View previous topic :: View next topic |
Author |
Message |
ulysse31 Master Cheater Reputation: 2
Joined: 19 Mar 2015 Posts: 324 Location: Paris
|
Posted: Fri Feb 10, 2017 5:49 pm Post subject: Enum target handles |
|
|
1/Is there a way to enum target process handles with CE, much like Ollydbg does ?
2/
I am reversing IPC (from process A to process B) using WM_COPYDATA, the hwnd used to make the sendmessage call isn't a window handle that my OS will yield to me through enumwindows (I supposedly have all the windows hwnd).
Considering the fact that this sendmessage function returns 1 which means the target window processed the call, considering the fact that process A is the parent process of process B and considering the fact I have all window handle and can't match the hwnd argument call with any of them, would the most plausible explanation be that the hwnd used from process A is a pseudo handle (afaik it's a handle that doesn't have system wide meaning) ?
|
|
Back to top |
|
|
atom0s Moderator Reputation: 198
Joined: 25 Jan 2006 Posts: 8516 Location: 127.0.0.1
|
Posted: Sun Feb 12, 2017 2:46 pm Post subject: |
|
|
1. Unsure, don't see anything in the main.lua that exposes something like this. You could write out a script to EnumWindows manually if you needed to though.
2. The handle could be owned by a child within the main window. Be sure that you are not just enumerating and checking top-level windows, but also the children of the window. (This includes other child windows as well as controls on the window. A handle does not have to be associated with a full blown window.)
_________________
- Retired. |
|
Back to top |
|
|
ulysse31 Master Cheater Reputation: 2
Joined: 19 Mar 2015 Posts: 324 Location: Paris
|
Posted: Mon Feb 13, 2017 10:40 am Post subject: |
|
|
atom0s wrote: |
2. The handle could be owned by a child within the main window. Be sure that you are not just enumerating and checking top-level windows, but also the children of the window. (This includes other child windows as well as controls on the window. A handle does not have to be associated with a full blown window.) |
(Thanks, I am enumerating all windows afaik, windows that are invisible and whose sole purpose is to receive messages still appear, I also get several windows per process.
Can this be a pseudo-handle tho ? If it was, it'd be normal that my console program enumerating all windows doesn't get an handle that matches ?)
Edit :
Ok, I was not enumerating child windows, thanks.
|
|
Back to top |
|
|
|