[原创]枚举系统进程代码 - C++教室 - C++论坛

问题点数：0 回复次数：3

[原创]枚举系统进程代码

*/ --------------------------------------------------------------------------------------
*/ 出自：编程中国 http://www.bc-cn.net
*/ 作者： cince
*/ 时间： 2007-9-18 编程论坛首发
*/ 声明：尊重作者劳动，转载请保留本段文字
*/ --------------------------------------------------------------------------------------


//COM: Microsoft Studio .

Head file:
======================
symbols.h
#define IDM_EXIT    100
#define IDM_KILL    101
======================
RESOURCE.h
#ifdef APSTUDIO_INVOKED
#ifndef APSTUDIO_READONLY_SYMBOLS
#define _APS_NO_MFC                     1
#define _APS_NEXT_RESOURCE_VALUE        102
#define _APS_NEXT_COMMAND_VALUE         40001
#define _APS_NEXT_CONTROL_VALUE         1001
#define _APS_NEXT_SYMED_VALUE           101
#endif
#endif
====================================
NTENUM.h
#ifndef NTENUM_H_INCLUDED
#define NTENUM_H_INCLUDED
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <vdmdbg.h>
#include <psapi.h>
#include <string.h>
#include \"enum.h\"
//Windows NT Functions
typedef BOOL (WINAPI *ENUMPROCESSES)(
  DWORD * lpidProcess,  // array to receive the process identifiers
  DWORD cb,             // size of the array
  DWORD * cbNeeded      // receives the number of bytes returned
);
typedef BOOL (WINAPI *ENUMPROCESSMODULES)(
  HANDLE hProcess,      // handle to the process
  HMODULE * lphModule,  // array to receive the module handles
  DWORD cb,             // size of the array
  LPDWORD lpcbNeeded    // receives the number of bytes returned
);
typedef DWORD (WINAPI *GETMODULEFILENAME)( 
  HANDLE hProcess,  // handle to the process
  HMODULE hModule,  // handle to the module
  LPTSTR lpstrFileName, // array to receive filename
  DWORD nSize   // size of filename array.
);
typedef DWORD (WINAPI *GETMODULEBASENAME)( 
  HANDLE hProcess,  // handle to the process
  HMODULE hModule,  // handle to the module
  LPTSTR lpstrFileName, // array to receive base name of module
  DWORD nSize   // size of module name array.
);
typedef INT (WINAPI *VDMENUMTASKWOWEX)(
  DWORD dwProcessId, // ID of NTVDM process
  TASKENUMPROCEX fp, // address of our callback function
  LPARAM lparam);  // anything we want to pass to the callback function.
class NT_process_enumerator : public process_enumerator {
enum { max_num = 1024 };
    HANDLE psapi; 
HANDLE vdmdbg;
    ENUMPROCESSES       EnumProcesses;
    GETMODULEFILENAME   GetModuleFileName;
    ENUMPROCESSMODULES  EnumProcessModules;  
VDMENUMTASKWOWEX VDMEnumTaskWOWEx;
GETMODULEBASENAME GetModuleBaseName;
static BOOL WINAPI show_task(DWORD dwThreadId, 
         WORD hMod16, 
         WORD hTask16,
         PSZ pszModName, 
         PSZ FileName, 
                                 LPARAM lpUserDefined);
    void show_task(char const *FileName, DWORD ProcessID) {
  process_enumerator::show_task(FileName, ProcessID);
}
public:
    NT_process_enumerator(display &d);
virtual bool real_show(); 
};
#endif
======================================
MAINWND.h
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
HWND CreateMainWnd();
======================================
ERROR.h
#include \"display.h\"
class error {
public:
    virtual void show(display &str) = 0;
};
class no_library : public error {
public:
    virtual void show(display &str) {
        str << \"Unable to load libraries\";
    }
};
class no_proc : public error {
public:
    virtual void show(display &str) {
        str << \"Unable to get procedure addresses\";
    }
};
===========================================
ENUM.h
#ifndef ENUM_H_INCLUDED
#define ENUM_H_INCLUDED
#include \"display.h\"
class process_enumerator {
    void header() {
        char string[256];
        wsprintf(string, \"          %-50s\t%10s\", \"Executable\", \"Process ID\");
        disp.heading(string);
    }
protected:
    display &disp;

    process_enumerator(display &d) : disp(d) {}
    virtual bool real_show() = 0;

    void show_task(char const *FileName, DWORD ProcessID) {
        char string[256];
        wsprintf(string, \"%-60s\t%#10x\", FileName, ProcessID);
        disp << string;
    }
public:
virtual void show() {
  header();
  real_show();
}
};
#endif
==========================================
DISPLAY.h
#ifndef DISPLAY_H_INCLUDED
#define DISPLAY_H_INCLUDED
#define WIN32_LEAN_AND_MEAN
#define WIN32_EXTRA_LEAN
#include <windows.h>
class display
{
public:
    virtual void show(char const *string) = 0;
    virtual void heading(char const *string) = 0;
    void system_error(char const *name);
    virtual void resize() {}
    virtual ~display() {}
};
class text_display : public display {
    HANDLE str;
public:
    text_display(HANDLE stream = INVALID_HANDLE_VALUE);
    virtual void show(char const *string);
    virtual void heading(char const *string) {
        show(string);
    }
};
class window_display : public display {
    HWND output;
    HWND parent;
public:
    static RECT rectDefault;
    window_display(HWND p, RECT &rectangle = rectDefault);
    virtual void show(char const *string);
    virtual void heading(char const *string);
    virtual void resize();
};
inline display &operator<<(display &d, char const *string) {
d.show(string);
return d;
}
#endif
===========================================
95ENUM.h
#ifndef WIN95_ENUM_H_INLCUDED
#define WIN95_ENUM_H_INLCUDED
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <tlhelp32.h>   // Toolhelp 32
#include \"enum.h\"
// Win95 functions
typedef BOOL (WINAPI *PROCESSWALK)(
    HANDLE hSnapshot,    
    LPPROCESSENTRY32 lppe
);

typedef HANDLE (WINAPI *CREATESNAPSHOT)(
    DWORD dwFlags, 
    DWORD th32ProcessID
); 
class Win95_enumerator : public process_enumerator 
{
HANDLE kernel;
    HANDLE snapshot;
    PROCESSENTRY32 proc;
    CREATESNAPSHOT CreateToolhelp32Snapshot; 
    PROCESSWALK Process32First; 
    PROCESSWALK Process32Next; 
protected:
virtual bool real_show();
public:
    Win95_enumerator(display &d);
};
#endif
=============================================

[此贴子已经被作者于2007-9-18 15:22:28编辑过]

搜索更多相关主题的帖子: Microsoft　进程　系统　枚举　代码　

//kill.c
#include <windows.h>
#include <stdio.h>
/* Kill.c: Kill a process given its Process ID on the command line
*/
int main(int argc, char **argv) {
HANDLE process;
DWORD PID;
if ( 2 != argc ) {
fprintf(stderr, \"\nUsage: kill <PID>\");
return 1;
}

PID = strtoul(argv[1], NULL, 0); // base 0 allows 0x prefix for hex input...
process = OpenProcess(PROCESS_TERMINATE, 0, PID);
TerminateProcess(process, (unsigned)-1);
return 0;
}
=================
#include \"95enum.h\"
Win95_enumerator::Win95_enumerator(display &d) :
process_enumerator(d),
kernel(GetModuleHandle(\"KERNEL32.DLL\"))
{
if ( NULL == kernel )
return;
CreateToolhelp32Snapshot =
(CREATESNAPSHOT)GetProcAddress((HINSTANCE)kernel,
\"CreateToolhelp32Snapshot\");
Process32First = (PROCESSWALK)GetProcAddress((HINSTANCE)kernel,
\"Process32First\");
Process32Next = (PROCESSWALK)GetProcAddress((HINSTANCE)kernel,
\"Process32Next\");
if (
NULL == CreateToolhelp32Snapshot ||
NULL == Process32First ||
NULL == Process32Next)
return;
proc.dwSize = sizeof(proc);
}
bool Win95_enumerator::real_show()
{
if (
NULL == CreateToolhelp32Snapshot ||
NULL == Process32First ||
NULL == Process32Next)
return false;
snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
/* Now that we have a snapshot of the system state, we simply
* walk the list it represents by calling Process32First once,
* then call Proces32Next repeatedly until we get to the end
* of the list.
*/
Process32First(snapshot, &proc);
show_task(proc.szExeFile, proc.th32ProcessID);
while (TRUE == Process32Next(snapshot, &proc))
show_task(proc.szExeFile, proc.th32ProcessID);
/* This should happen automatically when we terminate, but it never
* hurts to clean up after ourselves.
*/
CloseHandle(snapshot);
return true;
}
========================
#include \"display.h\"
extern char head_string[];
void display::system_error(char const *name)
{
// Retrieve, format, and print out a message from the
// last errror. The `name' that's passed should be in the form of a
// present tense noun (phrase) such as \"opening file\".
//
char *ptr = NULL;
FormatMessage(
FORMAT_MESSAGE_ALLOCATE_BUFFER |
FORMAT_MESSAGE_FROM_SYSTEM,
0,
GetLastError(),
0,
(char *)&ptr,
1024,
NULL);
(*this) << \"Error \" << name << \": \" << ptr;
LocalFree(ptr);
}
void window_display::heading(char const *string) {
for ( int i=0; string[i]; i++)
head_string[i] = string[i];
RECT parent_rect;
GetClientRect(parent, &parent_rect);
InvalidateRect(parent, &parent_rect, true);
UpdateWindow(parent);
}

void window_display::show(char const *string)
{
SendMessage(output, LB_ADDSTRING, 0 , (long)string);
}
void window_display::resize() {
RECT rect;
GetClientRect(parent, &rect);
MoveWindow(output,
rect.left,
rect.top + 20,
rect.right,
rect.bottom - 20,
true);
}
window_display::window_display(HWND p, RECT &rect) :
parent(p)
{
if ( rect.left == CW_USEDEFAULT )
GetClientRect(parent, &rect);
output = CreateWindow(\"LISTBOX\",
\"Processes\",
WS_VSCROLL | WS_VISIBLE | WS_CHILD | LBS_USETABSTOPS |
LBS_NOINTEGRALHEIGHT,
rect.left,
rect.top + 20,
rect.right - rect.left,
rect.bottom - rect.top - 20,
parent,
NULL,
GetModuleHandle(NULL),
NULL);
int width = (rect.right - rect.left) / 4;
int tab_stop = width - 10;
SendMessage(output, LB_SETTABSTOPS, 1, (long)&tab_stop);
}
RECT window_display::rectDefault = {
CW_USEDEFAULT,
CW_USEDEFAULT,
CW_USEDEFAULT,
CW_USEDEFAULT
};

void text_display::show(char const *string)
{
char newline = '\n';
DWORD written;
WriteFile(str, string, strlen(string), &written, NULL);
WriteFile(str, &newline, 1, &written, NULL);
}
text_display::text_display(HANDLE stream) : str(stream)
{
if (INVALID_HANDLE_VALUE == str) {
str = GetStdHandle(STD_OUTPUT_HANDLE);
if ( str == INVALID_HANDLE_VALUE)
MessageBox(NULL, \"Unable to get standard output handle\",
\"Error\", MB_OK | MB_ICONERROR);
}
}
=================================

#include \"mainwnd.h\"
#include \"symbols.h\"
#include \"display.h\"
#include <string.h>
extern display *d;
char head_string[256];
static LRESULT CALLBACK WndProc(HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam) {
PAINTSTRUCT ps;
HDC hdc;
static int tab;
switch (message) {
case WM_CREATE:
head_string[0] = '\0';
RECT rect;
GetClientRect(hWnd, &rect);
tab = rect.right - rect.left - 400;
return TRUE;
case WM_SIZE:
if ( d )
d->resize();
break;
case WM_SETFOCUS:
break;

case WM_PAINT: {
hdc = BeginPaint (hWnd, &ps);
TabbedTextOut(hdc,
0,
0,
head_string,
strlen(head_string),
1,
&tab,
0);
EndPaint (hWnd, &ps);
break;
}
case WM_DESTROY:
PostQuitMessage(0);
break;
case WM_COMMAND:
switch(wParam) {
case IDM_EXIT:
PostQuitMessage(0);
break;
default:
break;
}
break;
default:
return DefWindowProc(hWnd, message, wParam, lParam);
}
return 0;
}

HWND CreateMainWnd()
{
WNDCLASS wc;
HINSTANCE hInstance = (HINSTANCE)GetModuleHandle(NULL);
HWND hWnd;
wc.style = CS_PARENTDC;
wc.lpfnWndProc = (WNDPROC)WndProc;
wc.cbClsExtra = 0;
wc.cbWndExtra = 0;
wc.hInstance = hInstance;
wc.hIcon = LoadIcon (hInstance, \"PS\");
wc.hCursor = LoadCursor(NULL, IDC_ARROW);
wc.hbrBackground = (HBRUSH)(COLOR_WINDOW+1);
wc.lpszMenuName = \"PS\";
wc.lpszClassName = \"PS\";
RegisterClass(&wc);
hWnd = CreateWindow(\"PS\",
\"Processes\",
WS_OVERLAPPEDWINDOW,
CW_USEDEFAULT,
0,
CW_USEDEFAULT,
0,
NULL,
NULL,
hInstance,
NULL);

if (!hWnd) {
int reason = GetLastError();
return NULL;
}
ShowWindow(hWnd, SW_SHOWDEFAULT);
UpdateWindow(hWnd);
return hWnd;
}
=========================================
#include \"95enum.h\"
#include \"NTenum.h\"
#include \"mainwnd.h\"
display *d = NULL;
int main(int argc, char **argv)
{
OSVERSIONINFO info;
info.dwOSVersionInfoSize = sizeof(info);
GetVersionEx(&info);
HWND window = NULL;
process_enumerator *processes;
if ( argc > 1 ) {
window = CreateMainWnd();
d=new window_display(window);
}
else
d=new text_display;
if (info.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS )
processes = new Win95_enumerator(*d);
else if ( info.dwPlatformId == VER_PLATFORM_WIN32_NT )
processes = new NT_process_enumerator(*d);
else
MessageBox(NULL,
\"Error\",
\"Sorry: This doesn't work on Win32s\",
MB_OK);
processes->show();
MSG msg;
if ( window ) {
while ( GetMessage(&msg, NULL, 0, 0)) {
TranslateMessage(&msg);
DispatchMessage(&msg);
}
}
delete d;
return 0;
}
=====================================
#include \"NTenum.h\"
NT_process_enumerator::NT_process_enumerator(display &d) :
process_enumerator(d)
{
psapi = LoadLibrary(\"PSAPI.DLL\");
vdmdbg = LoadLibrary(\"VDMDBG.DLL\");
if ( NULL == psapi || NULL == vdmdbg )
return;
VDMEnumTaskWOWEx = (VDMENUMTASKWOWEX)GetProcAddress(
(HINSTANCE)vdmdbg, \"VDMEnumTaskWOWEx\");
EnumProcesses =(ENUMPROCESSES)GetProcAddress(
(HINSTANCE)psapi, \"EnumProcesses\");
GetModuleFileName = (GETMODULEFILENAME)GetProcAddress(
(HINSTANCE)psapi, \"GetModuleFileNameExA\");
GetModuleBaseName = (GETMODULEBASENAME)GetProcAddress(
(HINSTANCE)psapi, \"GetModuleBaseNameA\");
EnumProcessModules = (ENUMPROCESSMODULES)GetProcAddress(
(HINSTANCE)psapi, \"EnumProcessModules\");
if (
NULL == VDMEnumTaskWOWEx ||
NULL == EnumProcesses ||
NULL == GetModuleFileName ||
NULL == GetModuleBaseName ||
NULL == EnumProcessModules )
return;
}
bool
NT_process_enumerator::real_show() {
DWORD process_ids[max_num];
DWORD num_processes;
if (
NULL == VDMEnumTaskWOWEx ||
NULL == EnumProcesses ||
NULL == GetModuleFileName ||
NULL == GetModuleBaseName ||
NULL == EnumProcessModules )
return false;
int success = EnumProcesses(process_ids,
sizeof(process_ids),
&num_processes);
num_processes /= sizeof(process_ids[0]);
if ( !success ) {
disp.system_error(\"Enumerating Processes\");
return false;
}
for ( unsigned i=0; i<num_processes; i++) {
HANDLE process = OpenProcess(
PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE,
process_ids[i]);
HMODULE modules[max_num];
DWORD num_modules;
char file_name[MAX_PATH];
EnumProcessModules(process,
modules,
sizeof(modules),
&num_modules);
num_modules /= sizeof(modules[0]);
if (GetModuleFileName(process,
modules[0],
file_name,
sizeof(file_name)))
{
show_task(file_name, process_ids[i]);
GetModuleBaseName(process,
modules[0],
file_name,
sizeof(file_name));
if ( 0 == _stricmp(file_name, \"NTVDM.EXE\"))
{
// We've got an NT VDM -- enumerate the processes
// it contains.
VDMEnumTaskWOWEx(process_ids[i], show_task, (long)&disp);
}
}
CloseHandle(process);
}
FreeLibrary((HINSTANCE)vdmdbg);
FreeLibrary((HINSTANCE)psapi);
return true;
}
BOOL WINAPI
NT_process_enumerator::show_task(DWORD dwThreadId,
WORD hMod16,
WORD hTask16,
PSZ pszModName,
PSZ FileName,
LPARAM lpUserDefined)
{
display &disp = *(display *)lpUserDefined;
char string[256];
wsprintf(string,\" %-55s\t%#10x\", FileName, hTask16);
disp << string;
return TRUE;
}