Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

SignUp Now!

Demonstration of using @WINAPI and Kernel32.dll functions RtlMoveMemory, lstrlenW, GetCommandLine

Aug
1,916
68
Code:
:: Demonstration of using @WINAPI and Kernel32.dll functions
:: TCC  23.00.23 x64   Windows 7 [Version 6.1.7601]
::
:: This is a @WINAPI example showing how to use;
::
:: Kernel32.dll GetCommandLine function
::
:: Kernel32.dll lstrlenW       function
::
:: Kernel32.dll RtlMoveMemory  function
::
:: Run this .BTM from the;
::  TCC Command Line
::  TCC Debugger
::  CMDebug Debugger
::  to see the different command lines returned
::
@setlocal
@echo off
::
:: Get the address in memory where the Command Line is located
::
Set SADD=%@winapi[kernel32.dll,GetCommandLine]
echo The String Address for the Command Line is: %SADD
::
:: Get the length of the Command Line
::
Set StrLen=%@winapi[kernel32.dll,lstrlenW,%SADD]
::
:: This is a Wide String, so double the length returned
::
set StrLen=%@eval[%StrLen*2]
echo The Length of the Command Line is         : %StrLen
::
:: Get the Command Line
::
set CommandLine=%@winapi[kernel32.dll,RtlMoveMemory,BUFFER,%SADD,%StrLen]
echo The Command Line is                       : %CommandLine
endlocal
quit

Example run on my TCC  23.00.23 x64   Windows 7 [Version 6.1.7601] system:

c:\users\jlc\utils>getcommandline.btm
The String Address for the Command Line is: 21968946
The Length of the Command Line is         : 80
The Command Line is                       : "C:\Program Files\JPSoft\TCMD23\TCC.EXE"

Joe
 
Does that mean one can use SendMessageA directly from TCC?
You can use SendMessage directly from TCC. I do this in TCSTART.BTM
Code:
NOOP %@WINAPI[user32,SendMessageA,%@WINAPI[user32,FindWindowEx,0,0,TCC.EXE,TCC:%@LOWER[%@EVAL[%_PID=H]]],16,0,0]
That finds the window of class "TCC.EXE" and sends WM_CLOSE (16) to it. SendMessageW would work equally well in that situation bacause there are no strings. I suppose you can really make the distinction of the LPARAM is a string. The help says this of using a string argument to a function called with @WINAPI.

"string" - text argument (this must be enclosed in double quotes). If the argument is preceded by an 'a' (i.e., a"Argument") then it is converted from Unicode to ASCII before calling the API. (Some Windows APIs only accept ASCII arguments.)

This works here. It sends message 12 (WM_SETTEXT) to change notepad's caption.

Code:
start notepad

do while not iswindow "Untitled - Notepad" ( delay /m 500 )

set hwnd=%@winapi[user32,FindWindowExA,0,0,0,a"Untitled - Notepad"]

set visible=%@winapi[user32,IsWindowVisible,%hwnd]

do while %visible == 0
    delay /m 500
    set visible=%@winapi[user32,IsWindowVisible,%hwnd]
enddo

set result=%@winapi[user32,SendMessageA,%hwnd,12,0,a"foobar"]

delay 5

set result=%@winapi[user32,SendMessageW,%hwnd,12,0,"some other caption"]
 
Last edited:
Looks way nicer than
Code:
HK_hWnd N>S WIN-EXIST?
IF
  0               VK_MULTIPLY WM_KEYDOWN HK_hWnd SendMessageA DROP
  user_KeyUpFlags VK_MULTIPLY WM_KEYUP HK_hWnd SendMessageA DROP
THEN
 
Back
Top