C/C++进程/线程/模块遍历
遍历进程
#include <windows.h> #include <tlhelp32.h> //进程快照函数头文件 #include <stdio.h>int main()
{
int countProcess=0; //当前进程数量计数变量
PROCESSENTRY32 currentProcess; //存放快照进程信息的一个结构体
currentProcess.dwSize = sizeof(currentProcess); //在使用这个结构之前,先设置它的大小
HANDLE hProcess = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);//给系统内的所有进程拍一个快照<span style="color: #0000ff;">if</span> (hProcess ==<span style="color: #000000;"> INVALID_HANDLE_VALUE) { printf(</span><span style="color: #800000;">"</span><span style="color: #800000;">CreateToolhelp32Snapshot()调用失败!\n</span><span style="color: #800000;">"</span><span style="color: #000000;">); </span><span style="color: #0000ff;">return</span> -<span style="color: #800080;">1</span><span style="color: #000000;">; } </span><span style="color: #0000ff;">bool</span> bMore=Process32First(hProcess,¤tProcess); <span style="color: #008000;">//</span><span style="color: #008000;">获取第一个进程信息</span> <span style="color: #0000ff;">while</span><span style="color: #000000;">(bMore) { printf(</span><span style="color: #800000;">"</span><span style="color: #800000;">PID=%5u PName= %s\n</span><span style="color: #800000;">"</span>,currentProcess.th32ProcessID,currentProcess.szExeFile); <span style="color: #008000;">//</span><span style="color: #008000;">遍历进程快照,轮流显示每个进程信息</span> bMore=Process32Next(hProcess,¤tProcess); <span style="color: #008000;">//</span><span style="color: #008000;">遍历下一个</span> countProcess++<span style="color: #000000;">; } CloseHandle(hProcess); </span><span style="color: #008000;">//</span><span style="color: #008000;">清除hProcess句柄</span> printf(<span style="color: #800000;">"</span><span style="color: #800000;">共有以上%d个进程在运行\n</span><span style="color: #800000;">"</span><span style="color: #000000;">,countProcess); system(</span><span style="color: #800000;">"</span><span style="color: #800000;">pause</span><span style="color: #800000;">"</span><span style="color: #000000;">); </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">0</span><span style="color: #000000;">;}
遍历线程
#include <windows.h> #include <TlHelp32.h>#include
<iostream>
#include <map>
#include <string>
using namespace std;BOOL traverseProcess(std::map
<std::string, int>&_nameID){PROCESSENTRY32 pe32; pe32.dwSize </span>= <span style="color: #0000ff;">sizeof</span><span style="color: #000000;">(PROCESSENTRY32); HANDLE hProcessSnap; hProcessSnap </span>= CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, <span style="color: #800080;">0</span><span style="color: #000000;">); </span><span style="color: #0000ff;">if</span> (hProcessSnap ==<span style="color: #000000;"> INVALID_HANDLE_VALUE){ cout </span><< <span style="color: #800000;">"</span><span style="color: #800000;">CreateToolhelp32Snapshot Error!</span><span style="color: #800000;">"</span> <<<span style="color: #000000;"> endl; </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } </span><span style="color: #0000ff;">if</span> (!Process32First(hProcessSnap, &<span style="color: #000000;">pe32)){ cout </span><< <span style="color: #800000;">"</span><span style="color: #800000;">Process32First Error!</span><span style="color: #800000;">"</span> <<<span style="color: #000000;"> endl; CloseHandle(hProcessSnap); </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } </span><span style="color: #0000ff;">int</span> num = <span style="color: #800080;">0</span><span style="color: #000000;">; </span><span style="color: #0000ff;">do</span><span style="color: #000000;">{ </span><span style="color: #0000ff;">int</span> id =<span style="color: #000000;"> pe32.th32ProcessID; cout </span><< <span style="color: #800000;">"</span><span style="color: #800000;">[</span><span style="color: #800000;">"</span> << ++num << <span style="color: #800000;">"</span><span style="color: #800000;">]:</span><span style="color: #800000;">"</span> << <span style="color: #800000;">"</span><span style="color: #800000;">------------</span><span style="color: #800000;">"</span> << <span style="color: #800000;">"</span><span style="color: #800000;">Process ID = </span><span style="color: #800000;">"</span> << id <<<span style="color: #000000;"> endl; } </span><span style="color: #0000ff;">while</span> (Process32Next(hProcessSnap, &<span style="color: #000000;">pe32)); CloseHandle(hProcessSnap); </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">true</span><span style="color: #000000;">;}
int main(){
map<string, int> _nameID;</span><span style="color: #0000ff;">if</span> (!<span style="color: #000000;">traverseProcess(_nameID)){ cout </span><< <span style="color: #800000;">"</span><span style="color: #800000;">Start Process Error!</span><span style="color: #800000;">"</span> <<<span style="color: #000000;"> endl; } system(</span><span style="color: #800000;">"</span><span style="color: #800000;">pause</span><span style="color: #800000;">"</span><span style="color: #000000;">);}
遍历进程模块1
#include <windows.h> #include <TlHelp32.h> #include <locale.h> #include <stdio.h>bool GetModuleList(DWORD dwPId) {
HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
MODULEENTRY32 me32 = { sizeof(MODULEENTRY32) };
// 1. 创建一个模块相关的快照句柄
hModuleSnap = CreateToolhelp32Snapshot(
TH32CS_SNAPMODULE, // 指定快照的类型
dwPId); // 指定进程
if (hModuleSnap == INVALID_HANDLE_VALUE)
return false;</span><span style="color: #008000;">//</span><span style="color: #008000;"> 2. 通过模块快照句柄获取第一个模块信息</span> <span style="color: #0000ff;">if</span> (!Module32First(hModuleSnap, &<span style="color: #000000;">me32)) { CloseHandle(hModuleSnap); </span><span style="color: #0000ff;">return</span> <span style="color: #0000ff;">false</span><span style="color: #000000;">; } </span><span style="color: #008000;">//</span><span style="color: #008000;"> 3. 循环获取模块信息</span> <span style="color: #0000ff;">do</span><span style="color: #000000;"> { wprintf(L</span><span style="color: #800000;">"</span><span style="color: #800000;">模块基址:%d,模块大小:%d,模块名称:%s\n</span><span style="color: #800000;">"</span><span style="color: #000000;">,me32.modBaseAddr, me32.modBaseSize, me32.szModule); } </span><span style="color: #0000ff;">while</span> (Module32Next(hModuleSnap, &<span style="color: #000000;">me32)); </span><span style="color: #008000;">//</span><span style="color: #008000;"> 4. 关闭句柄并退出函数</span>CloseHandle(hModuleSnap);
}int main()
{
setlocale(LC_ALL, “chs“);
DWORD dwId = 0;
printf(“请输入一个ID:“);
scanf_s(“%ud“, &dwId);
GetModuleList(dwId);
getchar();
}
遍历进程模块2
#include <stdio.h> #include <stdlib.h> #include <windows.h> #include <Tlhelp32.h>BOOL SetProcessPrivilege(
char *lpName, BOOL opt); int main(int argc, char *argv[])
{
PROCESSENTRY32 pe32;
MODULEENTRY32 me32;
HANDLE hProcess, hSnapshot_proc, hSnapshot_mod;
pe32.dwSize = sizeof(pe32);
SetProcessPrivilege(“SeDebugPrivilege“, 1);
hSnapshot_proc = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (Process32First(hSnapshot_proc, &pe32))
{
do
{
hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, pe32.th32ProcessID);
if (pe32.th32ProcessID && pe32.th32ProcessID != 4 && pe32.th32ProcessID != 8)
{
printf(“PID: %d >>> ProcName: %s\n“, pe32.th32ProcessID, pe32.szExeFile);
me32.dwSize = sizeof(me32);
hSnapshot_mod = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pe32.th32ProcessID);
Module32First(hSnapshot_mod, &me32);
do
{
printf(“ModName: %s -> Path: %s\n“, me32.szModule, me32.szExePath);
} while (Module32Next(hSnapshot_mod, &me32));
printf(“——\n\n“);
CloseHandle(hSnapshot_mod);
}
CloseHandle(hProcess);
} while (Process32Next(hSnapshot_proc, &pe32));
}
SetProcessPrivilege(“SeDebugPrivilege“, 0);
CloseHandle(hSnapshot_proc);
system(“pause“);
return 0;
}BOOL SetProcessPrivilege(
char *lpName, BOOL opt)
{
HANDLE tokenhandle;
TOKEN_PRIVILEGES NewState;</span><span style="color: #0000ff;">if</span> (OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &<span style="color: #000000;">tokenhandle)) { LookupPrivilegeValue(NULL, lpName, </span>&NewState.Privileges[<span style="color: #800080;">0</span><span style="color: #000000;">].Luid); NewState.PrivilegeCount </span>= <span style="color: #800080;">1</span><span style="color: #000000;">; NewState.Privileges[</span><span style="color: #800080;">0</span>].Attributes = opt != <span style="color: #800080;">0</span> ? <span style="color: #800080;">2</span> : <span style="color: #800080;">0</span><span style="color: #000000;">; AdjustTokenPrivileges(tokenhandle, FALSE, </span>&NewState, <span style="color: #0000ff;">sizeof</span><span style="color: #000000;">(NewState), NULL, NULL); CloseHandle(tokenhandle); </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">1</span><span style="color: #000000;">; } </span><span style="color: #0000ff;">else</span><span style="color: #000000;"> { </span><span style="color: #0000ff;">return</span> <span style="color: #800080;">0</span><span style="color: #000000;">; }}
遍历模块3
#include <stdio.h>void GetModuleList(DWORD dwPId) {
HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
MODULEENTRY32 me32 = { sizeof(MODULEENTRY32) };hModuleSnap </span>=<span style="color: #000000;"> CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,dwPId); </span><span style="color: #0000ff;">if</span> (!Module32First(hModuleSnap, &<span style="color: #000000;">me32)) { CloseHandle(hModuleSnap); } </span><span style="color: #0000ff;">do</span><span style="color: #000000;"> { printf(</span><span style="color: #800000;">"</span><span style="color: #800000;">ModeBase: %d \t ModeSize: %d \t %s\n</span><span style="color: #800000;">"</span><span style="color: #000000;">, me32.modBaseAddr, me32.modBaseSize, me32.szExePath); } </span><span style="color: #0000ff;">while</span> (Module32Next(hModuleSnap, &<span style="color: #000000;">me32));}
int main()
{
DWORD dwId = 1988;
GetModuleList(dwId);
getchar();
}