Leaderboard

Hi folks, Attached below is one way of attacking WinRT Objects. These are essentially COM objects, however they don't have an IDispatch interface so ObjCreate() cannot be used. It is possible to expose them using ObjCreateInterface though. Alternately, DllCallAddress() may be used to access an object's functions directly from memory. I'm using the latter mainly because that's the path I started down first! To make sense of whats in the attachment... WinRT.au3 - Core high level functions that sit on top of interface libraries Includes Async and Collection implementations etc. So basic high level functionality. WinRTCore.au3 - Internal helper functions for interface libraries Interface Folder - Interface libraries (there are over 850 of these!). Essentially these wrap the functions in an interface's vtable Includes tags which may be used with ObjCreateInterface Enums Folder - Contains map datatypes that can be used to convert enumeration strings to their numeric type, or vice versa Classes Folder - doesn't actually contain code - A class file includes interface and enum files that belong to a class. Namespaces Folder - doesn't actually contain code - A namespace file includes classes that are related. Bonus: I've also uploaded a rudimentary WinRT Class Explorer if it happens to be useful to anyone. Bonus2: I've added a tool that installs/removes calltips for interface libraries. Original post: WinRT Libraries - Latest ClassExplorer.zip

I checked with my crystal ball and it said to tell you "Use the correct xpath". 🔮

Hi all - a new version is up. I've made some massive changes behind the scenes to the generator script, so I'm hoping this will fix more things than it'll break! A few notes... The upload includes more interfaces that were hiding in the metadata under the "Activatable" custom attribute. Enums with a value > 0x7FFFFFFF used to cause the script to crash - So to get around this we now need to use _WinRT_GetEnum($mMap, $iValue) to resolve numeric enums to their string representation. Fixed a number of functions that I was mishandling when the return value was "none". Better handling of functions that pass arrays in or out (when its not a return value). - I'm still not 100% happy with this yet, so be warned implementation will probably change down the track. I still need to properly tackle paramatised interfaces, so that's another area that's likely to change.