trancexx Posted May 23, 2009 Share Posted May 23, 2009 (edited) This is based on monoceres's work in this thread.What it does? It creates another thread and execute some code in it.In this example it will do this exactly:check internet connection using InternetCheckConnection function (ping)set text in label (GUI is there) saying something and set proper icon indicating connection statesleep for 3000 msdo it again... and again... and againAll that without the blocking effect on your main script (loop). Code is executed in another thread.Script (example):InternetCheckConnectionInAnotherThread.au3edit: Proper stack handling for the x64 code. Thanks Ascend4nt. Edited August 14, 2010 by trancexx ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
monoceres Posted May 23, 2009 Share Posted May 23, 2009 I nailed the cmp instruction the other day Example (comparing two integers) #NoTrayIcon $cb = DllStructCreate("byte[120]") $a1 = 10 $a2 = 8 DllStructSetData($cb, 1, _ "0xB8" & SwapEndian($a1) & _ ; mov eax,a1 "B9" & SwapEndian($a2) & _ ; mov,ecx,a2 "3BC1" & _ ; cmp eax,ecx "7406" & _ ; je 06h "B800000000" & _ ; mov eax,0h "C3" & _ ; ret "B801000000" & _ ; mov eax,1h "C3" _ ;ret ) Local $Ret = DllCall("user32.dll", "int", "CallWindowProc","ptr", DllStructGetPtr($cb),"int", 0,"int", 0,"int", 0,"int", 0) MsgBox(0, $a1 & "=" & $a2, ($Ret[0]=1)) Func SwapEndian($hex) Return Hex(Binary($hex)) EndFunc ;==>SwapEndian Broken link? PM me and I'll send you the file! Link to comment Share on other sites More sharing options...
trancexx Posted May 23, 2009 Author Share Posted May 23, 2009 (edited) Excelent!This is it then:expandcollapse popup#include <Memory.au3> Opt("MustDeclareVars", 1) Global Const $WM_SETTEXT = 12 Global $hGui = GUICreate("Internet status", 350, 270) Global $hLabel = GUICtrlCreateLabel("", 10, 20, 330, 27) GUICtrlSetFont(-1, 18) GUICtrlSetBkColor(-1, 0) GUICtrlSetColor(-1, 0xFFFFFF) Global $hButton = GUICtrlCreateButton("MsgBox", 125, 220, 100, 25) _InternetCheckConnectionInAnotherThread("http://www.google.com", $hLabel) GUISetState() While 1 Switch GUIGetMsg() Case - 3 Exit Case $hButton MsgBox(0, "Title", "Text", 0, $hGui) EndSwitch WEnd Func _InternetCheckConnectionInAnotherThread($sURL, $hControl) Local $tDataBuffer = DllStructCreate("wchar URL[" & StringLen($sURL) + 1 & "];" & _ "wchar OFF[8];" & _ "wchar ON[7]") DllStructSetData($tDataBuffer, "URL", $sURL) DllStructSetData($tDataBuffer, "OFF", "OFFLINE") DllStructSetData($tDataBuffer, "ON", "ONLINE") Local $RemoteData = _MemVirtualAlloc(0, DllStructGetSize($tDataBuffer), $MEM_COMMIT, $PAGE_READWRITE) _MemMoveMemory(DllStructGetPtr($tDataBuffer), $RemoteData, DllStructGetSize($tDataBuffer)) Local $InternetCheckConnectionW = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("wininet.dll"), "str", "InternetCheckConnectionW") $InternetCheckConnectionW = $InternetCheckConnectionW[0] Local $SendMessageW = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("user32.dll"), "str", "SendMessageW") $SendMessageW = $SendMessageW[0] Local $Sleep = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("kernel32.dll"), "str", "Sleep") $Sleep = $Sleep[0] Local $CodeBuffer = DllStructCreate("byte[512]") ; deliberately much more than enough Local $RemoteCode = _MemVirtualAlloc(0, DllStructGetSize($CodeBuffer), $MEM_COMMIT, $PAGE_EXECUTE_READWRITE) DllStructSetData($CodeBuffer, 1, _ "0x" & _ "68" & SwapEndian(0) & _ ; push Reserved "68" & SwapEndian(1) & _ ; push Flag "68" & SwapEndian($RemoteData + (DllStructGetPtr($tDataBuffer, "URL") - DllStructGetPtr($tDataBuffer))) & _ ; push URL string "B8" & SwapEndian($InternetCheckConnectionW) & _ ; mov eax, InternetCheckConnectionW "FFD0" & _ ; call eax "B9" & SwapEndian(0) & _ ; mov,ecx,0 "3BC1" & _ ; cmp eax,ecx "74" & Hex(41, 2) & _ ; je 41 bytes "68" & SwapEndian($RemoteData + (DllStructGetPtr($tDataBuffer, "ON") - DllStructGetPtr($tDataBuffer))) & _ ; push string "68" & SwapEndian(0) & _ ; push wParam "68" & SwapEndian($WM_SETTEXT) & _ ; push WM_SETTEXT "68" & SwapEndian(GUICtrlGetHandle($hControl)) & _ ; push HANDLE "E8" & SwapEndian($SendMessageW - ($RemoteCode + 56)) & _ ; call function SendMessageW "68" & SwapEndian(2000) & _ ; push Milliseconds "E8" & SwapEndian($Sleep - ($RemoteCode + 66)) & _ ; call function Sleep "E9" & SwapEndian(-71) & _ ; jump [start address] "C3" & _ ; ret "68" & SwapEndian($RemoteData + (DllStructGetPtr($tDataBuffer, "OFF") - DllStructGetPtr($tDataBuffer))) & _ ; push string "68" & SwapEndian(0) & _ ; push wParam "68" & SwapEndian(12) & _ ; push WM_SETTEXT "68" & SwapEndian(GUICtrlGetHandle($hLabel)) & _ ; push HANDLE "E8" & SwapEndian($SendMessageW - ($RemoteCode + 97)) & _ ; call function SendMessageW "68" & SwapEndian(2000) & _ ; push Milliseconds "E8" & SwapEndian($Sleep - ($RemoteCode + 107)) & _ ; call function Sleep "E9" & SwapEndian(-112) & _ ; jump [start address] "C3" _ ; ret ) _MemMoveMemory(DllStructGetPtr($CodeBuffer), $RemoteCode, DllStructGetSize($CodeBuffer)) Local $aCall = DllCall("kernel32.dll", "ptr", "CreateThread", "ptr", 0, "int", 0, "ptr", $RemoteCode, "ptr", 0, "int", 0, "dword*", 0) Local $hThread = $aCall[0] Return $hThread EndFunc ;==>_InternetCheckConnectionInAnotherThread Func SwapEndian($hex) Return Hex(Binary($hex)) EndFunc ;==>SwapEndianIt's pinging google.com every two seconds and update status label with pinging result - all in another thread (completly non-blocking for our main script)edit: I must work on my eng. - missing l, will not edit. Edited May 23, 2009 by trancexx ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
monoceres Posted May 23, 2009 Share Posted May 23, 2009 Good stuff. Isn't it fun working with opcodes? Anyway, if you're having trouble with getting the opcodes to work, if you have Visual Studio it's a piece of cake getting everything to work.Write the asm/C++ code you wanna know the opcodes of (in this case cmp eax,ecx)Set a break point at the specified lineRun the debuggerWhen the debugger halts right click and select "show dissembly"Right click again and select show "code bytes"Done Broken link? PM me and I'll send you the file! Link to comment Share on other sites More sharing options...
trancexx Posted May 27, 2009 Author Share Posted May 27, 2009 I did some compacting and optimizing. It's cmp eax, value now and structure that we create with DllStructCreate() already have needed access protection, so skipping additional allocation is possible. It looks like this now:expandcollapse popup#include <Memory.au3> Opt("MustDeclareVars", 1) Global Const $WM_SETTEXT = 12 Global $hGui = GUICreate("Internet status", 350, 270) Global $hLabel = GUICtrlCreateLabel("", 10, 20, 110, 27) GUICtrlSetTip(-1, "Status") GUICtrlSetFont(-1, 18) GUICtrlSetBkColor(-1, 0) GUICtrlSetColor(-1, 0xFFFFFF) Global $hButton = GUICtrlCreateButton("MsgBox", 125, 220, 100, 25) _InternetCheckConnectionInAnotherThread("http://www.google.com", $hLabel) GUISetState() While 1 Switch GUIGetMsg() Case - 3 Exit Case $hButton MsgBox(0, "Title", "Text", 0, $hGui) EndSwitch WEnd Func _InternetCheckConnectionInAnotherThread($sURL, $hControl) Local $tDataBuffer = DllStructCreate("wchar URL[" & StringLen($sURL) + 1 & "];" & _ "wchar OFF[8];" & _ "wchar ON[7]") DllStructSetData($tDataBuffer, "URL", $sURL) DllStructSetData($tDataBuffer, "OFF", "OFFLINE") DllStructSetData($tDataBuffer, "ON", "ONLINE") Local $InternetCheckConnectionW = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("wininet.dll"), "str", "InternetCheckConnectionW") $InternetCheckConnectionW = $InternetCheckConnectionW[0] Local $SendMessageW = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("user32.dll"), "str", "SendMessageW") $SendMessageW = $SendMessageW[0] Local $Sleep = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("kernel32.dll"), "str", "Sleep") $Sleep = $Sleep[0] Local $CodeBuffer = DllStructCreate("byte[512]") ; deliberately much more than enough Local $RemoteCode = _MemVirtualAlloc(0, DllStructGetSize($CodeBuffer), $MEM_COMMIT, $PAGE_EXECUTE_READWRITE) DllStructSetData($CodeBuffer, 1, _ "0x" & _ "68" & SwapEndian(0) & _ ; push Reserved "68" & SwapEndian(1) & _ ; push Flag "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "URL")) & _ ; push URL string "B8" & SwapEndian($InternetCheckConnectionW) & _ ; mov eax, InternetCheckConnectionW "FFD0" & _ ; call eax "3D" & SwapEndian(0) & _ ; cmp eax, 00000000 "74" & Hex(41, 2) & _ ; je 41 bytes "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "ON")) & _ ; push string "68" & SwapEndian(0) & _ ; push wParam "68" & SwapEndian($WM_SETTEXT) & _ ; push WM_SETTEXT "68" & SwapEndian(GUICtrlGetHandle($hControl)) & _ ; push HANDLE "E8" & SwapEndian($SendMessageW - ($RemoteCode + 54)) & _ ; call function SendMessageW "68" & SwapEndian(3000) & _ ; push Milliseconds "E8" & SwapEndian($Sleep - ($RemoteCode + 64)) & _ ; call function Sleep "E9" & SwapEndian(-69) & _ ; jump [start address] "C3" & _ ; ret "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "OFF")) & _ ; push string "68" & SwapEndian(0) & _ ; push wParam "68" & SwapEndian($WM_SETTEXT) & _ ; push WM_SETTEXT "68" & SwapEndian(GUICtrlGetHandle($hControl)) & _ ; push HANDLE "E8" & SwapEndian($SendMessageW - ($RemoteCode + 95)) & _ ; call function SendMessageW "68" & SwapEndian(3000) & _ ; push Milliseconds "E8" & SwapEndian($Sleep - ($RemoteCode + 105)) & _ ; call function Sleep "E9" & SwapEndian(-110) & _ ; jump [start address] "C3" _ ; ret ) _MemMoveMemory(DllStructGetPtr($CodeBuffer), $RemoteCode, DllStructGetSize($CodeBuffer)) Local $aCall = DllCall("kernel32.dll", "ptr", "CreateThread", "ptr", 0, "dword", 0, "ptr", $RemoteCode, "ptr", 0, "dword", 0, "dword*", 0) Local $hThread = $aCall[0] Return $hThread EndFunc ;==>_InternetCheckConnectionInAnotherThread Func SwapEndian($hex) Return Hex(Binary($hex)) EndFunc ;==>SwapEndian ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
oMBRa Posted May 27, 2009 Share Posted May 27, 2009 Nice work, anyway, do you think it can be used to read the register values of a process? Link to comment Share on other sites More sharing options...
trancexx Posted May 28, 2009 Author Share Posted May 28, 2009 Nice work, anyway, do you think it can be used to read the register values of a process?Thanks.Register values of a process? ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
oMBRa Posted May 28, 2009 Share Posted May 28, 2009 yes, like the opcode u see with a memory tool scanner for an address e.g eax+08 ecc Link to comment Share on other sites More sharing options...
trancexx Posted May 28, 2009 Author Share Posted May 28, 2009 Why would you want that in another thread? ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
oMBRa Posted May 29, 2009 Share Posted May 29, 2009 I was playing around with reading the memory of a process but I gave up becouse it uses DMA, obviously I have searched for pointer etc, but the address I needed seems to do not have one, I found then a static address with opcode (something like eax+08) and ''eax+08'' is the address I was searching, so I thought the only way to find that addres was to know the value of eax. Link to comment Share on other sites More sharing options...
trancexx Posted May 29, 2009 Author Share Posted May 29, 2009 I was playing around with reading the memory of a process but I gave up becouse it uses DMA, obviously I have searched for pointer etc, but the address I needed seems to do not have one, I found then a static address with opcode (something like eax+08) and ''eax+08'' is the address I was searching, so I thought the only way to find that addres was to know the value of eax.You are not answering my questions. Why?Better understanding of the subject is needed and discussion is a great way to learn. But what are we discussing? ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
oMBRa Posted May 29, 2009 Share Posted May 29, 2009 I think I have confused ''in another thread'' with ''in another process'', I should have posted this question in the monoceres's thread you was referring for in the first post Link to comment Share on other sites More sharing options...
trancexx Posted May 30, 2009 Author Share Posted May 30, 2009 I think I have confused ''in another thread'' with ''in another process'', I should have posted this question in the monoceres's thread you was referring for in the first postThat's ok. Anyways... I did another modifications to the code (was bored) and got almost a classic UDF. This function will do this: Call function InternetCheckConnection with google.comIn case of success set label data to "ONLINE"Also set online icon to icon controlIn case of failure will call InternetCheckConnection with microsoft.comIn case of success will do as above (2. and 3.)In case of failure set label data to "OFFLINE" Set offline icon to icon controlRepeat all that in adjustable intervals (3 sec by default)All is done in another thread and our main thread is not affected by events from this new one. Script: expandcollapse popup#include <Memory.au3> Opt("MustDeclareVars", 1) Global Const $WM_SETTEXT = 12 Global Const $STM_SETIMAGE = 370 Global $hGui = GUICreate("Internet status", 350, 270) Global $hLabel = GUICtrlCreateLabel("", 18, 250, 36, 14) GUICtrlSetFont(-1, 7, 400, 1, "Trebuchet MS") GUICtrlSetColor(-1, 0x0000CC) Global $hIcon = GUICtrlCreateIcon("", "", 20, 220, 32, 32) GUICtrlSetTip(-1, "Status") Global $hButton = GUICtrlCreateButton("MsgBox", 125, 220, 100, 25) _InternetCheckConnectionInAnotherThread($hLabel, $hIcon) GUISetState() While 1 Switch GUIGetMsg() Case - 3 Exit Case $hButton MsgBox(0, "Title", "Text", 0, $hGui) EndSwitch WEnd Func _InternetCheckConnectionInAnotherThread($hLabelControl, $hIconControl, $iInterval = 3000, $sURL1 = "http://www.google.com", $sURL2 = "http://microsoft.com") Local $tDataBuffer = DllStructCreate("wchar URL1[512];" & _ "wchar URL2[512];" & _ "wchar OFF[8];" & _ "wchar ON[7]") DllStructSetData($tDataBuffer, "URL1", $sURL1) DllStructSetData($tDataBuffer, "URL2", $sURL2) DllStructSetData($tDataBuffer, "OFF", "OFFLINE") DllStructSetData($tDataBuffer, "ON", " ONLINE") Local $InternetCheckConnectionW = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("wininet.dll"), "str", "InternetCheckConnectionW") $InternetCheckConnectionW = $InternetCheckConnectionW[0] Local $SendMessageW = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("user32.dll"), "str", "SendMessageW") $SendMessageW = $SendMessageW[0] Local $Sleep = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("kernel32.dll"), "str", "Sleep") $Sleep = $Sleep[0] Local $CodeBuffer = DllStructCreate("byte[512]") ; deliberately much more than enough Local $RemoteCode = _MemVirtualAlloc(0, DllStructGetSize($CodeBuffer), $MEM_COMMIT, $PAGE_EXECUTE_READWRITE) Local $hIconON = _GetIcon("shell32.dll", 10, 32) Local $hIconOFF = _GetIcon("shell32.dll", 11, 32) DllStructSetData($CodeBuffer, 1, _ "0x" & _ "68" & SwapEndian(0) & _ ; push Reserved "68" & SwapEndian(1) & _ ; push Flag "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "URL1")) & _ ; push URL1 string "B8" & SwapEndian($InternetCheckConnectionW) & _ ; mov eax, InternetCheckConnectionW "FFD0" & _ ; call eax "3D" & SwapEndian(0) & _ ; cmp eax, 00000000 "74" & Hex(68, 2) & _ ; je 68 bytes "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "ON")) & _ ; push string "68" & SwapEndian(0) & _ ; push wParam "68" & SwapEndian($WM_SETTEXT) & _ ; push WM_SETTEXT "68" & SwapEndian(GUICtrlGetHandle($hLabelControl)) & _ ; push HANDLE "E8" & SwapEndian($SendMessageW - ($RemoteCode + 54)) & _ ; call function SendMessageW "68" & SwapEndian($hIconON) & _ ; push hendle to the icon "68" & SwapEndian(2) & _ ; push IMAGE_ICON "68" & SwapEndian($STM_SETIMAGE) & _ ; push STM_SETIMAGE "68" & SwapEndian(GUICtrlGetHandle($hIconControl)) & _ ; push HANDLE "B8" & SwapEndian($SendMessageW) & _ ; mov eax, SendMessageW "FFD0" & _ ; call eax "68" & SwapEndian($iInterval) & _ ; push Milliseconds "E8" & SwapEndian($Sleep - ($RemoteCode + 91)) & _ ; call function Sleep "E9" & SwapEndian(-96) & _ ; jump [start address] "C3" & _ ; ret "68" & SwapEndian(0) & _ ; push Reserved "68" & SwapEndian(1) & _ ; push Flag "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "URL2")) & _ ; push URL2 string "B8" & SwapEndian($InternetCheckConnectionW) & _ ; mov eax, InternetCheckConnectionW "FFD0" & _ ; call eax "3D" & SwapEndian(0) & _ ; cmp eax, 00000000 "74" & Hex(68, 2) & _ ; je 68 bytes "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "ON")) & _ ; push string "68" & SwapEndian(0) & _ ; push wParam "68" & SwapEndian($WM_SETTEXT) & _ ; push WM_SETTEXT "68" & SwapEndian(GUICtrlGetHandle($hLabelControl)) & _ ; push HANDLE "E8" & SwapEndian($SendMessageW - ($RemoteCode + 151)) & _ ; call function SendMessageW "68" & SwapEndian($hIconON) & _ ; push hendle to the icon "68" & SwapEndian(2) & _ ; push IMAGE_ICON "68" & SwapEndian($STM_SETIMAGE) & _ ; push STM_SETIMAGE "68" & SwapEndian(GUICtrlGetHandle($hIconControl)) & _ ; push HANDLE "B8" & SwapEndian($SendMessageW) & _ ; mov eax, SendMessageW "FFD0" & _ ; call eax "68" & SwapEndian($iInterval) & _ ; push Milliseconds "E8" & SwapEndian($Sleep - ($RemoteCode + 188)) & _ ; call function Sleep "E9" & SwapEndian(-193) & _ ; jump [start address] "C3" & _ ; ret "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "OFF")) & _ ; push string "68" & SwapEndian(0) & _ ; push wParam "68" & SwapEndian($WM_SETTEXT) & _ ; push WM_SETTEXT "68" & SwapEndian(GUICtrlGetHandle($hLabelControl)) & _ ; push HANDLE "E8" & SwapEndian($SendMessageW - ($RemoteCode + 219)) & _ ; call function SendMessageW "68" & SwapEndian($hIconOFF) & _ ; push hendle to the icon "68" & SwapEndian(2) & _ ; push IMAGE_ICON "68" & SwapEndian($STM_SETIMAGE) & _ ; push STM_SETIMAGE "68" & SwapEndian(GUICtrlGetHandle($hIconControl)) & _ ; push HANDLE "B8" & SwapEndian($SendMessageW) & _ ; mov eax, SendMessageW "FFD0" & _ ; call eax "68" & SwapEndian($iInterval) & _ ; push Milliseconds "E8" & SwapEndian($Sleep - ($RemoteCode + 256)) & _ ; call function Sleep "E9" & SwapEndian(-261) & _ ; jump [start address] "C3" _ ; ret ) _MemMoveMemory(DllStructGetPtr($CodeBuffer), $RemoteCode, DllStructGetSize($CodeBuffer)) Local $aCall = DllCall("kernel32.dll", "ptr", "CreateThread", "ptr", 0, "dword", 0, "ptr", $RemoteCode, "ptr", 0, "dword", 0, "dword*", 0) Local $hThread = $aCall[0] Return $hThread EndFunc ;==>_InternetCheckConnectionInAnotherThread Func SwapEndian($hex) Return Hex(Binary($hex)) EndFunc ;==>SwapEndian Func _GetIcon($sModule, $iName, $iSize) ; for loaded modules Local $a_hCall = DllCall("kernel32.dll", "hwnd", "GetModuleHandleW", "wstr", $sModule) Local $hModule = $a_hCall[0] $a_hCall = DllCall("user32.dll", "hwnd", "LoadImageW", _ "hwnd", $hModule, _ "int", $iName, _ "dword", 1, _ ; IMAGE_ICON "int", $iSize, _ "int", $iSize, _ "dword", 0) ; LR_DEFAULTCOLOR Local $hIcon = $a_hCall[0] Return SetError(0, 0, $hIcon) EndFunc ;==>_GetIcon If someone would have any troubles please post. Same thing with any leak (memory or gdi objects). I'm doing call eax so it should be easy to clean if necessary. I left everything adjustable. ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
ZeronesS Posted June 4, 2009 Share Posted June 4, 2009 Hey trance.. awesome function! But could you change it somehow, so that I can use it if I just got an Ip-adresse? So for autoitscript.com -> _InternetCheckConnectionInAnotherThread($hLabel, $hIcon, 3000, "87.106.244.38").. I would try to change it, but I honestly dont get it at all xD Im pretty new here.. Link to comment Share on other sites More sharing options...
Manko Posted June 4, 2009 Share Posted June 4, 2009 Hi!Great work!If I wanna find opcodes I usually use this small app:http://www.openrce.org/downloads/details/170/RTA/Manko Yes i rush things! (I sorta do small bursts inbetween doing nothing.) Things I have rushed and reRushed:* ProDLLer - Process manager - Unload viri modules (dll) and moore...* _WinAPI_ProcessListOWNER_WTS() - Get Processes owner list...* _WinAPI_GetCommandLineFromPID() - Get commandline of target process...* _WinAPI_ThreadsnProcesses() Much info if expanded - optional Indented "Parent/Child"-style Processlist. Moore to come... eventually... Link to comment Share on other sites More sharing options...
trancexx Posted June 4, 2009 Author Share Posted June 4, 2009 Hey trance.. awesome function! But could you change it somehow, so that I can use it if I just got an Ip-adresse? So for autoitscript.com -> _InternetCheckConnectionInAnotherThread($hLabel, $hIcon, 3000, "87.106.244.38").. I would try to change it, but I honestly dont get it at all xD Im pretty new here..I'm sure you will catch it very soon. Regarding your question, like this: _InternetCheckConnectionInAnotherThread($hLabel, $hIcon, 3000, "http://87.106.244.38") @Manko, nice tool. Thanks for the info. ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
Zedna Posted June 5, 2009 Share Posted June 5, 2009 Looks nice! Also consider calling it this way (without icon only with label updating) _InternetCheckConnectionInAnotherThread($hLabel, 0, 3000, "http://87.106.244.38") Resources UDF ResourcesEx UDF AutoIt Forum Search Link to comment Share on other sites More sharing options...
trancexx Posted June 5, 2009 Author Share Posted June 5, 2009 (edited) Thanks Zedna.I'm doing one thing wrong with this function.$tDataBuffer is declared as a local variable and created thread is global. So when the function is left it is only a matter of time before data from that buffer gets corrupted. $tDataBuffer must be global variable. $tDataBuffer goes in ByRef. This is fixed code:expandcollapse popup#include <Memory.au3> Opt("MustDeclareVars", 1) Global Const $WM_SETTEXT = 12 Global Const $STM_SETIMAGE = 370 Global $hGui = GUICreate("Internet status", 350, 270) Global $hLabel = GUICtrlCreateLabel("STAND BY", 18, 250, 42, 14) ; can be empty string of course GUICtrlSetFont(-1, 7, 400, 1, "Trebuchet MS") GUICtrlSetColor(-1, 0x0000CC) Global $hIcon = GUICtrlCreateIcon("", "", 20, 220, 32, 32) GUICtrlSetTip(-1, "Status") Global $hButton = GUICtrlCreateButton("MsgBox", 125, 220, 100, 25) Global $tDataBuffer Global $hTread = _InternetCheckConnectionInAnotherThread($hLabel, $hIcon, $tDataBuffer) GUISetState() While 1 Switch GUIGetMsg() Case - 3 Exit Case $hButton MsgBox(0, "Title", "Text", 0, $hGui) EndSwitch WEnd Func _InternetCheckConnectionInAnotherThread($hLabelControl, $hIconControl, ByRef $tDataBuffer, $iInterval = 3000, $sURL1 = "http://www.google.com", $sURL2 = "http://www.microsoft.com") $tDataBuffer = DllStructCreate("wchar URL1[64];" & _ "wchar URL2[64];" & _ "wchar OFF[8];" & _ "wchar ON[8]") DllStructSetData($tDataBuffer, "URL1", $sURL1) DllStructSetData($tDataBuffer, "URL2", $sURL2) DllStructSetData($tDataBuffer, "OFF", "OFFLINE") DllStructSetData($tDataBuffer, "ON", " ONLINE") Local $aInternetCheckConnectionW = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("wininet.dll"), "str", "InternetCheckConnectionW") Local $pInternetCheckConnectionW = $aInternetCheckConnectionW[0] Local $aSendMessageW = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("user32.dll"), "str", "SendMessageW") Local $pSendMessageW = $aSendMessageW[0] Local $aSleep = DllCall("kernel32.dll", "ptr", "GetProcAddress", "ptr", _WinAPI_GetModuleHandle("kernel32.dll"), "str", "Sleep") Local $pSleep = $aSleep[0] Local $tCodeBuffer = DllStructCreate("byte[512]") ; deliberately much more than enough Local $RemoteCode = _MemVirtualAlloc(0, DllStructGetSize($tCodeBuffer), $MEM_COMMIT, $PAGE_EXECUTE_READWRITE) Local $hIconON = 0 Local $hIconOFF = 0 If $hIconControl Then $hIconON = _GetIcon("shell32.dll", 10, 32) $hIconOFF = _GetIcon("shell32.dll", 11, 32) EndIf DllStructSetData($tCodeBuffer, 1, _ "0x" & _ "68" & SwapEndian(0) & _ ; push Reserved "68" & SwapEndian(1) & _ ; push Flag "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "URL1")) & _ ; push URL1 string "B8" & SwapEndian($pInternetCheckConnectionW) & _ ; mov eax, InternetCheckConnectionW "FFD0" & _ ; call eax "3D" & SwapEndian(0) & _ ; cmp eax, 00000000 "74" & Hex(68, 2) & _ ; je 68 bytes "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "ON")) & _ ; push string "68" & SwapEndian(0) & _ ; push wParam "68" & SwapEndian($WM_SETTEXT) & _ ; push WM_SETTEXT "68" & SwapEndian(GUICtrlGetHandle($hLabelControl)) & _ ; push HANDLE "E8" & SwapEndian($pSendMessageW - ($RemoteCode + 54)) & _ ; call function SendMessageW "68" & SwapEndian($hIconON) & _ ; push hendle to the icon "68" & SwapEndian(2) & _ ; push IMAGE_ICON "68" & SwapEndian($STM_SETIMAGE) & _ ; push STM_SETIMAGE "68" & SwapEndian(GUICtrlGetHandle($hIconControl)) & _ ; push HANDLE "B8" & SwapEndian($pSendMessageW) & _ ; mov eax, SendMessageW "FFD0" & _ ; call eax "68" & SwapEndian($iInterval) & _ ; push Milliseconds "E8" & SwapEndian($pSleep - ($RemoteCode + 91)) & _ ; call function Sleep "E9" & SwapEndian(-96) & _ ; jump [start address] "C3" & _ ; ret "68" & SwapEndian(0) & _ ; push Reserved "68" & SwapEndian(1) & _ ; push Flag "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "URL2")) & _ ; push URL2 string "B8" & SwapEndian($pInternetCheckConnectionW) & _ ; mov eax, InternetCheckConnectionW "FFD0" & _ ; call eax "3D" & SwapEndian(0) & _ ; cmp eax, 00000000 "74" & Hex(68, 2) & _ ; je 68 bytes "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "ON")) & _ ; push string "68" & SwapEndian(0) & _ ; push wParam "68" & SwapEndian($WM_SETTEXT) & _ ; push WM_SETTEXT "68" & SwapEndian(GUICtrlGetHandle($hLabelControl)) & _ ; push HANDLE "E8" & SwapEndian($pSendMessageW - ($RemoteCode + 151)) & _ ; call function SendMessageW "68" & SwapEndian($hIconON) & _ ; push hendle to the icon "68" & SwapEndian(2) & _ ; push IMAGE_ICON "68" & SwapEndian($STM_SETIMAGE) & _ ; push STM_SETIMAGE "68" & SwapEndian(GUICtrlGetHandle($hIconControl)) & _ ; push HANDLE "B8" & SwapEndian($pSendMessageW) & _ ; mov eax, SendMessageW "FFD0" & _ ; call eax "68" & SwapEndian($iInterval) & _ ; push Milliseconds "E8" & SwapEndian($pSleep - ($RemoteCode + 188)) & _ ; call function Sleep "E9" & SwapEndian(-193) & _ ; jump [start address] "C3" & _ ; ret "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "OFF")) & _ ; push string "68" & SwapEndian(0) & _ ; push wParam "68" & SwapEndian($WM_SETTEXT) & _ ; push WM_SETTEXT "68" & SwapEndian(GUICtrlGetHandle($hLabelControl)) & _ ; push HANDLE "E8" & SwapEndian($pSendMessageW - ($RemoteCode + 219)) & _ ; call function SendMessageW "68" & SwapEndian($hIconOFF) & _ ; push hendle to the icon "68" & SwapEndian(2) & _ ; push IMAGE_ICON "68" & SwapEndian($STM_SETIMAGE) & _ ; push STM_SETIMAGE "68" & SwapEndian(GUICtrlGetHandle($hIconControl)) & _ ; push HANDLE "B8" & SwapEndian($pSendMessageW) & _ ; mov eax, SendMessageW "FFD0" & _ ; call eax "68" & SwapEndian($iInterval) & _ ; push Milliseconds "E8" & SwapEndian($pSleep - ($RemoteCode + 256)) & _ ; call function Sleep "E9" & SwapEndian(-261) & _ ; jump [start address] "C3" _ ; ret ) _MemMoveMemory(DllStructGetPtr($tCodeBuffer), $RemoteCode, DllStructGetSize($tCodeBuffer)) Local $aCall = DllCall("kernel32.dll", "ptr", "CreateThread", "ptr", 0, "dword", 0, "ptr", $RemoteCode, "ptr", 0, "dword", 0, "dword*", 0) Local $hThread = $aCall[0] Return $hThread EndFunc ;==>_InternetCheckConnectionInAnotherThread Func SwapEndian($iValue) Return Hex(Binary($iValue)) EndFunc ;==>SwapEndian Func _GetIcon($sModule, $iName, $iSize) ; for loaded modules Local $a_hCall = DllCall("kernel32.dll", "hwnd", "GetModuleHandleW", "wstr", $sModule) Local $hModule = $a_hCall[0] $a_hCall = DllCall("user32.dll", "hwnd", "LoadImageW", _ "hwnd", $hModule, _ "int", $iName, _ "dword", 1, _ ; IMAGE_ICON "int", $iSize, _ "int", $iSize, _ "dword", 0) ; LR_DEFAULTCOLOR Local $hIcon = $a_hCall[0] Return SetError(0, 0, $hIcon) EndFunc ;==>_GetIconedit: null terminator . It's ok now. Edited June 5, 2009 by trancexx ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
trancexx Posted October 5, 2009 Author Share Posted October 5, 2009 I'm using this function in something I'm working on lately and there I noticed that if the system goes offline after some period of online status it usually takes rather long time for this function to process the change.This is due to the fact that in that case there is no response from the address (pinged) and InternetCheckConnection function waits for the time-out. Default value on my system is like 60 sec or something.Solution is actually very simple; adjusting timeout to a reasonable value. That value could be for example 3 sec.It can be done fom within assembly or using standard methods like in example below. Call to InternetSetOption is done. I'm using NULL value for the inernet handle and that is changing default timeout value for all internet handles of my process including internal one of InternetCheckConnection function.Function with intervention and example, naturally:expandcollapse popupOpt("MustDeclareVars", 1) Global $hGui = GUICreate("Internet status", 350, 270) GUISetBkColor(0xFFFFFF, $hGui) Global $hLabel = GUICtrlCreateLabel("STAND BY", 18, 250, 42, 14) ; can be empty string of course GUICtrlSetFont(-1, 7, 400, 1, "Trebuchet MS") GUICtrlSetColor(-1, 0x0000CC) Global $hIcon = GUICtrlCreateIcon("", "", 20, 220, 32, 32) GUICtrlSetTip(-1, "Status") Global $hButton = GUICtrlCreateButton("MsgBox", 125, 220, 100, 25) Global $tDataBuffer Global $hTread = _InternetCheckConnectionInAnotherThread($hLabel, $hIcon, $tDataBuffer) GUISetState() While 1 Switch GUIGetMsg() Case - 3 Exit Case $hButton MsgBox(0, "Title", "Text", 0, $hGui) EndSwitch WEnd Func _InternetCheckConnectionInAnotherThread($hLabelControl, $hIconControl, ByRef $tDataBuffer, $iInterval = 3000, $sURL1 = "http://www.google.com", $sURL2 = "http://www.microsoft.com") DllCall("wininet.dll", "int", "InternetSetOptionW", _ "ptr", 0, _ "dword", 2, _ ; INTERNET_OPTION_CONNECT_TIMEOUT "dword*", 3000, _ ; 3s "dword", 4) $tDataBuffer = DllStructCreate("wchar URL1[64];" & _ "wchar URL2[64];" & _ "wchar OFF[8];" & _ "wchar ON[8]") DllStructSetData($tDataBuffer, "URL1", $sURL1) DllStructSetData($tDataBuffer, "URL2", $sURL2) DllStructSetData($tDataBuffer, "OFF", "OFFLINE") DllStructSetData($tDataBuffer, "ON", " ONLINE") Local $aCall = DllCall("kernel32.dll", "ptr", "GetModuleHandleW", "wstr", "user32.dll") If @error Or Not $aCall[0] Then Return SetError(1, 0, "") EndIf Local $hHandle = $aCall[0] Local $aSendMessageW = DllCall("kernel32.dll", "ptr", "GetProcAddress", _ "ptr", $hHandle, _ "str", "SendMessageW") If @error Or Not $aCall[0] Then Return SetError(2, 0, "") EndIf Local $pSendMessageW = $aSendMessageW[0] $aCall = DllCall("kernel32.dll", "ptr", "GetModuleHandleW", "wstr", "kernel32.dll") If @error Or Not $aCall[0] Then Return SetError(3, 0, "") EndIf $hHandle = $aCall[0] Local $aSleep = DllCall("kernel32.dll", "ptr", "GetProcAddress", _ "ptr", $hHandle, _ "str", "Sleep") If @error Or Not $aCall[0] Then Return SetError(4, 0, "") EndIf Local $pSleep = $aSleep[0] $aCall = DllCall("kernel32.dll", "ptr", "GetModuleHandleW", "wstr", "wininet.dll") If @error Or Not $aCall[0] Then Return SetError(5, 0, "") EndIf $hHandle = $aCall[0] Local $aInternetCheckConnectionW = DllCall("kernel32.dll", "ptr", "GetProcAddress", _ "ptr", $hHandle, _ "str", "InternetCheckConnectionW") If @error Or Not $aCall[0] Then Return SetError(6, 0, "") EndIf Local $pInternetCheckConnectionW = $aInternetCheckConnectionW[0] $aCall = DllCall("kernel32.dll", "ptr", "VirtualAlloc", _ "ptr", 0, _ "dword", 512, _ "dword", 4096, _ ; MEM_COMMIT "dword", 64) ; PAGE_EXECUTE_READWRITE If @error Or Not $aCall[0] Then Return SetError(7, 0, "") EndIf Local $pRemoteCode = $aCall[0] Local $tCodeBuffer = DllStructCreate("byte[512]", $pRemoteCode) Local $hIconON = 0 Local $hIconOFF = 0 Local $hIconON = 0 Local $hIconOFF = 0 If $hIconControl Then $hIconON = _GetIcon("shell32.dll", 10, 32) $hIconOFF = _GetIcon("shell32.dll", 11, 32) EndIf DllStructSetData($tCodeBuffer, 1, _ "0x" & _ "68" & SwapEndian(0) & _ ; push Reserved "68" & SwapEndian(1) & _ ; push Flag "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "URL1")) & _ ; push URL1 string "B8" & SwapEndian($pInternetCheckConnectionW) & _ ; mov eax, InternetCheckConnectionW "FFD0" & _ ; call eax "3D" & SwapEndian(0) & _ ; cmp eax, 00000000 "74" & Hex(68, 2) & _ ; je 68 bytes "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "ON")) & _ ; push string "68" & SwapEndian(0) & _ ; push wParam "68" & SwapEndian(12) & _ ; push WM_SETTEXT "68" & SwapEndian(GUICtrlGetHandle($hLabelControl)) & _ ; push HANDLE "E8" & SwapEndian($pSendMessageW - ($pRemoteCode + 54)) & _ ; call function SendMessageW "68" & SwapEndian($hIconON) & _ ; push hendle to the icon "68" & SwapEndian(2) & _ ; push IMAGE_ICON "68" & SwapEndian(370) & _ ; push STM_SETIMAGE "68" & SwapEndian(GUICtrlGetHandle($hIconControl)) & _ ; push HANDLE "B8" & SwapEndian($pSendMessageW) & _ ; mov eax, SendMessageW "FFD0" & _ ; call eax "68" & SwapEndian($iInterval) & _ ; push Milliseconds "E8" & SwapEndian($pSleep - ($pRemoteCode + 91)) & _ ; call function Sleep "E9" & SwapEndian(-96) & _ ; jump [start address] "C3" & _ ; ret "68" & SwapEndian(0) & _ ; push Reserved "68" & SwapEndian(1) & _ ; push Flag "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "URL2")) & _ ; push URL2 string "B8" & SwapEndian($pInternetCheckConnectionW) & _ ; mov eax, InternetCheckConnectionW "FFD0" & _ ; call eax "3D" & SwapEndian(0) & _ ; cmp eax, 00000000 "74" & Hex(68, 2) & _ ; je 68 bytes "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "ON")) & _ ; push string "68" & SwapEndian(0) & _ ; push wParam "68" & SwapEndian(12) & _ ; push WM_SETTEXT "68" & SwapEndian(GUICtrlGetHandle($hLabelControl)) & _ ; push HANDLE "E8" & SwapEndian($pSendMessageW - ($pRemoteCode + 151)) & _ ; call function SendMessageW "68" & SwapEndian($hIconON) & _ ; push hendle to the icon "68" & SwapEndian(2) & _ ; push IMAGE_ICON "68" & SwapEndian(370) & _ ; push STM_SETIMAGE "68" & SwapEndian(GUICtrlGetHandle($hIconControl)) & _ ; push HANDLE "B8" & SwapEndian($pSendMessageW) & _ ; mov eax, SendMessageW "FFD0" & _ ; call eax "68" & SwapEndian($iInterval) & _ ; push Milliseconds "E8" & SwapEndian($pSleep - ($pRemoteCode + 188)) & _ ; call function Sleep "E9" & SwapEndian(-193) & _ ; jump [start address] "C3" & _ ; ret "68" & SwapEndian(DllStructGetPtr($tDataBuffer, "OFF")) & _ ; push string "68" & SwapEndian(0) & _ ; push wParam "68" & SwapEndian(12) & _ ; push WM_SETTEXT "68" & SwapEndian(GUICtrlGetHandle($hLabelControl)) & _ ; push HANDLE "E8" & SwapEndian($pSendMessageW - ($pRemoteCode + 219)) & _ ; call function SendMessageW "68" & SwapEndian($hIconOFF) & _ ; push hendle to the icon "68" & SwapEndian(2) & _ ; push IMAGE_ICON "68" & SwapEndian(370) & _ ; push STM_SETIMAGE "68" & SwapEndian(GUICtrlGetHandle($hIconControl)) & _ ; push HANDLE "B8" & SwapEndian($pSendMessageW) & _ ; mov eax, SendMessageW "FFD0" & _ ; call eax "68" & SwapEndian($iInterval) & _ ; push Milliseconds "E8" & SwapEndian($pSleep - ($pRemoteCode + 256)) & _ ; call function Sleep "E9" & SwapEndian(-261) & _ ; jump [start address] "C3" _ ; ret ) $aCall = DllCall("kernel32.dll", "ptr", "CreateThread", _ "ptr", 0, _ "dword", 0, _ "ptr", $pRemoteCode, _ "ptr", 0, _ "dword", 0, _ "dword*", 0) If @error Or Not $aCall[0] Then Return SetError(8, 0, "") EndIf Local $hThread = $aCall[0] Return $hThread EndFunc ;==>_InternetCheckConnectionInAnotherThread Func SwapEndian($iValue) Return Hex(BinaryMid($iValue, 1, 4)) EndFunc ;==>SwapEndian Func _GetIcon($sModule, $iName, $iSize) ; for loaded modules Local $a_hCall = DllCall("kernel32.dll", "hwnd", "GetModuleHandleW", "wstr", $sModule) Local $hModule = $a_hCall[0] $a_hCall = DllCall("user32.dll", "hwnd", "LoadImageW", _ "ptr", $hModule, _ "int", $iName, _ "dword", 1, _ ; IMAGE_ICON "int", $iSize, _ "int", $iSize, _ "dword", 0) ; LR_DEFAULTCOLOR Local $hIcon = $a_hCall[0] Return SetError(0, 0, $hIcon) EndFunc ;==>_GetIconI tested on XP and works well. Label and icon are updated to 'offline' wihin timeout value for mentioned case. ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
Skrip Posted October 5, 2009 Share Posted October 5, 2009 (edited) I tested the script currently in the first post, and the one before this post.Both scripts fail on startup.>"C:\Program Files (x86)\AutoIt3\SciTE\AutoIt3Wrapper\AutoIt3Wrapper.exe" /run /prod /ErrorStdOut /in "C:\Users\\Scripting\test.au3" /autoit3dir "C:\Program Files (x86)\AutoIt3" /UserParams +>16:13:34 Starting AutoIt3Wrapper v.2.0.0.1 Environment(Language:0409 Keyboard:00000409 OS:WIN_VISTA/ CPU:X64 OS:X64)>Running AU3Check (1.54.14.0) from:C:\Program Files (x86)\AutoIt3+>16:13:34 AU3Check ended.rc:0>Running:(3.3.0.0):C:\Program Files (x86)\AutoIt3\autoit3_x64.exe "C:\Users\\Scripting\test.au3" !>16:13:35 AutoIT3.exe ended.rc:-1073741819+>16:13:36 AutoIt3Wrapper Finished>Exit code: -1073741819 Time: 2.190Same error for both.Win 7 - 64-bit Edited October 5, 2009 by Skrip [left][sub]We're trapped in the belly of this horrible machine.[/sub][sup]And the machine is bleeding to death...[/sup][sup][/sup][/left] Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now