51Testing软件测试论坛

 找回密码
 (注-册)加入51Testing

QQ登录

只需一步,快速开始

微信登录,快人一步

手机号码,快捷登录

查看: 2617|回复: 7
打印 上一主题 下一主题

[原创] 如何同时按下Ctrl,Alt和Del键这三个键呀?

[复制链接]

该用户从未签到

跳转到指定楼层
1#
发表于 2010-4-16 10:33:18 | 只看该作者 回帖奖励 |倒序浏览 |阅读模式
我想同时用QTP按下这三个键,我用了下面的代码实现,貌似都不行哦
Dim WshShell
Set WshShell=CreateObject("WScript.Shell")
WshShell.SendKeys "^(%{Del})"
或者
Dim WshShell
Set WshShell=CreateObject("WScript.Shell")
WshShell.SendKeys "^%{Del}"
请知道的麻烦告知下下,不甚感谢
分享到:  QQ好友和群QQ好友和群 QQ空间QQ空间 腾讯微博腾讯微博 腾讯朋友腾讯朋友
收藏收藏
回复

使用道具 举报

该用户从未签到

2#
发表于 2010-4-16 12:01:19 | 只看该作者
改用DeviceReplay对象来发送试试吧
回复 支持 反对

使用道具 举报

该用户从未签到

3#
 楼主| 发表于 2010-4-16 14:58:12 | 只看该作者
用DeviceReplay ? 具体怎么用啊?
貌似搜索了下:
Set deviceReplay = CreateObject( "Mercury.DeviceReplay" )
deviceReplay.PressDown VK_Ctrl
deviceReplay.PressDown VK_Alt
deviceReplay.PressDown VK_Del
这个好像没效果哦,好像我写的不对,不知道怎么写这个
回复 支持 反对

使用道具 举报

该用户从未签到

4#
发表于 2010-4-16 17:23:54 | 只看该作者
貌似不可以发这3个按键~

如果是要打开资源管理器的话  WshShell.SendKeys "^+{ESC}"
回复 支持 反对

使用道具 举报

该用户从未签到

5#
 楼主| 发表于 2010-4-19 17:06:08 | 只看该作者
Set device = CreateObject("Mercury.DeviceReplay")

device.KeyDown vk_Ctrl
device.KeyDown vk_Alt
device.PressKey vk_Del


device.Keyup vk_Alt
device.Keyup vk_Ctrl

写成这样也不行,救救我啊,谁用过这个devicereplay阿
回复 支持 反对

使用道具 举报

该用户从未签到

6#
发表于 2010-4-19 20:09:39 | 只看该作者
这三个键的组合是被系统屏蔽的,不能通过简单的方式发送它们,你可以参考下面的VB代码来实现(可以尝试把它们转成VBS或者写成EXE然后在QTP中调用):
Option Explicit
  
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, lpBuffer As Any, ByVal nSize As Long, _
         lpNumberOfBytesWritten As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Long, lpBuffer As Any, ByVal nSize As Long, _
         lpNumberOfBytesWritten As Long) As Long
  
Private Declare Function GlobalAddAtom Lib "kernel32" Alias "GlobalAddAtomW" (ByVal lpString As Long) As Integer
Private Declare Function GlobalDeleteAtom Lib "kernel32" (ByVal nAtom As Integer) As Integer
Private Declare Function GlobalFindAtom Lib "kernel32" Alias "GlobalFindAtomW" (ByVal lpString As Long) As Integer
  
Private Const TH32CS_SNAPPROCESS = 2
Private Type PROCESSENTRY32W
dwSize        As Long
cntUsage    As Long
h32ProcessID   As Long     '  //   this   process
th32DefaultHeapID       As Long     '
h32ModuleID     As Long     '  //   associated   exe
cntThreads       As Long     '
th32ParentProcessID   As Long     '  //   this   process's   parent   process
pcPriClassBase      As Long     '  //   Base   priority   of   process's   threads
dwFlags      As Long     '
szExeFile(1 To 260)       As Integer     '   //   Path
End Type
Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long
Private Declare Function Process32First Lib "kernel32" Alias "Process32FirstW" (ByVal hSnapshot As Long, lpPE As PROCESSENTRY32W) As Long
Private Declare Function Process32Next Lib "kernel32" Alias "Process32NextW" (ByVal hSnapshot As Long, lpPE As PROCESSENTRY32W) As Long
Private Declare Function lstrcmpi Lib "kernel32" Alias "lstrcmpiW" (lpString1 As Integer, ByVal lpString2 As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
  
  
Private Type LUID
lowpart    As Long
highpart  As Long
End Type
Private Type LUID_AND_ATTRIBUTES
  pLuid        As LUID
  Attributes     As Long
End Type
Private Type TOKEN_PRIVILEGES
PrivilegeCount     As Long
Privileges      As LUID_AND_ATTRIBUTES
End Type
Private Const PROCESS_ALL_ACCESS       As Long = &H1F0FFF
Private Const TOKEN_QUERY       As Long = &H8&
Private Const TOKEN_ADJUST_PRIVILEGES    As Long = &H20&
Private Const SE_PRIVILEGE_ENABLED   As Long = &H2
Private Const SE_DEBUG_NAME       As String = "SeDebugPrivilege"
Private Declare Function GetCurrentProcess Lib "kernel32" () As Long
Private Declare Function OpenProcessToken Lib "advapi32.dll" (ByVal ProcessHandle As Long, ByVal DesiredAccess As Long, TokenHandle As Long) As Long
Private Declare Function LookupPrivilegeValue Lib "advapi32.dll" Alias "LookupPrivilegeValueW" (ByVal lpSystemName As Long, ByVal lpName As Long, lpLuid As LUID) As Long
Private Declare Function AdjustTokenPrivileges Lib "advapi32.dll" (ByVal TokenHandle As Long, ByVal DisableAllPrivileges As Long, NewState As TOKEN_PRIVILEGES, _
         ByVal BufferLength As Long, ByVal PrevState As Long, ByVal N As Long) As Long
Private Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryW" (ByVal lpLibFileName As Long) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Declare Function FreeLibrary Lib "kernel32" (ByVal hLibModule As Long) As Long
  
Private Const MEM_COMMIT       As Long = &H1000
Private Const MEM_DECOMMIT   As Long = &H4000
Private Const PAGE_READWRITE      As Long = 4
Private Const PAGE_EXECUTE_READWRITE    As Long = &H40
Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal ProcessHandle As Long, ByVal lpAddress As Long, ByVal dwSize As Long, _
        ByVal flAllocationType As Long, ByVal flProtect As Long) As Long
Private Declare Function VirtualFreeEx Lib "kernel32" (ByVal ProcessHandle As Long, ByVal lpAddress As Long, ByVal dwSize As Long, ByVal dwFreeType As Long) As Long
Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal hProcess As Long, ByVal lpThreadAttributes As Long, ByVal dwStackSize As Long, _
        ByVal lpStartAddress As Long, ByVal lpParameter As Long, ByVal dwCreationFlags As Long, lpThreadId As Long) As Long
  
Private Const CODELONG_LEN = 33
Private mlShellCode(CODELONG_LEN - 1)  As Long
回复 支持 反对

使用道具 举报

该用户从未签到

7#
发表于 2010-4-19 20:10:00 | 只看该作者
代码太长了,分成两段

'============================================
'   远程线程插入函数
'   功能:向   Winlogon   进程插入远程线程代码,并执行
'   返回:.T.   成功
'============================================
Public Function SendSysKey() As Boolean
Const WINLOGON     As String = "Winlogon.exe"
Const SHELL_CODE_LENGTH = CODELONG_LEN * 4
Const SHELL_FUNCOFFSET = 2 * 4
Dim hProcess     As Long    '远端进程句柄
Dim hPId    As Long      '远端进程ID
Dim lResult     As Long      '一般返回变量
Dim pToken       As TOKEN_PRIVILEGES
Dim hToken       As Long
Dim hRemoteThread     As Long
Dim hRemoteThreadID     As Long
Dim lDbResult(1)     As Long
Dim lRemoteAddr     As Long
  
'------------------------------------
'取winlogon进程ID
'------------------------------------
hPId = GetProcessIdFromName(WINLOGON)
If hPId = 0 Then
  Debug.Assert False
  Exit Function
End If
  
'------------------------------------
'提升本进程权限,以取得对winlogon进程操作的许可
'------------------------------------
lResult = OpenProcessToken(GetCurrentProcess(), _
           TOKEN_ADJUST_PRIVILEGES Or TOKEN_QUERY, _
           hToken)
Debug.Assert lResult
lResult = LookupPrivilegeValue(0, StrPtr(SE_DEBUG_NAME), pToken.Privileges.pLuid)
Debug.Assert lResult
pToken.PrivilegeCount = 1
pToken.Privileges.Attributes = SE_PRIVILEGE_ENABLED
lResult = AdjustTokenPrivileges(hToken, False, pToken, Len(pToken), 0, 0)
Debug.Assert lResult
  
'------------------------------------
'   打开winlogon进程
'------------------------------------
hProcess = OpenProcess(PROCESS_ALL_ACCESS, 0, hPId)
Debug.Assert hProcess
  
If hProcess Then
  '------------------------------------
  '   初始注入代码
  '------------------------------------
  Call InitShellCode
  
  '------------------------------------
  '   远端进程分配内存
  '------------------------------------
  lRemoteAddr = VirtualAllocEx(hProcess, 0, SHELL_CODE_LENGTH, MEM_COMMIT, PAGE_EXECUTE_READWRITE)
  Debug.Assert lRemoteAddr
  
  '------------------------------------
  '   写入   shell   代码
  '------------------------------------
  If lRemoteAddr Then
   Call WriteProcessMemory(hProcess, lRemoteAddr, mlShellCode(0), SHELL_CODE_LENGTH, 0)
  Else
   Exit Function
  End If
  
  '------------------------------------
  '创建远程线程
  '------------------------------------
  hRemoteThread = CreateRemoteThread(hProcess, 0, 0, lRemoteAddr + SHELL_FUNCOFFSET, 0, 0, hRemoteThreadID)
  Debug.Assert hRemoteThread
  If hRemoteThread Then Call CloseHandle(hRemoteThread)
  
  '------------------------------------
  '等待远程线程执行完毕并取回结果信息
  '------------------------------------
  Do
   If ReadProcessMemory(hProcess, lRemoteAddr, lDbResult(0), 8, lResult) = 1 Then
    If lDbResult(0) = 0 Then
     SendSysKey = lDbResult(1) = 0
     Exit Do
    End If
   Else
    Debug.Assert False
   End If
  Loop
  
  '------------------------------------
  '   释放远端进程内存
  '------------------------------------
  Call VirtualFreeEx(hProcess, lRemoteAddr, SHELL_CODE_LENGTH, MEM_DECOMMIT)
End If
End Function
  
'============================================
'   根据可执行文件的名称取回进程ID
'   参数:可执行文件名(含扩展名)
'   返回:进程ID。0表示无
'============================================
Private Function GetProcessIdFromName(ByVal sName As String) As Long
Dim hSnapshot  As Long
Dim lpPE     As PROCESSENTRY32W
Dim lpWinlogon       As Long
  
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)
Debug.Assert hSnapshot
lpPE.dwSize = Len(lpPE)
If Process32First(hSnapshot, lpPE) Then
  lpWinlogon = StrPtr(sName)
  Do
   If lstrcmpi(lpPE.szExeFile(1), lpWinlogon) = 0 Then
    GetProcessIdFromName = lpPE.h32ProcessID
    Exit Do
   End If
   If Process32Next(hSnapshot, lpPE) = 0 Then Exit Do       '   此代码之前位置错误
  Loop
End If
Call CloseHandle(hSnapshot)
End Function
  
'============================================
'   初始线程代码
'============================================
Private Function InitShellCode() As Long
Const kernel32     As String = "kernel32.dll"
Const user32  As String = "user32.dll"
Dim hDll    As Long
'------------------------------------
'提取注入代码所需的API函数
'------------------------------------
hDll = LoadLibrary(StrPtr(user32))
Debug.Assert hDll
mlShellCode(0) = GetProcAddress(hDll, "FindWindowW")
mlShellCode(1) = GetProcAddress(hDll, "SendMessageW")
Call FreeLibrary(hDll)
'---------------------------
'   以下代码由   MASM32   产生,作用就是查找指定窗口并发送热键消息
mlShellCode(2) = &H83EC8B55
mlShellCode(3) = &HE860F8C4
mlShellCode(4) = &H0&
mlShellCode(5) = &H14EB815B
mlShellCode(6) = &H8D004010
mlShellCode(7) = &H40105283
mlShellCode(8) = &H6A5000
mlShellCode(9) = &H100093FF
mlShellCode(10) = &HC00B0040
mlShellCode(11) = &H11681974
mlShellCode(12) = &H6A002E00
mlShellCode(13) = &H3126800
mlShellCode(14) = &HFF500000
mlShellCode(15) = &H40100493
mlShellCode(16) = &H4838900
mlShellCode(17) = &H33004010
mlShellCode(18) = &H8389C0
mlShellCode(19) = &H61004010
mlShellCode(20) = &H53C3C9
mlShellCode(21) = &H530041
mlShellCode(22) = &H770020
mlShellCode(23) = &H6E0069
mlShellCode(24) = &H6F0064
mlShellCode(25) = &H77&
mlShellCode(26) = &H81EC8B55
mlShellCode(27) = &HFFFDD8C4
mlShellCode(28) = &H1EEE8FF
mlShellCode(29) = &H45890000
mlShellCode(30) = &HEC458DE8
mlShellCode(31) = &HFF286A50
mlShellCode(32) = &H13E8E875
End Function
回复 支持 反对

使用道具 举报

该用户从未签到

8#
 楼主| 发表于 2010-4-22 11:21:50 | 只看该作者
我已经晕了,看不明白哦
非常感谢楼上的热心帮助
回复 支持 反对

使用道具 举报

本版积分规则

关闭

站长推荐上一条 /1 下一条

小黑屋|手机版|Archiver|51Testing软件测试网 ( 沪ICP备05003035号 关于我们

GMT+8, 2024-11-9 00:05 , Processed in 0.072125 second(s), 25 queries .

Powered by Discuz! X3.2

© 2001-2024 Comsenz Inc.

快速回复 返回顶部 返回列表