[Release] Source Detect Hidetoolz by giangho+

heroes1412

New Member
Joined
May 17, 2009
Messages
18
Reaction score
1
Code:
#define WINNT 1 // Define for using EndTask API

#include <windows.h>
#include <conio.h>
#include <stdio.h>

struct ProcInfo {
    HWND hWnd;
    DWORD dwProcId;
    CHAR szTitle[255];
    CHAR szClass[255];
};

void main()
{
    DWORD dwProcId;
    HWND hWnd;
    ProcInfo mProc[255];
    int mIdList[255];
    int nCount = 0;
    int nPID = 0;
    int i = 0;

    printf("DETECT HIDDEN PROCESS OF HIDE TOOLZ VER 2.X\n");
    printf("Author: gianghoplus [[email protected]]\n");
    printf("Copyright (c) 2010 www.virusvn.com\n\n");

    hWnd = FindWindow(0,0);

    while( hWnd > 0)
    {
        if (GetParent(hWnd) == 0) // && IsWindowVisible(hWnd)
        {
            GetWindowThreadProcessId(hWnd, &dwProcId);

            // Kiem tra xem OpenProcess co bi chan bang Hooking khong ?
            if (!OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwProcId))
            {
                mProc[nCount].hWnd = hWnd;
                mProc[nCount].dwProcId = dwProcId ;

                GetWindowTextA(hWnd, mProc[nCount].szTitle, 255);
                GetClassNameA(hWnd, mProc[nCount].szClass, 255);

                printf("%2d. ProcessId: %d\n   - Class Name: %s\n   - Window Title: %s\n",
                    nCount+1, dwProcId, mProc[nCount].szClass, mProc[nCount].szTitle);
                printf("   - Window Handle: 0x%X\n   - Window State: %s\n\n",
                    hWnd, IsWindowVisible(hWnd) ? "Shown" : "Hidden");
                nCount++;

                for (i = 0; i < nPID; i++)
                    if (dwProcId == mIdList[i])  // Kiem tra co chua ?
                        break;

                if (i == nPID)
                     mIdList[nPID++] = dwProcId; // Cho vao danh sach
            }
        }
        hWnd = GetWindow(hWnd, GW_HWNDNEXT); // Chuyen sang cua so ke tiep
    }
   
    printf("\n=> Detected %d windows of %d hidden process.\n", nCount, nPID);

    if (nCount > 0)
    {
        printf("\n<?> ARE YOU WANT TO TERMINATE ALL (Y/N): ");

        CHAR c = getchar();

        if (c == 'Y' || c == 'y')
        {
            for (i = 0; i < nCount; i++)
            {
                if (IsWindow(mProc[i].hWnd)) // Cua so nay con ton tai khong ?
                {
                    // Thu tat lan luot bang 4 buoc ?
                    SendMessageA(mProc[i].hWnd, WM_CLOSE, 0, 0);    // 1. Close
                    SendMessageA(mProc[i].hWnd, WM_QUIT, 0, 0);     // 2. Quit
                    SendMessageA(mProc[i].hWnd, WM_DESTROY, 0, 0);  // 3. Destroy
                    EndTask(mProc[i].hWnd, FALSE, TRUE);            // 4. EndTask
                   
                    printf("\n [+] Found Window Handle 0x%08X of ProcessId %4d. Terminate: ",  
                        mProc[i].hWnd, mProc[i].dwProcId);
                    printf( IsWindow(mProc[i].hWnd) ? "Error" : "OK" ); // Kiem tra lai ket qua ?
                }
            }
        }
    }

    printf("\n\nVISIT TO MY WEBSITES:\n\n"); // Tranh thu quang cao ti ^^!
    printf(" [+] http://forums.giangho.tv\n [+] http://auto.giangho.tv\n [+] http://www.vn-soft.net");
    getch();
}
Nguồn + screenshot:
detecthidetoolz.png