Home · Authors · Recent · News · Mirrors · FAQ · Feedback

in  
Roman Plessl > Win32-Monitoring-DLLInject-0.05 > Win32::Monitoring::DLLInject

Download:
Win32-Monitoring-DLLInject-0.05.tar.gz

Dependencies

Annotate this POD

CPAN RT

Open  0
Report a bug
Module Version: 0.05   Source   Latest Release: Win32-Monitoring-DLLInject-0.06

NAME ^

Win32::Monitoring::DLLInject - Injects Win32 programs with overloaded functions

SYNOPSIS ^

  use Win32::Monitoring::DLLInject qw(new UnHook StatMailslot GetMessage);

  my $handle = new Win32::Monitoring::DLLInject($dll_path, $process_id);

  while(1){
        sleep(1);
        my $msg_cnt = $handle->StatMailSlot();

        for (my $i = 0; $i < $msg_cnt; $i++) {
           print $handle->GetMessage(), "\n";
        }

  }
  $handle->UnHook();

DESCRIPTION ^

The Win32::Monitoring::DLLInject module provides a perl object to automatically handles and injects a Windows program or a DLL with some overloading (self written) functional code.

Additional a communication infrastructure is set up using a Windows mailslot to return information like status information or time measurements to the callee.

As a bonus there is an example framework for a DLL implementation included, such that you can implement a nice time measuring monitoring program for any Win32 application without requiring further modules.

$handle = new($dll_path,$process_id)

Returns an handle to the Win32::Monitoring::DLLInject object to handle the overloaded (hooked) program.

$handle->StatMailSlot()

Returns the amount of messages in the internal message store (mailslot).

$handle->GetMessage()

Returns the content of the first message in the message store.

$handle->Unhook()

Reverts the hooking of the program injecting.

EXAMPLE

  #! perl

  use Win32::OLE;
  use Win32::Monitoring::DLLInject;
  use Data::Dumper;

  my $WshShell = Win32::OLE->new("WScript.Shell");
  $WshShell->Run("notepad", 5);

  sleep(1);

  my %processes;

  for my $line (`tasklist /v /nh`) {
     chomp($line);
     if ( $line ne "" ) {
        my $pid = substr($line, 26, 8);  # extract PID
        $pid =~ s/^ *([0-9]+)$/$1/g;     # remove leading spaces

        my $proc = substr($line, 0, 24); # extract process
        $proc =~ s/\s\s\s*/ /g;          # change multiple spaces to single spaces
        $proc =~ s/\s$//g;               # remove trailing space
        $proc =~ s/ N\/A$//g;            # remove trailing N/A

        $processes{$proc} = $pid;
      }
  }

  my $P = Win32::Monitoring::DLLInject->new($processes{'notepad.exe'},'Y:\\perl\\Win32-Monitoring-DLLInject\\HookedFunctions.dll');

  print Dumper($P);

  while(1)
  {
       sleep(1);
       my $msg_cnt = $P->StatMailSlot();
       for (my $i = 0; $i < $msg_cnt; $i++) {
           print $P->GetMessage(), "\n";
       }
  }

SEE ALSO ^

Webpage: <http://oss.oetiker.ch/optools/>

COPYRIGHT ^

Copyright (c) 2008 by OETIKER+PARTNER AG. All rights reserved.

LICENSE ^

Win32::Monitoring::DLLInject is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

Win32::Monitoring::DLLInject is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with Win32::Monitoring::WindowPing. If not, see <http://www.gnu.org/licenses/>.

AUTHORS ^

Roman Plessl, Tobi Oetiker

60287 Uploads, 19256 Distributions 76906 Modules, 7863 Uploaders
hosted by weblocal.ca
Find. Rate. Share.