-
Notifications
You must be signed in to change notification settings - Fork 118
/
SendKeyboardMessageToPowershell.cpp
61 lines (54 loc) · 1.14 KB
/
SendKeyboardMessageToPowershell.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
#include <afx.h>
void SendKeyboardCommand(HWND hWnd, int command)
{
printf("[+]Sending:0x%02x\r\n", command);
PostMessage(hWnd, WM_KEYDOWN, command, 0);
PostMessage(hWnd, WM_KEYUP, command, 0xC0000000);
}
HWND GetWindowHandleByPID(DWORD dwProcessID)
{
HWND hWnd = GetTopWindow(0);
while (hWnd)
{
DWORD pid = 0;
DWORD dwTheardId = GetWindowThreadProcessId(hWnd, &pid);
if (dwTheardId != 0)
{
if (pid == dwProcessID)
{
printf("[+]hWnd:%x\r\n", hWnd);
return hWnd;
}
}
hWnd = ::GetNextWindow(hWnd, GW_HWNDNEXT);
}
return NULL;
}
int main(int argc, char* argv[])
{
if (argc != 2)
{
printf("\nSend keyboard messages to specified powershell process.\n");
printf("Default command:whoami\n");
printf("Usage:\n");
printf(" %s <pid>\n", argv[0]);
return 0;
}
DWORD pid;
sscanf_s(argv[1], "%d", &pid);
HWND hWnd = GetWindowHandleByPID(pid);
if (hWnd == NULL)
{
printf("[!]I can't find it.\r\n");
return 0;
}
char command[MAX_PATH] = "WHOAMI";
for (int i = 0; i < strlen(command); i++)
{
SendKeyboardCommand(hWnd, command[i]);
Sleep(1);
}
//Enter
SendKeyboardCommand(hWnd, VK_RETURN);
return 0;
}