| blob | 87df9e6fdca7abd1ed7184d35b188fa0c3e043a1 |
1 {***************************************************************\r
2 *\r
3 * Program Name: KolPeEdit\r
4 * Purpose :Portable Executable File Control Demo\r
5 * Enum Windows Demo\r
6 * Small analytical tool for dependancies etc.\r
7 * Author :Thaddy de Koning\r
8 * The control itself is based on code by\r
9 * (Cr)Sergi /e!MiNENCE team\r
10 * History :Version 1.00m 31-10-2002\r
11 * Remarks :As usual in my case, no mck\r
12 * This is just a viewer, but the PE control\r
13 * allows write operations.\r
14 * This is risky, so i didn't implement it here.\r
15 * If you know what you're doing, you know where to look,\r
16 * if you don't, you don't :)\r
17 ****************************************************************}\r
18 \r
19 program kolpeedit;\r
20 {Created by KOL project Expert on:31-10-2002 11:59:09}\r
21 \r
22 uses\r
23 Windows,\r
24 Messages,\r
25 Kol,\r
26 KOLPEEditor in 'KOLPEEditor.pas';\r
27 \r
28 const\r
29 App='Kol PE Viewer';\r
30 \r
31 var\r
32 PeEdit:pPEEditor;\r
33 Refreshing:Boolean;\r
34 TabControl,\r
35 GroupBox3,\r
36 GroupBox4,\r
37 ListView1,\r
38 ListView2,\r
39 ListView3,\r
40 ListView4,\r
41 Listview5,\r
42 ListBox1,\r
43 tbpanel,\r
44 Panel,\r
45 Toolbar,\r
46 Edit1,\r
47 Edit2,\r
48 Edit3:pControl;\r
49 type\r
50 \r
51 PMyEvents=^TMyEvents;\r
52 TMyEvents=object(Tobj)\r
53 public\r
54 {Add your eventhandlers here, example:}\r
55 function DoMessage(var Msg:Tmsg;var Rslt:integer):boolean;\r
56 procedure ButtonLoadClick(Sender:pObj);\r
57 procedure Listboxchange(sender:pObj);\r
58 procedure ListViewSortclick(sender:pControl;Index:integer);\r
59 procedure TabsClick(sender:pObj);\r
60 end;\r
61 \r
62 \r
63 function TMyEvents.DoMessage(var Msg:TMsg;var Rslt:integer):Boolean;\r
64 begin\r
65 Result:=false;\r
66 end;\r
67 \r
68 function NewEvents:pMyEvents;\r
69 begin\r
70 New(Result,Create);\r
71 end;\r
72 \r
73 procedure TmyEvents.ButtonLoadClick(Sender:pObj);\r
74 var\r
75 i:integer;\r
76 Section:PSection;\r
77 Directory:PDirectory;\r
78 Dialog:pOpenSaveDialog;\r
79 \r
80 begin\r
81 case toolbar.CurIndex of\r
82 0:\r
83 with PeEdit^ do\r
84 begin\r
85 Dialog:=NewOpenSaveDialog('','',[]);\r
86 Dialog.Filter:='Executable Files|*.exe;*.dll;*.ocx;*.cpl';\r
87 if not Refreshing then begin\r
88 if not Dialog.execute then exit;\r
89 PEFilePath:=Dialog.FileName;\r
90 Applet.caption:=App+' - ['+extractfilename(Dialog.Filename)+']';\r
91 if PEFilePath='' then\r
92 begin\r
93 MsgOk(extractfilename(Dialog.filename)+' is not a valid PE file!');\r
94 exit;\r
95 end;\r
96 end;\r
97 Dialog.Free;\r
98 Refreshing:=false;\r
99 Edit1.Text:=Format('$%.8X', [EntryPoint]);\r
100 Edit2.Text:=Format('$%.8X', [ImageBase]);\r
101 Edit3.Text:=Format('$%.8X', [ImageSize]);\r
102 \r
103 with ListView1^ do\r
104 begin\r
105 BeginUpdate;\r
106 Clear;\r
107 \r
108 For i:=0 to SectionList.Count-1 do\r
109 begin\r
110 LvAdd('',0,[],0,0,0);\r
111 Section:=PSection(SectionList.Items[i]);\r
112 LvItems[i,0]:=Section.o_name;\r
113 LvItems[i,1]:=Format('$%.8X', [Section.o_rva]);\r
114 LvItems[i,2]:=Format('$%.8X', [Section.o_virtual_size]);\r
115 LvItems[i,3]:=Format('$%.8X', [Section.o_physical_offs]);\r
116 LvItems[i,4]:=Format('$%.8X', [Section.o_physical_size]);\r
117 LvItems[i,5]:=Format('$%.8X', [Section.o_flags]);\r
118 end;\r
119 EndUpdate;\r
120 end;\r
121 \r
122 with ListView2^ do\r
123 begin\r
124 \r
125 BeginUpdate;\r
126 Clear;\r
127 Directory:=PDirectory(DirectoryList.Items[0]);\r
128 LvAdd('',0,[],0,0,0);\r
129 LvItems[lvcount-1,0]:='Export table';\r
130 LvItems[lvcount-1,1]:=Format('$%.8X', [Directory.RVA]);\r
131 LvItems[lvcount-1,2]:=Format('$%.8X', [Directory.Size]);\r
132 \r
133 Directory:=PDirectory(Directorylist.items[1]);\r
134 LvAdd('',0,[],0,0,0);\r
135 LvItems[lvcount-1,0]:='Import table';\r
136 LvItems[lvcount-1,1]:=Format('$%.8X', [Directory.RVA]);\r
137 LvItems[lvcount-1,2]:=Format('$%.8X', [Directory.Size]);\r
138 \r
139 Directory:=PDirectory(Directorylist.items[2]);\r
140 LvAdd('',0,[],0,0,0);\r
141 LvItems[lvcount-1,0]:='Resource';\r
142 LvItems[lvcount-1,1]:=Format('$%.8X', [Directory.RVA]);\r
143 LvItems[lvcount-1,2]:=Format('$%.8X', [Directory.Size]);\r
144 \r
145 Directory:=PDirectory(Directorylist.items[3]);\r
146 LvAdd('',0,[],0,0,0);\r
147 LvItems[lvcount-1,0]:='Exception';\r
148 LvItems[lvcount-1,1]:=Format('$%.8X', [Directory.RVA]);\r
149 LvItems[lvcount-1,2]:=Format('$%.8X', [Directory.Size]);\r
150 \r
151 Directory:=PDirectory(Directorylist.items[4]);\r
152 LvAdd('',0,[],0,0,0);\r
153 LvItems[lvcount-1,0]:='Security';\r
154 LvItems[lvcount-1,1]:=Format('$%.8X', [Directory.RVA]);\r
155 LvItems[lvcount-1,2]:=Format('$%.8X', [Directory.Size]);\r
156 \r
157 Directory:=PDirectory(Directorylist.items[5]);\r
158 LvAdd('',0,[],0,0,0);\r
159 LvItems[lvcount-1,0]:='Relocations';\r
160 LvItems[lvcount-1,1]:=Format('$%.8X', [Directory.RVA]);\r
161 LvItems[lvcount-1,2]:=Format('$%.8X', [Directory.Size]);\r
162 \r
163 Directory:=PDirectory(Directorylist.items[6]);\r
164 LvAdd('',0,[],0,0,0);\r
165 LvItems[lvcount-1,0]:='Debug datas';\r
166 LvItems[lvcount-1,1]:=Format('$%.8X', [Directory.RVA]);\r
167 LvItems[lvcount-1,2]:=Format('$%.8X', [Directory.Size]);\r
168 \r
169 Directory:=PDirectory(Directorylist.items[7]);\r
170 LvAdd('',0,[],0,0,0);\r
171 LvItems[lvcount-1,0]:='Description';\r
172 LvItems[lvcount-1,1]:=Format('$%.8X', [Directory.RVA]);\r
173 LvItems[lvcount-1,2]:=Format('$%.8X', [Directory.Size]);\r
174 \r
175 Directory:=PDirectory(Directorylist.items[8]);\r
176 LvAdd('',0,[],0,0,0);\r
177 LvItems[lvcount-1,0]:='Global PTR';\r
178 LvItems[lvcount-1,1]:=Format('$%.8X', [Directory.RVA]);\r
179 LvItems[lvcount-1,2]:=Format('$%.8X', [Directory.Size]);\r
180 \r
181 Directory:=PDirectory(Directorylist.items[9]);\r
182 LvAdd('',0,[],0,0,0);\r
183 LvItems[lvcount-1,0]:='TLS table';\r
184 LvItems[lvcount-1,1]:=Format('$%.8X', [Directory.RVA]);\r
185 LvItems[lvcount-1,2]:=Format('$%.8X', [Directory.Size]);\r
186 \r
187 Directory:=PDirectory(Directorylist.items[10]);\r
188 LvAdd('',0,[],0,0,0);\r
189 LvItems[lvcount-1,0]:='Load config';\r
190 LvItems[lvcount-1,1]:=Format('$%.8X', [Directory.RVA]);\r
191 LvItems[lvcount-1,2]:=Format('$%.8X', [Directory.Size]);\r
192 \r
193 Directory:=PDirectory(Directorylist.items[11]);\r
194 LvAdd('',0,[],0,0,0);\r
195 LvItems[lvcount-1,0]:='Bound import';\r
196 LvItems[lvcount-1,1]:=Format('$%.8X', [Directory.RVA]);\r
197 LvItems[lvcount-1,2]:=Format('$%.8X', [Directory.Size]);\r
198 \r
199 Directory:=PDirectory(Directorylist.items[12]);\r
200 LvAdd('',0,[],0,0,0);\r
201 LvItems[lvcount-1,0]:='Import address table';\r
202 LvItems[lvcount-1,1]:=Format('$%.8X', [Directory.RVA]);\r
203 LvItems[lvcount-1,2]:=Format('$%.8X', [Directory.Size]);\r
204 EndUpdate;\r
205 Listbox1.clear;\r
206 for i:=0 to ImportedList.count-1 do\r
207 ListBox1.Add(PImportedLibrary(ImportedList.Items[i]).Name);\r
208 end;\r
209 \r
210 with ListView4^ do\r
211 begin\r
212 beginupdate;\r
213 clear;\r
214 for i:=0 to ExportedList.count-2 do\r
215 begin\r
216 LVAdd('',0,[],0,0,0);\r
217 LvItems[i,0]:=Format('$%.8X', [pExportedFunction(ExportedList.Items[i]).Ordinal]);\r
218 lvItems[i,1]:=pExportedFunction(Exportedlist.Items[i]).Name;\r
219 end;\r
220 Endupdate;\r
221 Listbox1.OnChange(@Self);\r
222 end;\r
223 end;\r
224 1:msgOk('Not implemented');\r
225 end;\r
226 \r
227 end;\r
228 \r
229 var\r
230 Events:pMyEvents;\r
231 \r
232 \r
233 \r
234 procedure TMyEvents.ListboxChange(sender: pObj);\r
235 var\r
236 I:integer;\r
237 FuncList:pList;\r
238 ImportedFunc:PImportedFunction;\r
239 begin\r
240 with Listview3^, PEEdit^ do\r
241 begin\r
242 If Listbox1.curindex<0 then exit;\r
243 beginupdate;\r
244 clear;\r
245 FuncList:=PImportedLibrary(ImportedList.Items[listbox1.curindex]).FunctionList;\r
246 for i:=0 to FuncList.Count-1 do\r
247 begin\r
248 ImportedFunc:=PImportedFunction(FuncList.Items[i]);\r
249 Lvadd('',0,[],0,0,0);\r
250 lvItems[i,0]:=Format('$%.8X', [ImportedFunc.ordinal,4]);\r
251 LvItems[i,1]:=ImportedFunc.Name;\r
252 end;\r
253 endupdate;\r
254 end;\r
255 end;\r
256 \r
257 {This is a callback function for the EnumWindows API call}\r
258 function ListWindows( hWindow: HWnd;wparam:integer): BOOL;stdcall;\r
259 Var\r
260 s: Array[0..255] of Char;\r
261 Begin\r
262 Result := True;\r
263 \r
264 With ListView5^ DO\r
265 Begin\r
266 Perform(WM_SETREDRAW,0,0);\r
267 LvAdd('',0,[],0,0,0);\r
268 {Displays handle}\r
269 LvItems[ LvCount-1,0] := Format('$%.4X', [hWindow]);\r
270 {Displays Instance}\r
271 LvItems[ LvCount-1,1] := Format('$%.8X',\r
272 [GetWindowLong(hWindow, GWL_HINSTANCE)]);\r
273 {Displays Task}\r
274 LvItems[ LvCount-1,2] := Format('$%.4X',\r
275 [GetWindowTask(hWindow)]);\r
276 {Displays Parent}\r
277 LvItems[ LvCount-1,3] := Format('$%.4X',\r
278 [GetParent(hWindow)]);\r
279 {Obtains and Displays Windows ClassName}\r
280 GetClassName( HWindow, s, sizeof(s));\r
281 s[80] := #0;\r
282 LvItems[ LvCount-1,4] := s;\r
283 \r
284 {Obtains and Displays Window Caption, if any,\r
285 If there's no caption contenttext is displayed}\r
286 GetWindowText( HWindow, s, Sizeof(s));\r
287 s[80] := #0;\r
288 LvItems[ LvCount-1,5] := s;\r
289 \r
290 {Displays visibility}\r
291 If IsWindowVisible( Hwindow ) Then\r
292 LvItems[LvCount-1,6] := 'Yes'\r
293 Else\r
294 LvItems[LvCount-1,6] := 'No';\r
295 \r
296 {Displays Iconicity}\r
297 If IsIconic( Hwindow ) Then\r
298 LvItems[LvCount-1,7] := 'Yes'\r
299 Else\r
300 LvItems[LvCount-1,7] := 'No';\r
301 Perform(WM_SETREDRAW,1,0);\r
302 End;\r
303 \r
304 End;\r
305 \r
306 procedure TMyEvents.ListViewSortclick(sender: pControl; Index: integer);\r
307 begin\r
308 sender.LVSortColumn(index);\r
309 end;\r
310 \r
311 procedure TMyEvents.TabsClick(sender: pObj);\r
312 begin\r
313 {Update active window list}\r
314 if Tabcontrol.Curindex=4 then\r
315 begin\r
316 Listview5.beginupdate;\r
317 EnumWindows( @ListWindows, Applet.handle);\r
318 Listview5.endupdate;\r
319 end;\r
320 end;\r
321 \r
322 begin\r
323 {var 'Applet' is already declared in KOL.pas}\r
324 Applet:=NewForm(nil,app).SetSize(600,400).CenterOnParent;\r
325 Applet.font.fontheight:=12;\r
326 tbpanel:=Newpanel(Applet,esNone).SetAlign(caTop);\r
327 Toolbar:=NewToolbar(tbpanel,caTop,[tboFlat],HBITMAP(-1),['',''],[7,8]).resizeparent;\r
328 Toolbar.TBButtonEnabled[1]:=false;\r
329 \r
330 Panel:=NewPanel(Applet,esNone).SetAlign(caBottom);\r
331 Panel.font.fontstyle:=[fsBold];\r
332 NewLabel(Panel,' PE Header Entry point:').AutoSize(True);\r
333 Edit1:=NewEditbox(Panel,[]).Placeright.resizeparent;\r
334 NewLabel(Panel,' Image base:').Placeright.AutoSize(true);\r
335 Edit2:=NewEditbox(Panel,[]).Placeright;\r
336 NewLabel(Panel,' Image size:').Placeright.AutoSize(True);\r
337 Edit3:=NewEditbox(Panel,[]).Placeright;\r
338 Events:=NewEvents;\r
339 Toolbar.Onclick:=Events.ButtonLoadClick;\r
340 PeEdit:=NewPeEditor;\r
341 TabControl:=NewTabControl(Applet,['Sections','Directories','Imports','Exports', 'Active Windows'],[tcoFlat,tcoButtons],nil,0).SetAlign(caClient);\r
342 TabControl.OnClick:=Events.tabsclick;\r
343 ListView1:=NewListView(TabControl.pages[0],lvsDetail,[lvoGridlines,lvorowselect],nil,nil,nil).SetAlign(caClient);\r
344 Listview1.OnColumnClick:=events.ListViewSortclick;\r
345 with listview1^ do begin\r
346 LVColAdd('Name',taLeft,Width div 6);\r
347 LVColAdd('RVA',taLeft,Width div 6);\r
348 LVColAdd('v Size',taLeft,Width div 6);\r
349 LVColAdd('p Offset',taLeft,Width div 6);\r
350 LVColAdd('p Size',taLeft,Width div 6);\r
351 LvColAdd('ChaRect',taLeft,Width div 6);\r
352 end;\r
353 \r
354 ListView2:=NewListView(TabControl.pages[1],lvsDetail,[lvoGridlines,lvorowselect],nil,nil,nil).SetAlign(caClient);\r
355 Listview2.OnColumnClick:=events.ListViewSortclick;\r
356 with listview2^ do begin\r
357 LVColAdd('Directory',taLeft,Width div 3);\r
358 LVColAdd('RVA',taLeft,Width div 3);\r
359 LVColAdd('Size',taLeft,Width div 3);\r
360 end;\r
361 \r
362 GroupBox3:=NewGroupBox(Tabcontrol.pages[2],'Libraries').SetAlign(caLeft);\r
363 ListBox1:=NewListBox(GroupBox3,[]).SetAlign(caClient);\r
364 GroupBox4:=NewGroupBox(Tabcontrol.Pages[2],'Functions').SetAlign(caClient);\r
365 ListView3:=NewListView(GroupBox4,lvsDetail,[lvoGridlines,lvorowselect],nil,nil,nil).SetAlign(caClient);\r
366 Listview3.OnColumnClick:=events.ListViewSortclick;\r
367 with listview3^ do begin\r
368 LVColAdd('Ordinal',taLeft,Width div 3);\r
369 LVColAdd('Name',taLeft,Width - (width div 3));\r
370 end;\r
371 ListBox1.OnChange:=Events.Listboxchange;\r
372 \r
373 ListView4:=NewListView(TabControl.Pages[3],lvsDetail,[lvoGridlines,lvorowselect],nil,nil,nil).SetAlign(caClient);\r
374 Listview4.OnColumnClick:=events.ListViewSortclick;\r
375 with listview4^ do begin\r
376 LVColAdd('Ordinal',taLeft,Width div 3);\r
377 LVColAdd('Name',taLeft,Width - (width div 3));\r
378 end;\r
379 \r
380 Applet.OnMessage:=Events.DoMessage;\r
381 ListView5:=NewListView(Tabcontrol.pages[4],lvsdetail,[lvoGridLines,lvoRowSelect],nil,nil,nil).setalign(caClient);\r
382 Listview1.OnColumnClick:=events.ListViewSortclick;\r
383 With listview5^ do\r
384 Begin\r
385 LvColAdd('Handle',taRight,75);\r
386 LvColAdd('Instance',taRight,75);\r
387 LvColAdd('Task',taRight,75);\r
388 LvColAdd('Parent',taright,75);\r
389 lvColAdd('Class Name',taLeft,200);\r
390 LvColAdd('Title',taLeft,200);\r
391 LvColAdd('Visible',taLeft,75);\r
392 LvColAdd('Iconic',taLeft,75);\r
393 End;\r
394 Listview5.OnColumnClick:=Events.ListViewSortclick;\r
395 EnumWindows( @ListWindows, Applet.handle);\r
396 Run(Applet);\r
397 PeEdit.free;\r
398 Events.free;\r
399 end.\r
400 \r
401 \r
402 \r
403 \r