body
{
font-family: Bitstream Vera Sans Mono;
font-size: 11pt;
line-height: 1.5;
}
html, body
{
color: #000000;
background-color: #C2E7C7;
}
h1 {
font-size:1.5em;
font-weight:bold;
}
h2 {
font-size:1.4em;
font-weight:bold;
}
h3 {
font-size:1.3em;
font-weight:bold;
}
h4 {
font-size:1.2em;
font-weight:bold;
}
h5 {
font-size:1.1em;
font-weight:bold;
}
h6 {
font-size:1.0em;
font-weight:bold;
}
img {
border:0;
max-width: 100%;
}
blockquote {
margin-top:0px;
margin-bottom:0px;
}
table {
border-collapse:collapse;
border:1px solid #bbbbbb;
}
td {
border-collapse:collapse;
border:1px solid #bbbbbb;
}
获取系统进程信息和进程依赖的dll信息
#include "stdafx.h"
#include <Windows.h>
#include <TlHelp32.h>
#include <stdio.h>
#include <psapi.h>
#pragma comment(lib, "psapi.lib")
int _tmain(int argc, _TCHAR* argv[])
{
PROCESSENTRY32 pe32;//进程结构
pe32.dwSize = sizeof(pe32); //在使用这个结构前,先设置它的大小
//给系统内所有的进程拍个快照
HANDLE hProcessSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
//某个进程所有的DLL快照句柄
HANDLE hModuleSnap = NULL;
if(hProcessSnap == INVALID_HANDLE_VALUE)
{
printf("CreateTollHelp32Snapshot Error!!\n");
return -1;
}
BOOL bMore = ::Process32First(hProcessSnap, &pe32);
HANDLE hProcess = 0;
WCHAR procPath[_MAX_PATH]={0};
MODULEENTRY32 lpme; //DLL结构
lpme.dwSize = sizeof(MODULEENTRY32);//在使用这个结构前,先设置它的大小
BOOL bRet = FALSE;
//遍历进程快照,显示每个进程的信息
while(bMore)
{
//打开一个已存在的进程对象,并返回进程的句柄
hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE,pe32.th32ProcessID);
//得到该进程的全路径
GetModuleFileNameEx(hProcess,NULL,procPath, _MAX_PATH);
wprintf(_T("ProcPath:%s\nProcName:%s\t\tProcID:%d\n\n"), procPath, pe32.szExeFile, pe32.th32ProcessID);
//给一个已存在的进程内所有的DLL拍个快照
hModuleSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pe32.th32ProcessID);
bRet = ::Module32First(hModuleSnap, &lpme);
//遍历DLL快照,显示该进程所加在的DLL信息
while(bRet)
{
wprintf(_T("\t\tModual:%s\tBase:%2x\n"),lpme.szExePath, lpme.modBaseAddr);
bRet = ::Module32Next(hModuleSnap, &lpme);
}
//关闭snapshot对象
::CloseHandle(hModuleSnap);
bMore = ::Process32Next(hProcessSnap, &pe32);
}
//关闭snapshot对象
::CloseHandle(hProcessSnap);
return 0;
}
#include <Windows.h>
#include <TlHelp32.h>
#include <stdio.h>
#include <psapi.h>
#pragma comment(lib, "psapi.lib")
int _tmain(int argc, _TCHAR* argv[])
{
PROCESSENTRY32 pe32;//进程结构
pe32.dwSize = sizeof(pe32); //在使用这个结构前,先设置它的大小
//给系统内所有的进程拍个快照
HANDLE hProcessSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
//某个进程所有的DLL快照句柄
HANDLE hModuleSnap = NULL;
if(hProcessSnap == INVALID_HANDLE_VALUE)
{
printf("CreateTollHelp32Snapshot Error!!\n");
return -1;
}
BOOL bMore = ::Process32First(hProcessSnap, &pe32);
HANDLE hProcess = 0;
WCHAR procPath[_MAX_PATH]={0};
MODULEENTRY32 lpme; //DLL结构
lpme.dwSize = sizeof(MODULEENTRY32);//在使用这个结构前,先设置它的大小
BOOL bRet = FALSE;
//遍历进程快照,显示每个进程的信息
while(bMore)
{
//打开一个已存在的进程对象,并返回进程的句柄
hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE,pe32.th32ProcessID);
//得到该进程的全路径
GetModuleFileNameEx(hProcess,NULL,procPath, _MAX_PATH);
wprintf(_T("ProcPath:%s\nProcName:%s\t\tProcID:%d\n\n"), procPath, pe32.szExeFile, pe32.th32ProcessID);
//给一个已存在的进程内所有的DLL拍个快照
hModuleSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pe32.th32ProcessID);
bRet = ::Module32First(hModuleSnap, &lpme);
//遍历DLL快照,显示该进程所加在的DLL信息
while(bRet)
{
wprintf(_T("\t\tModual:%s\tBase:%2x\n"),lpme.szExePath, lpme.modBaseAddr);
bRet = ::Module32Next(hModuleSnap, &lpme);
}
//关闭snapshot对象
::CloseHandle(hModuleSnap);
bMore = ::Process32Next(hProcessSnap, &pe32);
}
//关闭snapshot对象
::CloseHandle(hProcessSnap);
return 0;
}