locked
Is it possible to add a GUI to this code? RRS feed

  • Question

  • namespace FileMon 
    
    { 
    
     public class FileMonInterface : MarshalByRefObject 
    
     { 
    
      public void IsInstalled(Int32 InClientPID) 
    
      {  
    
       Console.WriteLine("FileMon has been installed in target {0}.\r\n", InClientPID); 
    
      } 
    
     
    
      public void OnCreateFile(Int32 InClientPID, String[] InFileNames) 
    
      { 
    
       for (int i = 0; i < InFileNames.Length; i++) 
    
       { 
    
        String[] s = InFileNames[i].ToString().Split('\t'); 
    
     
    
        if (s[0].ToString().Contains("ROpen")) 
    
        { 
    
         Console.WriteLine(DateTime.Now.Hour+":"+DateTime.Now.Minute+":"+DateTime.Now.Second+"."+DateTime.Now.Millisecond + "\t" + s[0] + "\t" + getProcessName(int.Parse(s[1])) + "\t" + getRootHive(s[2])); 
    
        } 
    
        
       } 
    
      } 
    
    } 
    
     static class Program 
    
     { 
    
      static String ChannelName = null; 
    
      static void Main() 
    
      { 
    
     
    
       try 
    
       { 
    
        Config.Register("A FileMon like demo application.", "FileMon.exe", "FileMonInject.dll"); 
    
        RemoteHooking.IpcCreateServer<FileMonInterface>(ref ChannelName, WellKnownObjectMode.SingleCall); 
    
        Process[] p = Process.GetProcesses(); 
    
        for (int i = 0; i < p.Length; i++) 
    
        { 
    
         try 
    
         { 
    
          RemoteHooking.Inject(p[i].Id, "FileMonInject.dll", "FileMonInject.dll", ChannelName); 
    
         } 
    
         catch (Exception e) 
    
         { 
    
         } 
    
        } 
    
       } 
    
       catch (Exception ExtInfo) 
    
       { 
    
        Console.WriteLine("There was an error while connecting to target:\r\n{0}", ExtInfo.ToString()); 
    
       } 
    
       Console.ReadLine(); 
    
     
    
      } 
    
     } 
    
    } 
    
    

    Hi, all i want to do is to output the contents of OnCreateFile to a GUI, but i dont get how i can declare the GUI at the bottom in the main and then reference it in the class/interface?

    Could someone please help?

     

    • Edited by Tom7777777 Thursday, May 27, 2010 11:04 PM
    Thursday, May 27, 2010 9:38 PM

Answers

  • I think you need to think about event driven programming.

     

    You should have a main handling class.   This class creates your collection of monitors and hooks to the event and tracks what is happening.

     

    When you have an activity that you want to 'do something' then you have a singleton static reference in the driver class that sends messages to the GUI (at it's simplest updates the Text property of the display)

     

    When the GUI is closed the close event is tracked and the singletion reference is blanked.

     

    If you want to display you check the singleton reference and create a display.

     


    Ta Ken
    • Proposed as answer by Chao Kuo Wednesday, June 2, 2010 11:27 AM
    • Marked as answer by Chao Kuo Thursday, June 3, 2010 8:59 AM
    Thursday, May 27, 2010 11:15 PM

  • A small corrections  You don't have an interface, and there is no such thing as an "interface class".  OnCreateFile is in a class called FileMonInterface.  An interface has no methods.
     
    One way to handle this would be to have OnCreateFile raise events that your form listens.  The form would need to be passed the instance of the FileMonClass.
     
    Alternatively, the form could expose a property that the OnCreateFile class accesses as necessary to update the UI.
     
    The best way though, is as Waratah wrote.  The console application doesn't seem to gain you anything.
    --
    Mike
    • Proposed as answer by Chao Kuo Wednesday, June 2, 2010 11:28 AM
    • Marked as answer by Chao Kuo Thursday, June 3, 2010 8:59 AM
    Friday, May 28, 2010 12:42 AM

All replies

  • You could actually do this anywhere in your code.
     
    Go to the "Project" menu, and select "Add Windows Form...".
     
    Next, in your routine at the end, add:
     
    Form1 f = new Form1();
    // send information to f, such as f.Display = "Some text"
    f.ShowDialog();
     
    I'm not really sure what you mean by the contents of OnCreateFile.  You could pop up a messagebox within that code as an alternative.
    --
    Mike
    Thursday, May 27, 2010 10:01 PM
  • You could actually do this anywhere in your code.
     
    Go to the "Project" menu, and select "Add Windows Form...".
     
    Next, in your routine at the end, add:
     
    Form1 f = new Form1();
    // send information to f, such as f.Display = "Some text"
    f.ShowDialog();
     
    I'm not really sure what you mean by the contents of OnCreateFile.  You could pop up a messagebox within that code as an alternative.
    --
    Mike


    OnCreateFile gets called every time my hook detects a registry key has been accessed. Therefore i cannot declare my GUI within that interface class?

    I dont see how i candeclare the GUI in the main function within Program.cs and then refer to it in the interface class at the top?

    Thursday, May 27, 2010 10:03 PM
  • Do you see the problem now?
    Thursday, May 27, 2010 10:33 PM
  • I think you need to think about event driven programming.

     

    You should have a main handling class.   This class creates your collection of monitors and hooks to the event and tracks what is happening.

     

    When you have an activity that you want to 'do something' then you have a singleton static reference in the driver class that sends messages to the GUI (at it's simplest updates the Text property of the display)

     

    When the GUI is closed the close event is tracked and the singletion reference is blanked.

     

    If you want to display you check the singleton reference and create a display.

     


    Ta Ken
    • Proposed as answer by Chao Kuo Wednesday, June 2, 2010 11:27 AM
    • Marked as answer by Chao Kuo Thursday, June 3, 2010 8:59 AM
    Thursday, May 27, 2010 11:15 PM

  • A small corrections  You don't have an interface, and there is no such thing as an "interface class".  OnCreateFile is in a class called FileMonInterface.  An interface has no methods.
     
    One way to handle this would be to have OnCreateFile raise events that your form listens.  The form would need to be passed the instance of the FileMonClass.
     
    Alternatively, the form could expose a property that the OnCreateFile class accesses as necessary to update the UI.
     
    The best way though, is as Waratah wrote.  The console application doesn't seem to gain you anything.
    --
    Mike
    • Proposed as answer by Chao Kuo Wednesday, June 2, 2010 11:28 AM
    • Marked as answer by Chao Kuo Thursday, June 3, 2010 8:59 AM
    Friday, May 28, 2010 12:42 AM