剧情是这个样子的:
[Delphi] 纯文本查看 复制代码
procedure TCapture_Window.hotykey(var msg: TMessage);
var
pid: Cardinal;
pHandle: THandle;
buf: array[0..MAX_PATH] of Char;
ps: array[0..254] of Char; // 这个是定义激活的窗口的控件名
path: string; // 激活窗口的路径
arr: array[0..254] of Char;
h: HWND;
pt: TPoint;
c: TColor;
begin
if (GetAsyncKeyState(VK_LWIN) and (GetAsyncKeyState(Ord('A'))) < 0) then // Win+A
begin
h := GetForegroundWindow;
GetWindowThreadProcessId(h, @pid);
pHandle := OpenProcess(PROCESS_ALL_ACCESS, False, pid);
GetModuleFileNameEx(pHandle, 0, buf, Length(buf));
CloseHandle(pHandle);
GetWindowText(h, @arr, SizeOf(arr));
GetClassName(h, ps, 255);
path := GetProcessExePath(h);
Capture_Window.KJ_Edit1.Text := arr; //x64dbg的完整窗口标题
end; SyntaxHighlighter Copyright 2004-2013 Alex Gorbatchev.
[Asm] 纯文本查看 复制代码
000000006D525E70 | 55 | push rbp |
000000006D525E71 | 48:81EC D0000000 | sub rsp,D0 |
000000006D525E78 | 48:8BEC | mov rbp,rsp |
000000006D525E7B | 48:896D 48 | mov qword ptr ss:[rbp+48],rbp |
000000006D525E7F | 48:898D E0000000 | mov qword ptr ss:[rbp+E0],rcx |
000000006D525E86 | 48:8995 E8000000 | mov qword ptr ss:[rbp+E8],rdx |
000000006D525E8D | 4C:8985 F0000000
支付3UD,阅读全文
还有更多的精彩内容,作者设置为付费后可见
滇ICP备2022002049号-2 
滇公网安备 53032102000034号)
