)

leave a comment

Selamlar canişkolarım,

Yıl olmuş 2017 ve ben hâla gönderi atmamışım buraya..

Yine über gereksiz araştırmalar yaparken GetModuleFileNameEx diye bir zımbırtı buldum. Nasıl kullanılır sorusunu hazreti google emmiden edinirken, yine bir yerlerden kod arakladım ve hemen sizleri de bu günaha ortak ediyorum (kötü_adam_gülüşü)! Çok ufak bir kaç değişiklik yaparak amacımıza uygun hale getirdim tabi ki!!

function GetProcessPathFromPID(classx,title:PChar): String;
var
  pid     : DWORD;       hwd : HWND;
  hProcess: THandle;
  path    : array[0..4095] of Char;
begin
  hwd := FindWindow(classx,title);
  GetWindowThreadProcessId(hwd, pid);

  hProcess := OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, FALSE, pid);
  if hProcess <> 0 then
    try
      if GetModuleFileNameEx(hProcess, 0, @path[0], Length(path)) = 0 then
        RaiseLastOSError;

      result := path;
    finally
      CloseHandle(hProcess);
    end
  else
    RaiseLastOSError;
end;

Kaynak: http://stackoverflow.com/questions/4178443/get-the-full-path-from-a-pid-using-delphi

Written by anfidya

Mayıs 14th, 2017 at 1:54 am

[Delphi] Programı Suspend ve Resume Etme(Durdur&Çalıştır)

leave a comment

Merhaba,

Aşağıdaki kodlar ile herhangi bir işlemi pid numarası ile durdurabilir ve tekrar aktif edebiliriz.

Uses:

Windows,ShlObj,ShFolder,ShellAPi, ImageHlp, messages, TLHelp32, psAPI;

Kod kısmımız:

 const
 THREAD_TERMINATE = ($0001);
 THREAD_SUSPEND_RESUME = ($0002);
 THREAD_GET_CONTEXT = ($0008);
 THREAD_SET_CONTEXT = ($0010);
 THREAD_SET_INFORMATION = ($0020);
 THREAD_QUERY_INFORMATION = ($0040);
 THREAD_SET_THREAD_TOKEN = ($0080);
 THREAD_IMPERSONATE = ($0100);
 THREAD_DIRECT_IMPERSONATION = ($0200);
 THREAD_ALL_ACCESS = (STANDARD_RIGHTS_REQUIRED or SYNCHRONIZE or $3FF);
procedure PauseProcess(Pid: integer);
 var
 Thread32: TThreadEntry32;
 ThreadSnapshot: THandle;
 ThreadHandle: THandle;
 begin
 ThreadSnapshot := CreateToolHelp32SnapShot(TH32CS_SNAPTHREAD, Pid);
 Thread32.dwSize := SizeOf(TThreadEntry32);
 Thread32First(ThreadSnapshot, Thread32);
 repeat
 if Thread32.th32OwnerProcessID = Pid then begin
 ThreadHandle := OpenThread(THREAD_ALL_ACCESS,False,Thread32.th32ThreadID);
 SuspendThread(ThreadHandle);
 CloseHandle(ThreadHandle);
 end;
 until not (Thread32Next(ThreadSnapshot, Thread32));
 CloseHandle(ThreadSnapshot);
 end;
procedure ResumeProcess(Pid: integer);
 var
 Thread32: TThreadEntry32;
 ThreadSnapshot: THandle;
 ThreadHandle: THandle;
 begin
 ThreadSnapshot := CreateToolHelp32SnapShot(TH32CS_SNAPTHREAD, Pid);
 Thread32.dwSize := SizeOf(TThreadEntry32);
 Thread32First(ThreadSnapshot, Thread32);
 repeat
 if Thread32.th32OwnerProcessID = Pid then begin
 ThreadHandle := OpenThread(THREAD_ALL_ACCESS,False,Thread32.th32ThreadID);
 ResumeThread(ThreadHandle);
 CloseHandle(ThreadHandle);
 end;
 until not (Thread32Next(ThreadSnapshot, Thread32));
 CloseHandle(ThreadSnapshot);
 end;

 

Yıllar sonra gelen güncelleme;

function OpenThread( dwDesiredAccess: DWORD ; bInheritHandle: Boolean;
dwThreadId: DWORD ): THandle;
implementation
function OpenThread; external 'kernel32.dll' name 'OpenThread';

Lazım oldu kullandım bunlar eksikmiş gençler sorry :/

Written by anfidya

Eylül 25th, 2014 at 1:32 am

Posted in Anti Cheat,Delphi

Tagged with