@jshookmcp/jshook 0.1.6 → 0.1.7

package/dist/modules/process/memory/scanner.js

@@ -156,130 +156,130 @@ function buildMemoryScanScript(pid, pattern, patternType) {
     const { patternBytes, mask } = buildPatternBytesAndMask(pattern, patternType);
     const patternArray = patternBytes.join(',');
     const maskArray = mask.join(',');
-    return `
-Add-Type @"
-using System;
-using System.Runtime.InteropServices;
-using System.Collections.Generic;
-using System.ComponentModel;
-
-public class MemoryScanner {
-    [DllImport("kernel32.dll", SetLastError = true)]
-    public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
-
-    [DllImport("kernel32.dll", SetLastError = true)]
-    public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int read);
-
-    [DllImport("kernel32.dll", SetLastError = true)]
-    public static extern int VirtualQueryEx(IntPtr hProcess, IntPtr addr, out MEMORY_BASIC_INFORMATION info, int size);
-
-    [DllImport("kernel32.dll", SetLastError = true)]
-    public static extern bool CloseHandle(IntPtr handle);
-
-    const int PROCESS_VM_READ = 0x0010;
-    const int PROCESS_QUERY_INFORMATION = 0x0400;
-
-    [StructLayout(LayoutKind.Sequential)]
-    public struct MEMORY_BASIC_INFORMATION {
-        public IntPtr BaseAddress;
-        public IntPtr AllocationBase;
-        public uint AllocationProtect;
-        public IntPtr RegionSize;
-        public uint State;
-        public uint Protect;
-        public uint Type;
-    }
-
-    const uint MEM_COMMIT = 0x1000;
-    const uint PAGE_READONLY = 0x02;
-    const uint PAGE_READWRITE = 0x04;
-    const uint PAGE_WRITECOPY = 0x08;
-    const uint PAGE_EXECUTE_READ = 0x20;
-    const uint PAGE_EXECUTE_READWRITE = 0x40;
-
-    public static List<string> ScanMemory(int pid, byte[] pattern, byte[] mask, int maxResults = 10000) {
-        var results = new List<string>();
-        IntPtr hProcess = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, false, pid);
-        if (hProcess == IntPtr.Zero) {
-            int error = Marshal.GetLastWin32Error();
-            throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
-        }
-
-        try {
-            IntPtr addr = IntPtr.Zero;
-            MEMORY_BASIC_INFORMATION info;
-            int infoSize = Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION));
-            int scannedRegions = 0;
-
-            while (VirtualQueryEx(hProcess, addr, out info, infoSize) == infoSize) {
-                scannedRegions++;
-                bool isReadable = (info.State == MEM_COMMIT) &&
-                    ((info.Protect & PAGE_READONLY) != 0 ||
-                     (info.Protect & PAGE_READWRITE) != 0 ||
-                     (info.Protect & PAGE_WRITECOPY) != 0 ||
-                     (info.Protect & PAGE_EXECUTE_READ) != 0 ||
-                     (info.Protect & PAGE_EXECUTE_READWRITE) != 0);
-
-                if (isReadable && info.RegionSize.ToInt64() > 0 && info.RegionSize.ToInt64() < 1073741824) {
-                    long regionSize = info.RegionSize.ToInt64();
-                    if (regionSize > 16777216) regionSize = 16777216; // bound scan window per region (16MB)
-                    byte[] buffer = new byte[(int)regionSize];
-                    int bytesRead;
-
-                    if (ReadProcessMemory(hProcess, info.BaseAddress, buffer, buffer.Length, out bytesRead)) {
-                        for (int i = 0; i <= bytesRead - pattern.Length; i++) {
-                            if (PatternMatch(buffer, i, pattern, mask)) {
-                                long foundAddr = info.BaseAddress.ToInt64() + i;
-                                results.Add("0x" + foundAddr.ToString("X"));
-                                if (results.Count >= maxResults) break;
-                            }
-                        }
-                    }
-                }
-
-                if (results.Count >= maxResults) break;
-                if (scannedRegions >= 50000) break;
-                long baseAddr = info.BaseAddress.ToInt64();
-                long regionSizeRaw = info.RegionSize.ToInt64();
-                if (regionSizeRaw <= 0) break;
-                long nextAddr = baseAddr + regionSizeRaw;
-                if (nextAddr <= baseAddr) break;
-                addr = new IntPtr(nextAddr);
-                if (addr.ToInt64() >= 0x7FFFFFFF0000) break;
-            }
-
-            return results;
-        } finally {
-            CloseHandle(hProcess);
-        }
-    }
-
-    private static bool PatternMatch(byte[] buffer, int offset, byte[] pattern, byte[] mask) {
-        for (int i = 0; i < pattern.Length; i++) {
-            if (mask[i] == 1 && buffer[offset + i] != pattern[i]) {
-                return false;
-            }
-        }
-        return true;
-    }
-}
-"@
-
-try {
-    $patternBytes = @(${patternArray})
-    $maskBytes = @(${maskArray})
-    $results = [MemoryScanner]::ScanMemory(${pid}, $patternBytes, $maskBytes, 1000)
-    @{
-        success = $true;
-        addresses = $results;
-        stats = @{
-            patternLength = $patternBytes.Length;
-            resultsFound = $results.Count
-        }
-    } | ConvertTo-Json -Compress
-} catch {
-    @{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
-}
+    return `
+Add-Type @"
+using System;
+using System.Runtime.InteropServices;
+using System.Collections.Generic;
+using System.ComponentModel;
+
+public class MemoryScanner {
+    [DllImport("kernel32.dll", SetLastError = true)]
+    public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
+
+    [DllImport("kernel32.dll", SetLastError = true)]
+    public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int read);
+
+    [DllImport("kernel32.dll", SetLastError = true)]
+    public static extern int VirtualQueryEx(IntPtr hProcess, IntPtr addr, out MEMORY_BASIC_INFORMATION info, int size);
+
+    [DllImport("kernel32.dll", SetLastError = true)]
+    public static extern bool CloseHandle(IntPtr handle);
+
+    const int PROCESS_VM_READ = 0x0010;
+    const int PROCESS_QUERY_INFORMATION = 0x0400;
+
+    [StructLayout(LayoutKind.Sequential)]
+    public struct MEMORY_BASIC_INFORMATION {
+        public IntPtr BaseAddress;
+        public IntPtr AllocationBase;
+        public uint AllocationProtect;
+        public IntPtr RegionSize;
+        public uint State;
+        public uint Protect;
+        public uint Type;
+    }
+
+    const uint MEM_COMMIT = 0x1000;
+    const uint PAGE_READONLY = 0x02;
+    const uint PAGE_READWRITE = 0x04;
+    const uint PAGE_WRITECOPY = 0x08;
+    const uint PAGE_EXECUTE_READ = 0x20;
+    const uint PAGE_EXECUTE_READWRITE = 0x40;
+
+    public static List<string> ScanMemory(int pid, byte[] pattern, byte[] mask, int maxResults = 10000) {
+        var results = new List<string>();
+        IntPtr hProcess = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, false, pid);
+        if (hProcess == IntPtr.Zero) {
+            int error = Marshal.GetLastWin32Error();
+            throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
+        }
+
+        try {
+            IntPtr addr = IntPtr.Zero;
+            MEMORY_BASIC_INFORMATION info;
+            int infoSize = Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION));
+            int scannedRegions = 0;
+
+            while (VirtualQueryEx(hProcess, addr, out info, infoSize) == infoSize) {
+                scannedRegions++;
+                bool isReadable = (info.State == MEM_COMMIT) &&
+                    ((info.Protect & PAGE_READONLY) != 0 ||
+                     (info.Protect & PAGE_READWRITE) != 0 ||
+                     (info.Protect & PAGE_WRITECOPY) != 0 ||
+                     (info.Protect & PAGE_EXECUTE_READ) != 0 ||
+                     (info.Protect & PAGE_EXECUTE_READWRITE) != 0);
+
+                if (isReadable && info.RegionSize.ToInt64() > 0 && info.RegionSize.ToInt64() < 1073741824) {
+                    long regionSize = info.RegionSize.ToInt64();
+                    if (regionSize > 16777216) regionSize = 16777216; // bound scan window per region (16MB)
+                    byte[] buffer = new byte[(int)regionSize];
+                    int bytesRead;
+
+                    if (ReadProcessMemory(hProcess, info.BaseAddress, buffer, buffer.Length, out bytesRead)) {
+                        for (int i = 0; i <= bytesRead - pattern.Length; i++) {
+                            if (PatternMatch(buffer, i, pattern, mask)) {
+                                long foundAddr = info.BaseAddress.ToInt64() + i;
+                                results.Add("0x" + foundAddr.ToString("X"));
+                                if (results.Count >= maxResults) break;
+                            }
+                        }
+                    }
+                }
+
+                if (results.Count >= maxResults) break;
+                if (scannedRegions >= 50000) break;
+                long baseAddr = info.BaseAddress.ToInt64();
+                long regionSizeRaw = info.RegionSize.ToInt64();
+                if (regionSizeRaw <= 0) break;
+                long nextAddr = baseAddr + regionSizeRaw;
+                if (nextAddr <= baseAddr) break;
+                addr = new IntPtr(nextAddr);
+                if (addr.ToInt64() >= 0x7FFFFFFF0000) break;
+            }
+
+            return results;
+        } finally {
+            CloseHandle(hProcess);
+        }
+    }
+
+    private static bool PatternMatch(byte[] buffer, int offset, byte[] pattern, byte[] mask) {
+        for (int i = 0; i < pattern.Length; i++) {
+            if (mask[i] == 1 && buffer[offset + i] != pattern[i]) {
+                return false;
+            }
+        }
+        return true;
+    }
+}
+"@
+
+try {
+    $patternBytes = @(${patternArray})
+    $maskBytes = @(${maskArray})
+    $results = [MemoryScanner]::ScanMemory(${pid}, $patternBytes, $maskBytes, 1000)
+    @{
+        success = $true;
+        addresses = $results;
+        stats = @{
+            patternLength = $patternBytes.Length;
+            resultsFound = $results.Count
+        }
+    } | ConvertTo-Json -Compress
+} catch {
+    @{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
+}
   `.trim();
 }
 async function scanMemoryWindows(pid, pattern, patternType) {
@@ -497,47 +497,47 @@ async function scanMemoryMac(pid, pattern, patternType) {
     const tag = `${pid}_${Date.now()}`;
     const pyFile = `/tmp/lldb_scan_${tag}.py`;
     const cmdFile = `/tmp/lldb_scan_${tag}.txt`;
-    const pyScript = `
-import lldb, json, sys
-
-def __lldb_init_module(debugger, internal_dict):
-    proc = debugger.GetSelectedTarget().GetProcess()
-    pat = bytes([${byteList}])
-    mask = [${maskList}]
-    results = []
-    rl = proc.GetMemoryRegions()
-    for i in range(rl.GetSize()):
-        info = lldb.SBMemoryRegionInfo()
-        rl.GetMemoryRegionAtIndex(i, info)
-        if not info.IsReadable():
-            continue
-        s = info.GetRegionBase()
-        sz = info.GetRegionEnd() - s
-        if sz > 32 * 1024 * 1024:
-            continue
-        err = lldb.SBError()
-        data = proc.ReadMemory(s, sz, err)
-        if not err.Success():
-            continue
-        n = len(pat)
-        for j in range(len(data) - n + 1):
-            match = True
-            for k in range(n):
-                if mask[k] == 1 and data[j+k] != pat[k]:
-                    match = False
-                    break
-            if match:
-                results.append(hex(s + j))
-                if len(results) >= 1000:
-                    break
-        if len(results) >= 1000:
-            break
-    sys.stdout.write('SCAN_RESULT:' + json.dumps({
-        'success': True,
-        'addresses': results,
-        'stats': {'patternLength': len(pat), 'resultsFound': len(results)}
-    }) + '\\n')
-    sys.stdout.flush()
+    const pyScript = `
+import lldb, json, sys
+
+def __lldb_init_module(debugger, internal_dict):
+    proc = debugger.GetSelectedTarget().GetProcess()
+    pat = bytes([${byteList}])
+    mask = [${maskList}]
+    results = []
+    rl = proc.GetMemoryRegions()
+    for i in range(rl.GetSize()):
+        info = lldb.SBMemoryRegionInfo()
+        rl.GetMemoryRegionAtIndex(i, info)
+        if not info.IsReadable():
+            continue
+        s = info.GetRegionBase()
+        sz = info.GetRegionEnd() - s
+        if sz > 32 * 1024 * 1024:
+            continue
+        err = lldb.SBError()
+        data = proc.ReadMemory(s, sz, err)
+        if not err.Success():
+            continue
+        n = len(pat)
+        for j in range(len(data) - n + 1):
+            match = True
+            for k in range(n):
+                if mask[k] == 1 and data[j+k] != pat[k]:
+                    match = False
+                    break
+            if match:
+                results.append(hex(s + j))
+                if len(results) >= 1000:
+                    break
+        if len(results) >= 1000:
+            break
+    sys.stdout.write('SCAN_RESULT:' + json.dumps({
+        'success': True,
+        'addresses': results,
+        'stats': {'patternLength': len(pat), 'resultsFound': len(results)}
+    }) + '\\n')
+    sys.stdout.flush()
 `;
     await fs.writeFile(pyFile, pyScript, 'utf8');
     await fs.writeFile(cmdFile, `command script import ${pyFile}\nprocess detach\n`, 'utf8');

package/dist/modules/process/memory/writer.js

@@ -5,60 +5,60 @@ import { execAsync, executePowerShellScript, } from '../../process/memory/types.
 async function writeMemoryWindows(pid, address, data) {
     try {
         const hexData = data.toString('hex').toUpperCase();
-        const psScript = `
-        Add-Type @"
-          using System;
-          using System.Runtime.InteropServices;
-          using System.ComponentModel;
-
-          public class MemoryWriter {
-            [DllImport("kernel32.dll", SetLastError = true)]
-            public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
-
-            [DllImport("kernel32.dll", SetLastError = true)]
-            public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int written);
-
-            [DllImport("kernel32.dll", SetLastError = true)]
-            public static extern bool CloseHandle(IntPtr handle);
-
-            const int PROCESS_VM_WRITE = 0x0020;
-            const int PROCESS_VM_OPERATION = 0x0008;
-
-            public static int WriteMemory(int pid, long address, string hexData) {
-              IntPtr hProcess = OpenProcess(PROCESS_VM_WRITE | PROCESS_VM_OPERATION, false, pid);
-              if (hProcess == IntPtr.Zero) {
-                int error = Marshal.GetLastWin32Error();
-                throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
-              }
-
-              try {
-                byte[] buffer = new byte[hexData.Length / 2];
-                for (int i = 0; i < hexData.Length; i += 2) {
-                  buffer[i / 2] = Convert.ToByte(hexData.Substring(i, 2), 16);
-                }
-
-                int bytesWritten;
-                bool success = WriteProcessMemory(hProcess, (IntPtr)address, buffer, buffer.Length, out bytesWritten);
-
-                if (!success) {
-                  int error = Marshal.GetLastWin32Error();
-                  throw new Win32Exception(error, "Failed to write memory");
-                }
-
-                return bytesWritten;
-              } finally {
-                CloseHandle(hProcess);
-              }
-            }
-          }
-"@
-
-        try {
-          $bytesWritten = [MemoryWriter]::WriteMemory(${pid}, ${address}, "${hexData}")
-          @{ success = $true; bytesWritten = $bytesWritten } | ConvertTo-Json -Compress
-        } catch {
-          @{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
-        }
+        const psScript = `
+        Add-Type @"
+          using System;
+          using System.Runtime.InteropServices;
+          using System.ComponentModel;
+
+          public class MemoryWriter {
+            [DllImport("kernel32.dll", SetLastError = true)]
+            public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
+
+            [DllImport("kernel32.dll", SetLastError = true)]
+            public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int written);
+
+            [DllImport("kernel32.dll", SetLastError = true)]
+            public static extern bool CloseHandle(IntPtr handle);
+
+            const int PROCESS_VM_WRITE = 0x0020;
+            const int PROCESS_VM_OPERATION = 0x0008;
+
+            public static int WriteMemory(int pid, long address, string hexData) {
+              IntPtr hProcess = OpenProcess(PROCESS_VM_WRITE | PROCESS_VM_OPERATION, false, pid);
+              if (hProcess == IntPtr.Zero) {
+                int error = Marshal.GetLastWin32Error();
+                throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
+              }
+
+              try {
+                byte[] buffer = new byte[hexData.Length / 2];
+                for (int i = 0; i < hexData.Length; i += 2) {
+                  buffer[i / 2] = Convert.ToByte(hexData.Substring(i, 2), 16);
+                }
+
+                int bytesWritten;
+                bool success = WriteProcessMemory(hProcess, (IntPtr)address, buffer, buffer.Length, out bytesWritten);
+
+                if (!success) {
+                  int error = Marshal.GetLastWin32Error();
+                  throw new Win32Exception(error, "Failed to write memory");
+                }
+
+                return bytesWritten;
+              } finally {
+                CloseHandle(hProcess);
+              }
+            }
+          }
+"@
+
+        try {
+          $bytesWritten = [MemoryWriter]::WriteMemory(${pid}, ${address}, "${hexData}")
+          @{ success = $true; bytesWritten = $bytesWritten } | ConvertTo-Json -Compress
+        } catch {
+          @{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
+        }
       `;
         const { stdout } = await executePowerShellScript(psScript, { maxBuffer: 1024 * 1024 });
         const _trimmed = stdout.trim();

package/dist/native/scripts/linux/enum-windows.sh

@@ -1,12 +1,12 @@
-#!/bin/bash
-# enum-windows.sh
-# Linux window enumeration script (placeholder)
-
-TARGET_PID=$1
-
-# Use xdotool or wmctrl for window enumeration
-# This is a placeholder for future implementation
-
-if command -v xdotool &> /dev/null; then
-    xdotool search --pid "$TARGET_PID" --name "" get-window-name
-fi
+#!/bin/bash
+# enum-windows.sh
+# Linux window enumeration script (placeholder)
+
+TARGET_PID=$1
+
+# Use xdotool or wmctrl for window enumeration
+# This is a placeholder for future implementation
+
+if command -v xdotool &> /dev/null; then
+    xdotool search --pid "$TARGET_PID" --name "" get-window-name
+fi

package/dist/native/scripts/macos/enum-windows.applescript

@@ -1,22 +1,22 @@
--- enum-windows.applescript
--- macOS window enumeration script (placeholder)
-
-param TargetPid
-
--- AppleScript implementation for window enumeration
--- This is a placeholder for future implementation
-
-tell application "System Events"
-    set windowList to {}
-    repeat with proc in (every process whose unix id is TargetPid)
-        repeat with win in windows of proc
-            set end of windowList to {¬
-                title: name of win, ¬
-                position: position of win, ¬
-                size: size of win ¬
-            }
-        end repeat
-    end repeat
-end tell
-
-return windowList
+-- enum-windows.applescript
+-- macOS window enumeration script (placeholder)
+
+param TargetPid
+
+-- AppleScript implementation for window enumeration
+-- This is a placeholder for future implementation
+
+tell application "System Events"
+    set windowList to {}
+    repeat with proc in (every process whose unix id is TargetPid)
+        repeat with win in windows of proc
+            set end of windowList to {¬
+                title: name of win, ¬
+                position: position of win, ¬
+                size: size of win ¬
+            }
+        end repeat
+    end repeat
+end tell
+
+return windowList

package/dist/native/scripts/windows/enum-windows-by-class.ps1

@@ -1,51 +1,51 @@
-param(
-    [string]$ClassPattern
-)
-
-Add-Type @"
-  using System;
-  using System.Runtime.InteropServices;
-  public class Win32 {
-    [DllImport("user32.dll")] public static extern IntPtr FindWindowEx(IntPtr parent, IntPtr childAfter, string className, string title);
-    [DllImport("user32.dll")] public static extern int GetWindowThreadProcessId(IntPtr hWnd, out int pid);
-    [DllImport("user32.dll")] public static extern int GetWindowText(IntPtr hWnd, System.Text.StringBuilder text, int count);
-    [DllImport("user32.dll")] public static extern int GetClassName(IntPtr hWnd, System.Text.StringBuilder className, int maxCount);
-  }
-"@
-
-$windows = @()
-$hwnd = [IntPtr]::Zero
-while ($true) {
-  $hwnd = [Win32]::FindWindowEx([IntPtr]::Zero, $hwnd, $null, $null)
-  if ($hwnd -eq [IntPtr]::Zero) { break }
-
-  $className = New-Object System.Text.StringBuilder 256
-  [Win32]::GetClassName($hwnd, $className, 256) | Out-Null
-  $classNameStr = $className.ToString()
-
-  # Support wildcard pattern matching
-  $isMatch = $false
-  if ($ClassPattern -eq $classNameStr) {
-    $isMatch = $true
-  } elseif ($ClassPattern.Contains('*')) {
-    # Convert wildcard pattern to regex
-    $regexPattern = [regex]::Escape($ClassPattern).Replace('\*', '.*')
-    if ($classNameStr -match $regexPattern) {
-      $isMatch = $true
-    }
-  }
-
-  if ($isMatch) {
-    $windowPid = 0
-    [Win32]::GetWindowThreadProcessId($hwnd, [ref]$windowPid) | Out-Null
-    $title = New-Object System.Text.StringBuilder 256
-    [Win32]::GetWindowText($hwnd, $title, 256) | Out-Null
-    $windows += @{
-      Handle = $hwnd.ToString()
-      Title = $title.ToString()
-      ClassName = $classNameStr
-      ProcessId = $windowPid
-    }
-  }
-}
-$windows | ConvertTo-Json -Compress
+param(
+    [string]$ClassPattern
+)
+
+Add-Type @"
+  using System;
+  using System.Runtime.InteropServices;
+  public class Win32 {
+    [DllImport("user32.dll")] public static extern IntPtr FindWindowEx(IntPtr parent, IntPtr childAfter, string className, string title);
+    [DllImport("user32.dll")] public static extern int GetWindowThreadProcessId(IntPtr hWnd, out int pid);
+    [DllImport("user32.dll")] public static extern int GetWindowText(IntPtr hWnd, System.Text.StringBuilder text, int count);
+    [DllImport("user32.dll")] public static extern int GetClassName(IntPtr hWnd, System.Text.StringBuilder className, int maxCount);
+  }
+"@
+
+$windows = @()
+$hwnd = [IntPtr]::Zero
+while ($true) {
+  $hwnd = [Win32]::FindWindowEx([IntPtr]::Zero, $hwnd, $null, $null)
+  if ($hwnd -eq [IntPtr]::Zero) { break }
+
+  $className = New-Object System.Text.StringBuilder 256
+  [Win32]::GetClassName($hwnd, $className, 256) | Out-Null
+  $classNameStr = $className.ToString()
+
+  # Support wildcard pattern matching
+  $isMatch = $false
+  if ($ClassPattern -eq $classNameStr) {
+    $isMatch = $true
+  } elseif ($ClassPattern.Contains('*')) {
+    # Convert wildcard pattern to regex
+    $regexPattern = [regex]::Escape($ClassPattern).Replace('\*', '.*')
+    if ($classNameStr -match $regexPattern) {
+      $isMatch = $true
+    }
+  }
+
+  if ($isMatch) {
+    $windowPid = 0
+    [Win32]::GetWindowThreadProcessId($hwnd, [ref]$windowPid) | Out-Null
+    $title = New-Object System.Text.StringBuilder 256
+    [Win32]::GetWindowText($hwnd, $title, 256) | Out-Null
+    $windows += @{
+      Handle = $hwnd.ToString()
+      Title = $title.ToString()
+      ClassName = $classNameStr
+      ProcessId = $windowPid
+    }
+  }
+}
+$windows | ConvertTo-Json -Compress