Windows进程
调出任务管理器:ctr+alt+delete
概念:
多任务
内核模式和用户模式
内核对象
对象句柄
句柄是32位的数字
使用计数
进程控制
程序入口:
获取系统版本
创建进程
其中的LPSTARTUPINFO 用于指定新进程中主窗口的位置,大小 和标准句柄:
创建进程:
进程控制
获取进程:
CloseHandle 关闭该句柄,内核对象计数减1
打开进程
终止其他进程:
获取进程退出码:
代码
创建进程
获取系统版本 OSVERSIONINFO https://docs.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-osversioninfoa
启动进程 CreateProcess https://docs.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-createprocessa
创建控制台进程:
#include <Windows.h>
#include <stdlib.h>
#include <stdio.h>
//创建新的控制台
int main(void)
{
int ret = 0;
STARTUPINFO si;
PROCESS_INFORMATION pi;
ZeroMemory(&si, sizeof(si));
si.cb = sizeof(si);//空间大小
si.dwFlags = STARTF_USESHOWWINDOW;
si.wShowWindow = TRUE;
ZeroMemory(&pi, sizeof(pi));
WCHAR commandline[] = L"cmd";
ret = CreateProcess(NULL, commandline, NULL, NULL, FALSE, CREATE_NEW_CONSOLE, NULL, NULL, &si, &pi);
if (ret)
{
//关闭进程句柄和线程句柄,使得内核对象引用计数减1
CloseHandle(pi.hThread);
CloseHandle(pi.hProcess);
printf("threadid = %d\n", pi.dwThreadId);
printf("processid = %d\n", pi.dwProcessId);
}
else
{
printf("启动失败");
}
system("pause");
return 0;
}为什么创建成功后要关闭句柄:
https://blog.csdn.net/qq_25867649/article/details/51023448
#include <Windows.h>
#include <stdlib.h>
#include <stdio.h>
//创建新的控制台
int main(void)
{
int ret = 0;
STARTUPINFO si;
PROCESS_INFORMATION pi;
ZeroMemory(&si, sizeof(si));
si.cb = sizeof(si);//空间大小
si.dwFlags = STARTF_USESHOWWINDOW;
si.wShowWindow = TRUE;
ZeroMemory(&pi, sizeof(pi));
WCHAR commandline[] = L"C:\\Windows\\notepad.exe";
ret = CreateProcess(commandline, NULL, NULL, NULL, FALSE, NULL, NULL, NULL, &si, &pi);
if (ret)
{
CloseHandle(pi.hThread);
CloseHandle(pi.hProcess);
printf("threadid = %d\n", pi.dwThreadId);
printf("processid = %d\n", pi.dwProcessId);
}
else
{
printf("启动失败");
}
system("pause");
return 0;
}进程查看器
https://blog.csdn.net/ktpd_pro/article/details/58601486
//进程查看器
//write by yuanchunxu
#include <stdio.h>
#include <Windows.h>
#include <stdlib.h>
#include <TlHelp32.h>
int main()
{
PROCESSENTRY32 pe32;
//在使用这个结构前,先设置它的大小
pe32.dwSize = sizeof(pe32);
//给系统内所有的进程拍个快照
HANDLE hProcessSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hProcessSnap == INVALID_HANDLE_VALUE)
{
printf("CreateToolhelp32Snapshot 调用失败.\n");
return -1;
}
//遍历进程快照,轮流显示每个进程的信息
BOOL bMore = ::Process32First(hProcessSnap, &pe32);
while (bMore)
{
printf("进程名称:%s\n", pe32.szExeFile);
printf("进程ID:%u\n\n", pe32.th32ProcessID);
bMore = ::Process32Next(hProcessSnap, &pe32);
}
//不要忘记清除掉snapshot对象
::CloseHandle(hProcessSnap);
system("pause");
return 0;
}结束进程
#include <stdio.h>
#include <Windows.h>
#include <stdlib.h>
#include <TlHelp32.h>
BOOL CloseProcess(DWORD dwId)
{
BOOL bRet;
HANDLE hHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwId);
if (hHandle != NULL)
{
bRet = TerminateProcess(hHandle, 0);
}
CloseHandle(hHandle);
return bRet;
}
int main()
{
PROCESSENTRY32 pc;
pc.dwSize = sizeof(pc);
HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (INVALID_HANDLE_VALUE == hProcessSnap)
{
printf("get snapshop failed\n");
system("pause");
return 0;
}
BOOL bMore = Process32First(hProcessSnap, &pc);
while (bMore)
{
printf("\n---------------------------\n");
printf("id:%d\n", pc.th32ProcessID);
wprintf(L"name:%s\n", pc.szExeFile);
bMore = Process32Next(hProcessSnap, &pc);
}
CloseHandle(hProcessSnap);
printf("\n-------------------------\n");
int pid = 0;
printf("请输入要关闭的进程id\n");
scanf("%d", &pid);
CloseProcess(pid);
system("pause");
return 0;
}