//遍历进程
#include <windows.h>
#include <tlhelp32.h> //进程快照函数头文件
#include <stdio.h>
int main()
{
int countProcess=0; //当前进程数量计数变量
PROCESSENTRY32 currentProcess; //存放快照进程信息的一个结构体
currentProcess.dwSize = sizeof(currentProcess); //在使用这个结构之前,先设置它的大小
HANDLE hProcess = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);//给系统内的所有进程拍一个快照
if (hProcess == INVALID_HANDLE_VALUE)
{
printf("CreateToolhelp32Snapshot()调用失败!");
return -1;
}
bool bMore=Process32First(hProcess,¤tProcess); //获取第一个进程信息
while(bMore)
{
printf("PID=%5u PName= %s
",currentProcess.th32ProcessID,currentProcess.szExeFile); //遍历进程快照,轮流显示每个进程信息
bMore=Process32Next(hProcess,¤tProcess); //遍历下一个
countProcess++;
}
CloseHandle(hProcess); //清除hProcess句柄
printf("共有以上%d个进程在运行
",countProcess);
system("pause");
return 0;
}
//遍历线程
#include <windows.h>
#include <TlHelp32.h>
#include <iostream>
#include <map>
#include <string>
using namespace std;
BOOL traverseProcess(std::map<std::string, int>&_nameID)
{
PROCESSENTRY32 pe32;
pe32.dwSize = sizeof(PROCESSENTRY32);
HANDLE hProcessSnap;
hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hProcessSnap == INVALID_HANDLE_VALUE)
{
cout << "CreateToolhelp32Snapshot Error!" << endl;
return false;
}
if (!Process32First(hProcessSnap, &pe32))
{
cout << "Process32First Error!" << endl;
CloseHandle(hProcessSnap);
return false;
}
int num = 0;
do{
int id = pe32.th32ProcessID;
cout << "[" << ++num << "]:" << "------------" << "Process ID = " << id << endl;
} while (Process32Next(hProcessSnap, &pe32));
CloseHandle(hProcessSnap);
return true;
}
int main()
{
map<string, int> _nameID;
if (!traverseProcess(_nameID))
{
cout << "Start Process Error!" << endl;
}
system("pause");
}
//遍历进程模块1
#include <windows.h>
#include <TlHelp32.h>
#include <locale.h>
#include <stdio.h>
bool GetModuleList(DWORD dwPId)
{
HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
MODULEENTRY32 me32 = { sizeof(MODULEENTRY32) };
// 1. 创建一个模块相关的快照句柄
hModuleSnap = CreateToolhelp32Snapshot(
TH32CS_SNAPMODULE, // 指定快照的类型
dwPId); // 指定进程
if (hModuleSnap == INVALID_HANDLE_VALUE)
return false;
// 2. 通过模块快照句柄获取第一个模块信息
if (!Module32First(hModuleSnap, &me32)) {
CloseHandle(hModuleSnap);
return false;
}
// 3. 循环获取模块信息
do {
wprintf(L"模块基址:%d,模块大小:%d,模块名称:%s",me32.modBaseAddr, me32.modBaseSize, me32.szModule);
} while (Module32Next(hModuleSnap, &me32));
// 4. 关闭句柄并退出函数
CloseHandle(hModuleSnap);
}
int main()
{
setlocale(LC_ALL, "chs");
DWORD dwId = 0;
printf("请输入一个ID:");
scanf_s("%ud", &dwId);
GetModuleList(dwId);
getchar();
}
//遍历进程模块2
#include <stdio.h>
//#include <stdlib.h>
//#include <windows.h>
//#include <Tlhelp32.h>
#include <atlstr.h>
#include <windows.h>
#include <TlHelp32.h>
#include <iostream>
#include <map>
#include <string>
BOOL SetProcessPrivilege(char *lpName, BOOL opt);
int main(int argc, char *argv[])
{
PROCESSENTRY32 pe32;
MODULEENTRY32 me32;
HANDLE hProcess, hSnapshot_proc, hSnapshot_mod;
pe32.dwSize = sizeof(pe32);
SetProcessPrivilege("SeDebugPrivilege", 1);
hSnapshot_proc = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (Process32First(hSnapshot_proc, &pe32))
{
do
{
hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, pe32.th32ProcessID);
if (pe32.th32ProcessID && pe32.th32ProcessID != 4 && pe32.th32ProcessID != 8)
{
printf("PID: %d >>> ProcName: %s", pe32.th32ProcessID, pe32.szExeFile);
me32.dwSize = sizeof(me32);
hSnapshot_mod = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pe32.th32ProcessID);
Module32First(hSnapshot_mod, &me32);
do
{
printf("ModName: %s -> Path: %s", me32.szModule, me32.szExePath);
} while (Module32Next(hSnapshot_mod, &me32));
printf("------");
CloseHandle(hSnapshot_mod);
}
CloseHandle(hProcess);
} while (Process32Next(hSnapshot_proc, &pe32));
}
SetProcessPrivilege("SeDebugPrivilege", 0);
CloseHandle(hSnapshot_proc);
system("pause");
return 0;
}
BOOL SetProcessPrivilege(char *lpName, BOOL opt)
{
HANDLE tokenhandle;
TOKEN_PRIVILEGES NewState;
if (OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &tokenhandle))
{
LookupPrivilegeValue(NULL, lpName, &NewState.Privileges[0].Luid);
NewState.PrivilegeCount = 1;
NewState.Privileges[0].Attributes = opt != 0 ? 2 : 0;
AdjustTokenPrivileges(tokenhandle, FALSE, &NewState, sizeof(NewState), NULL, NULL);
CloseHandle(tokenhandle);
return 1;
}
else
{
return 0;
}
}
// 遍历模块3
#include <stdio.h>
#include <atlstr.h>
#include <windows.h>
#include <TlHelp32.h>
#include <iostream>
#include <map>
#include <string>
void GetModuleList(DWORD dwPId) {
HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
MODULEENTRY32 me32 = { sizeof(MODULEENTRY32) };
hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,dwPId);
if (!Module32First(hModuleSnap, &me32))
{
CloseHandle(hModuleSnap);
}
do {
printf("ModeBase: %d ModeSize: %d %s", me32.modBaseAddr, me32.modBaseSize, me32.szExePath);
} while (Module32Next(hModuleSnap, &me32));
}
int main()
{
DWORD dwId = 1988;
GetModuleList(dwId);
getchar();
}
本文引用地址:
(http://t.zoukankan.com/LyShark-p-9158601.html)