day7 – 补课
以下简单的控制台应用程序获取正在运行的进程列表。首先,该GetProcessList函数使用CreateToolhelp32Snapshot获取系统中当前正在执行的进程的快照,然后使用Process32First和Process32Next遍历快照中记录的列表。为依次在每个过程中,GetProcessList调用ListProcessModules其描述函数遍历模块列表,并且ListProcessThreads其描述函数遍历线程列表。
一个简单的错误报告功能 ,printError显示任何失败的原因,这通常是由安全限制引起的。例如,Idle 和 CSRSS 进程的OpenProcess失败,因为它们的访问限制阻止用户级代码打开它们。
#include
#include
#include // Forward declarations:
BOOL GetProcessList( );
BOOL ListProcessModules( DWORD dwPID );
BOOL ListProcessThreads( DWORD dwOwnerPID );
void printError( TCHAR* msg );int main( void )
{GetProcessList( );return 0;
}BOOL GetProcessList( )
{HANDLE hProcessSnap;HANDLE hProcess;PROCESSENTRY32 pe32;DWORD dwPriorityClass;// Take a snapshot of all processes in the system.hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );if( hProcessSnap == INVALID_HANDLE_VALUE ){printError( TEXT("CreateToolhelp32Snapshot (of processes)") );return( FALSE );}// Set the size of the structure before using it.pe32.dwSize = sizeof( PROCESSENTRY32 );// Retrieve information about the first process,// and exit if unsuccessfulif( !Process32First( hProcessSnap, &pe32 ) ){printError( TEXT("Process32First") ); // show cause of failureCloseHandle( hProcessSnap ); // clean the snapshot objectreturn( FALSE );}// Now walk the snapshot of processes, and// display information about each process in turndo{_tprintf( TEXT("\n\n=====================================================" ));_tprintf( TEXT("\nPROCESS NAME: %s"), pe32.szExeFile );_tprintf( TEXT("\n-------------------------------------------------------" ));// Retrieve the priority class.dwPriorityClass = 0;hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID );if( hProcess == NULL )printError( TEXT("OpenProcess") );else{dwPriorityClass = GetPriorityClass( hProcess );if( !dwPriorityClass )printError( TEXT("GetPriorityClass") );CloseHandle( hProcess );}_tprintf( TEXT("\n Process ID = 0x%08X"), pe32.th32ProcessID );_tprintf( TEXT("\n Thread count = %d"), pe32.cntThreads );_tprintf( TEXT("\n Parent process ID = 0x%08X"), pe32.th32ParentProcessID );_tprintf( TEXT("\n Priority base = %d"), pe32.pcPriClassBase );if( dwPriorityClass )_tprintf( TEXT("\n Priority class = %d"), dwPriorityClass );// List the modules and threads associated with this processListProcessModules( pe32.th32ProcessID );ListProcessThreads( pe32.th32ProcessID );} while( Process32Next( hProcessSnap, &pe32 ) );CloseHandle( hProcessSnap );return( TRUE );
}BOOL ListProcessModules( DWORD dwPID )
{HANDLE hModuleSnap = INVALID_HANDLE_VALUE;MODULEENTRY32 me32;// Take a snapshot of all modules in the specified process.hModuleSnap = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwPID );if( hModuleSnap == INVALID_HANDLE_VALUE ){printError( TEXT("CreateToolhelp32Snapshot (of modules)") );return( FALSE );}// Set the size of the structure before using it.me32.dwSize = sizeof( MODULEENTRY32 );// Retrieve information about the first module,// and exit if unsuccessfulif( !Module32First( hModuleSnap, &me32 ) ){printError( TEXT("Module32First") ); // show cause of failureCloseHandle( hModuleSnap ); // clean the snapshot objectreturn( FALSE );}// Now walk the module list of the process,// and display information about each moduledo{_tprintf( TEXT("\n\n MODULE NAME: %s"), me32.szModule );_tprintf( TEXT("\n Executable = %s"), me32.szExePath );_tprintf( TEXT("\n Process ID = 0x%08X"), me32.th32ProcessID );_tprintf( TEXT("\n Ref count (g) = 0x%04X"), me32.GlblcntUsage );_tprintf( TEXT("\n Ref count (p) = 0x%04X"), me32.ProccntUsage );_tprintf( TEXT("\n Base address = 0x%08X"), (DWORD) me32.modBaseAddr );_tprintf( TEXT("\n Base size = %d"), me32.modBaseSize );} while( Module32Next( hModuleSnap, &me32 ) );CloseHandle( hModuleSnap );return( TRUE );
}BOOL ListProcessThreads( DWORD dwOwnerPID )
{ HANDLE hThreadSnap = INVALID_HANDLE_VALUE; THREADENTRY32 te32; // Take a snapshot of all running threads hThreadSnap = CreateToolhelp32Snapshot( TH32CS_SNAPTHREAD, 0 ); if( hThreadSnap == INVALID_HANDLE_VALUE ) return( FALSE ); // Fill in the size of the structure before using it. te32.dwSize = sizeof(THREADENTRY32); // Retrieve information about the first thread,// and exit if unsuccessfulif( !Thread32First( hThreadSnap, &te32 ) ) {printError( TEXT("Thread32First") ); // show cause of failureCloseHandle( hThreadSnap ); // clean the snapshot objectreturn( FALSE );}// Now walk the thread list of the system,// and display information about each thread// associated with the specified processdo { if( te32.th32OwnerProcessID == dwOwnerPID ){_tprintf( TEXT("\n\n THREAD ID = 0x%08X"), te32.th32ThreadID ); _tprintf( TEXT("\n Base priority = %d"), te32.tpBasePri ); _tprintf( TEXT("\n Delta priority = %d"), te32.tpDeltaPri ); _tprintf( TEXT("\n"));}} while( Thread32Next(hThreadSnap, &te32 ) ); CloseHandle( hThreadSnap );return( TRUE );
}void printError( TCHAR* msg )
{DWORD eNum;TCHAR sysMsg[256];TCHAR* p;eNum = GetLastError( );FormatMessage( FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,NULL, eNum,MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default languagesysMsg, 256, NULL );// Trim the end of the line and terminate it with a nullp = sysMsg;while( ( *p > 31 ) || ( *p == 9 ) )++p;do { *p-- = 0; } while( ( p >= sysMsg ) &&( ( *p == '.' ) || ( *p < 33 ) ) );// Display the message_tprintf( TEXT("\n WARNING: %s failed with error %d (%s)"), msg, eNum, sysMsg );
} 以下示例函数列出了指定进程的运行线程。首先,该ListProcessThreads函数使用CreateToolhelp32Snapshot获取系统中当前正在执行的线程的快照,然后使用Thread32First和Thread32Next函数遍历快照中记录的列表。for 参数ListProcessThreads是要列出其线程的进程的进程标识符。
#include
#include
#include // Forward declarations:
BOOL ListProcessThreads( DWORD dwOwnerPID );
void printError( TCHAR* msg );int main( void )
{ListProcessThreads(GetCurrentProcessId() );return 0;
}BOOL ListProcessThreads( DWORD dwOwnerPID )
{ HANDLE hThreadSnap = INVALID_HANDLE_VALUE; THREADENTRY32 te32; // Take a snapshot of all running threads hThreadSnap = CreateToolhelp32Snapshot( TH32CS_SNAPTHREAD, 0 ); if( hThreadSnap == INVALID_HANDLE_VALUE ) return( FALSE ); // Fill in the size of the structure before using it. te32.dwSize = sizeof(THREADENTRY32 ); // Retrieve information about the first thread,// and exit if unsuccessfulif( !Thread32First( hThreadSnap, &te32 ) ) {printError( TEXT("Thread32First") ); // Show cause of failureCloseHandle( hThreadSnap ); // Must clean up the snapshot object!return( FALSE );}// Now walk the thread list of the system,// and display information about each thread// associated with the specified processdo { if( te32.th32OwnerProcessID == dwOwnerPID ){_tprintf( TEXT("\n THREAD ID = 0x%08X"), te32.th32ThreadID ); _tprintf( TEXT("\n base priority = %d"), te32.tpBasePri ); _tprintf( TEXT("\n delta priority = %d"), te32.tpDeltaPri ); }} while( Thread32Next(hThreadSnap, &te32 ) );_tprintf( TEXT("\n"));// Don't forget to clean up the snapshot object.CloseHandle( hThreadSnap );return( TRUE );
}void printError( TCHAR* msg )
{DWORD eNum;TCHAR sysMsg[256];TCHAR* p;eNum = GetLastError( );FormatMessage( FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,NULL, eNum,MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default languagesysMsg, 256, NULL );// Trim the end of the line and terminate it with a nullp = sysMsg;while( ( *p > 31 ) || ( *p == 9 ) )++p;do { *p-- = 0; } while( ( p >= sysMsg ) &&( ( *p == '.' ) || ( *p < 33 ) ) );// Display the message_tprintf( TEXT("\n WARNING: %s failed with error %d (%s)"), msg, eNum, sysMsg );
} 以下示例获取指定进程的模块列表。该ListProcessModules函数使用CreateToolhelp32Snapshot函数获取与给定进程关联的模块的快照,然后使用Module32First和Module32Next函数遍历列表。所述dwPID的参数ListProcessModules标识要列举的过程对于哪些模块,并且通常通过调用获得CreateToolHelp32Snapshot函数来枚举系统上运行的进程。有关使用此功能的简单控制台应用程序,请参阅拍摄快照和查看进程。
一个简单的错误报告功能 ,printError显示任何失败的原因,这通常是由安全限制引起的。
#include
#include
#include // Forward declarations:
BOOL ListProcessModules( DWORD dwPID );
void printError( TCHAR* msg ); int main( void )
{ListProcessModules(GetCurrentProcessId() );return 0;
}BOOL ListProcessModules( DWORD dwPID )
{ HANDLE hModuleSnap = INVALID_HANDLE_VALUE; MODULEENTRY32 me32; // Take a snapshot of all modules in the specified process. hModuleSnap = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwPID ); if( hModuleSnap == INVALID_HANDLE_VALUE ) { printError( TEXT("CreateToolhelp32Snapshot (of modules)") ); return( FALSE ); } // Set the size of the structure before using it. me32.dwSize = sizeof( MODULEENTRY32 ); // Retrieve information about the first module,
// and exit if unsuccessful if( !Module32First( hModuleSnap, &me32 ) ) { printError( TEXT("Module32First") ); // Show cause of failure CloseHandle( hModuleSnap ); // Must clean up the snapshot object! return( FALSE ); } // Now walk the module list of the process,
// and display information about each module do { _tprintf( TEXT("\n\n MODULE NAME: %s"), me32.szModule ); _tprintf( TEXT("\n executable = %s"), me32.szExePath ); _tprintf( TEXT("\n process ID = 0x%08X"), me32.th32ProcessID ); _tprintf( TEXT("\n ref count (g) = 0x%04X"), me32.GlblcntUsage ); _tprintf( TEXT("\n ref count (p) = 0x%04X"), me32.ProccntUsage ); _tprintf( TEXT("\n base address = 0x%08X"), (DWORD) me32.modBaseAddr ); _tprintf( TEXT("\n base size = %d"), me32.modBaseSize ); } while( Module32Next( hModuleSnap, &me32 ) ); _tprintf( TEXT("\n"));// Do not forget to clean up the snapshot object. CloseHandle( hModuleSnap ); return( TRUE );
} void printError( TCHAR* msg )
{DWORD eNum;TCHAR sysMsg[256];TCHAR* p;eNum = GetLastError( );FormatMessage( FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,NULL, eNum,MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default languagesysMsg, 256, NULL );// Trim the end of the line and terminate it with a nullp = sysMsg;while( ( *p > 31 ) || ( *p == 9 ) )++p;do { *p-- = 0; } while( ( p >= sysMsg ) &&( ( *p == '.' ) || ( *p < 33 ) ) );// Display the message_tprintf( TEXT("\n WARNING: %s failed with error %d (%s)"), msg, eNum, sysMsg );
} 本文来自互联网用户投稿,文章观点仅代表作者本人,不代表本站立场,不承担相关法律责任。如若转载,请注明出处。 如若内容造成侵权/违法违规/事实不符,请点击【内容举报】进行投诉反馈!