UGN Security

Article: How Windows Work

Posted By: SilentRage

Article: How Windows Work - 09/24/02 02:02 PM

First of all, I wanna make sure we're on the same wavelength and tell you what a 'window' really is. You may think of the browser window you're looking at right now as a window. But that window contains many smaller and specialized windows too. Every button, text box, and even those scrollbars are windows. How do they work? How does a button get disabled? How does a scrollbar scroll? How is the max characters set for a textbox?

Let's start when the window is born. When you create a window (see: CreateWindowEx API) you must supply a name for the window, a class, and various other parameters like width, height, and even settings like visibility and whether it has borders and much much more... The most important is the CLASS you specify. The CLASS determines what kind of animal your window will be. There's 'Button', 'Edit' (textbox), 'Combobox', and many other different window classes. You can even create your own classes. Most of the windows you recognize as windows are application defined classes.

Now what do classes mean to windows? Well, each class has their own seperate function. This function is called to change the behavior of some window whose apart of that class. The classes that are apart of windows such as buttons and such are based on functions that are also apart of windows. When you create a class, then you must also specify which function in your application is associated with it. Then you can create as many windows that is a member of that class as you want.

Ok, now to make all this real to you. Let's say you made a simple program with a button on a form. When the user clicks the button, the code will disable it. So what happened behind the scenes? When you clicked the button, the program sent a WM_ENABLE message to the button class function and set it to false. It looks something like this:

SendMessage Button1.hWnd, WM_ENABLE, 0, 0

That's how you'd call it if you wanted to do it directly. SendMessage is an API function which accepts 4 arguments. The first one is the handle to the button window. The second is the type of message you're sending, in this case WM_ENABLE. The last 2 arguments are meant for whatever the message needs. In the case of WM_ENABLE, the 3rd argument is set to 0 for false, or 1 for true. The 4th argument is unused. To make the button enabled again, you do this:

SendMessage Button1.hWnd, WM_ENABLE, 1, 0

When you send that message to the button, the button class function gets called in windows, and it will disable the button for you.

That's it. Almost everything is done via messages. Take a ListView window for example (Class=SysListView32 created by comctl32.dll) which all folders use to display those files. Those columns and those items in the list are all added via messages. The application calls the SendMessage function (or some equivilent. See: CallWindowProc & DefWindowProc) messages such as LVM_INSERTCOLUMN and LVM_INSERTITEM.

Another example as hinted at at the start of this topic.

SendMessage Text1.hWnd, EM_SETLIMITTEXT, 20, 0

This will cause the textbox to only allow 20 characters to be entered into the textbox.


How to look up the different messages and learn what they do. Download API-Viewer from and look up the following to get a list of messages for a given window.

Edit (TextBox)
Type EM_ (Edit Messages)

SysListView32 (ListView)
Type LVM_ (List View Messages)

See the pattern? Well, go to and look up any message you wanna learn about.


Feel free to ask any questions since I went over a lot of information relatively briefly.
Posted By: psychogen

Re: Article: How Windows Work - 09/26/02 03:05 PM

sweet now I understand how people write trainers besides asm!
© 2018 UGN Security Forum