C++掃描系統進程代碼
自己一直想做一個和windows資源管理器一樣的程序,所以看了一下如何列舉系統的所有進程。主要用到幾個函數
CreateToolhelp32Snapshot,Process32First,Process32Next和一個結構體PROCESSENTRY32。其中用法可以看百度百科或MSDN
#include <windows.h>include <tlhelp32.h>
include <tchar.h>
include <stdio.h>
include<iostream>
using namespace std; int main() { HANDLE hProcessSnap; HANDLE hProcess; PROCESSENTRY32 pe32;//用來存儲進程的相關信息 DWORD dwPriorityClass;//
//建立進程快照 hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0);//獲得系統進程的快照 if(hProcessSnap == INVALID_HANDLE_VALUE) { cout<<"快照創建失敗"<<endl; return 0; } pe32.dwSize = sizeof(PROCESSENTRY32); if(Process32First( hProcessSnap, &pe32) == NULL) { cout<<"error"<<endl; CloseHandle(hProcessSnap); } int i = 0; do{ cout<<"------------"<<i++<<"個進程------------------------"<<endl; //cout<<" name : "<<pe32.szExeFile<<endl; _tprintf( TEXT("\nPROCESS NAME: %s"), pe32.szExeFile ); cout<<endl; cout<< "Process ID = "<< pe32.th32ProcessID <<endl; cout<< "Thread count = "<<pe32.cntThreads <<endl; cout<< "Parent process ID = "<< pe32.th32ParentProcessID <<endl;; cout<< "Priority base = "<< pe32.pcPriClassBase <<endl; }while( Process32Next( hProcessSnap, &pe32) ); return 0;} </pre>
當然,上面程序是我從一個程序中摘出來的,這是源程序,忘了引用的哪了,如果作者看到,請告知引用地址。
這個程序實現了對系統進程,單個進程和線程的快照,主要還是拿幾個函數,有時間的話做一個可視化的,和大家分享#include <windows.h>include <tlhelp32.h>
include <tchar.h>
include <stdio.h>
// Forward declarations: BOOL GetProcessList( ); BOOL ListProcessModules( DWORD dwPID ); BOOL ListProcessThreads( DWORD dwOwnerPID ); void printError( TCHAR msg ); void main( ) {
GetProcessList( ); } BOOL GetProcessList( ) {
HANDLE hProcessSnap;
HANDLE hProcess;
PROCESSENTRY32 pe32; //用來存放快照進程信息的一個結構體 DWORD dwPriorityClass; // Take a snapshot of all processes in the system.
hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
/ CreateToolhelp32Snapshot函數為指定的進程、進程使用的堆[HEAP]、模塊[MODULE]、線程[THREAD])建立一個快照[snapshot]。 HANDLE WINAPI CreateToolhelp32Snapshot( DWORD dwFlags, //用來指定“快照”中需要返回的對象,可以是TH32CS_SNAPPROCESS等 DWORD th32ProcessID //一個進程ID號,用來指定要獲取哪一個進程的快照,當獲取系統進程列表或獲取當前進程快照時可以設為0 ); / if( hProcessSnap == INVALID_HANDLE_VALUE )
{
printError( TEXT("CreateToolhelp32Snapshot (of processes)") );
return( FALSE );
} // Set the size of the structure before using it.
pe32.dwSize = sizeof( PROCESSENTRY32 ); // Retrieve information about the first process,
// and exit if unsuccessful if( !Process32First( hProcessSnap, &pe32 ) )
{
printError( TEXT("Process32First") ); // show cause of failure
CloseHandle( hProcessSnap ); // clean the snapshot object
( FALSE );
} // Now walk the snapshot of processes, and
// display information about each process in turn
do { printf( "\n\n=====================================================" );
_tprintf( TEXT("\nPROCESS NAME: %s"), pe32.szExeFile );
printf( "\n-----------------------------------------------------" ); // Retrieve the priority class.
dwPriorityClass = 0;
hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID );
/ OpenProcess 函數用來打開一個已存在的進程對象,并返回進程的句柄。 1.函數原型 HANDLE OpenProcess( DWORD dwDesiredAccess, //渴望得到的訪問權限(標志) BOOL bInheritHandle, // 是否繼承句柄 DWORD dwProcessId// 進程標示符 ); / if( hProcess == NULL ) printError( TEXT("OpenProcess") );
else {
dwPriorityClass = GetPriorityClass( hProcess );
if( !dwPriorityClass )
printError( TEXT("GetPriorityClass") );
CloseHandle( hProcess );
}
printf( "\n Process ID = 0x%08X", pe32.th32ProcessID );
printf( "\n Thread count = %d", pe32.cntThreads );
printf( "\n Parent process ID = 0x%08X", pe32.th32ParentProcessID );
printf( "\n Priority base = %d", pe32.pcPriClassBase );
if( dwPriorityClass )
printf( "\n Priority class = %d", dwPriorityClass ); // List the modules and threads associated with this process
//ListProcessModules( pe32.th32ProcessID );
//ListProcessThreads( pe32.th32ProcessID ); } while( Process32Next( hProcessSnap, &pe32 ) ); CloseHandle( hProcessSnap );
return( TRUE ); } BOOL ListProcessModules( DWORD dwPID ) { HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
MODULEENTRY32 me32; // Take a snapshot of all modules in the specified process.
hModuleSnap = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwPID ); if( hModuleSnap == INVALID_HANDLE_VALUE )
{ printError( TEXT("CreateToolhelp32Snapshot (of modules)") );
return( FALSE ); } // Set the size of the structure before using it. me32.dwSize = sizeof( MODULEENTRY32 ); // Retrieve information about the first module,
// and exit if unsuccessful
if( !Module32First( hModuleSnap, &me32 ) )
{ printError( TEXT("Module32First") ); // show cause of failure
CloseHandle( hModuleSnap ); // clean the snapshot object
return( FALSE ); } // Now walk the module list of the process,
// and display information about each module
do { _tprintf( TEXT("\n\n MODULE NAME: %s"), me32.szModule ); _tprintf( TEXT("\n Executable = %s"), me32.szExePath ); printf( "\n Process ID = 0x%08X", me32.th32ProcessID ); printf( "\n Ref count (g) = 0x%04X", me32.GlblcntUsage ); printf( "\n Ref count (p) = 0x%04X", me32.ProccntUsage ); printf( "\n Base address = 0x%08X", (DWORD) me32.modBaseAddr );
printf( "\n Base size = %d", me32.modBaseSize ); } while( Module32Next( hModuleSnap, &me32 ) );
CloseHandle( hModuleSnap );
return( TRUE ); } BOOL ListProcessThreads( DWORD dwOwnerPID )
{
HANDLE hThreadSnap = INVALID_HANDLE_VALUE;
THREADENTRY32 te32; // Take a snapshot of all running threads
hThreadSnap = CreateToolhelp32Snapshot( TH32CS_SNAPTHREAD, 0 );
if( hThreadSnap == INVALID_HANDLE_VALUE )
return( FALSE ); // Fill in the size of the structure before using it.
te32.dwSize = sizeof(THREADENTRY32 ); // Retrieve information about the first thread,
// and exit if unsuccessful
if( !Thread32First( hThreadSnap, &te32 ) )
{ printError( TEXT("Thread32First") ); // show cause of failure
CloseHandle( hThreadSnap ); // clean the snapshot object
return( FALSE ); } // Now walk the thread list of the system, // and display information about each thread
// associated with the specified process
do {
if( te32.th32OwnerProcessID == dwOwnerPID )
{
printf( "\n\n THREAD ID = 0x%08X", te32.th32ThreadID );
printf( "\n Base priority = %d", te32.tpBasePri ); printf( "\n Delta priority = %d", te32.tpDeltaPri );
}
} while( Thread32Next(hThreadSnap, &te32 ) );
CloseHandle( hThreadSnap );
return( TRUE ); } void printError( TCHAR msg ) {
DWORD eNum;
TCHAR sysMsg[256];
TCHAR p;
eNum = GetLastError( );
FormatMessage( FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, NULL, eNum, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language
sysMsg,256, NULL ); // Trim the end of the line and terminate it with a null
p = sysMsg; while( ( p > 31 ) || ( p == 9 ) )
++p;
do { p-- = 0; } while( ( p >= sysMsg ) && ( ( p == '.' ) || ( p < 33 ) ) ); // Display the message
_tprintf( TEXT("\n WARNING: %s failed with error %d (%s)"), msg, eNum, sysMsg ); } </pre>