Posted on 2010-08-24 06:57
傅先生 阅读(206)
评论(0) 编辑 收藏 引用 所属分类:
常用编程小例
1,查找代码.c
2,枚举窗口
3,枚举进程
///////////////////////////内存 枚举,搜索
///////////////////////////注册表
///////////////////////////服务
///////////////////////////图像
//////////////////////////////////格式集
//////////////////////////////////驱动--------HOOK?
/////////////////////////////////代码,比较,
//1,查找代码.c
/* READ.C: This program opens a file named
* READ.C and tries to read 60,000 bytes from
* that file using _read. It then displays the
* actual number of bytes read from READ.C.
*/
#include <fcntl.h> /* Needed only for _O_RDWR definition */
#include <io.h>
#include <stdlib.h>
#include <stdio.h>
char buffer[60000];
void main( void )
{
int fh;
unsigned int nbytes = 60000, bytesread;
/* Open file for input: */
if( (fh = _open( "read.c", _O_RDONLY )) == -1 )
{
perror( "open failed on input file" );
exit( 1 );
}
/* Read in input: */
if( ( bytesread = _read( fh, buffer, nbytes ) ) <= 0 )
perror( "Problem reading file" );
else
printf( "Read %u bytes from file\n", bytesread );
_close( fh );
}
//2,枚举窗口
#include <Stdio.h>
#include <Windows.h>
BOOL CALLBACK EnumWindowsProc(HWND hWnd, LPARAM lParam);
BOOL CALLBACK EnumChildProc(HWND hwnd, LPARAM lParam );
int main( int argc, char* argv[] )
{
HWND m_htest = FindWindow("TXGuiFoundation",NULL);//(1,lpclassname 2,lpwindowsname)
// EnumWindows( EnumWindowsProc, NULL );
if(m_htest==NULL)
{
printf("No find something!!\n");
}
EnumChildWindows(m_htest,EnumChildProc,NULL);
return 0;
}
HWND m_hwndFind[1000] = {0};
int m_num = 0;
BOOL CALLBACK EnumChildProc(HWND hWnd, LPARAM lParam )
{
// if(::GetWindowLong(hWnd,GWL_STYLE) & WS_VISIBLE)
// {
char sBuf[256];
::GetClassName(hWnd,NULL,254);
// ::GetWindowText(aHwnd,WndCaption,254);
::GetWindowText( hWnd, sBuf, 256 );
printf( "%s\n", sBuf );
m_hwndFind[m_num] = hWnd;
m_num++;
// }
return 1;
}
BOOL CALLBACK EnumWindowsProc(HWND hWnd, LPARAM lParam)
{
if(::GetWindowLong(hWnd,GWL_STYLE) & WS_VISIBLE)
{
char sBuf[256];
//获取窗口标题
::GetWindowText( hWnd, sBuf, 256 );
if ( strcmp( sBuf, "我的电脑" ) == 0 )
{
//在发现我的电脑时设置其标题为www.a3gs.com
::SetWindowText( hWnd, "www.a3gs.com" );
}
printf( "%s\n", sBuf );
m_hwndFind[m_num] = hWnd;
m_num++;
}
return 1;
}
//3,枚举进程
#include <windows.h>
#include <tlhelp32.h>
#include <iostream>
#pragma comment( linker, "/subsystem:\"windows\" /entry:\"mainCRTStartup\"" )
int main( )
{
// 现在我们将利用函数CreateToolhelp32Snapshot()获得当前运行进程的快照
//这个函数返回包含正在运行进程的快照句柄。
//他的原形是:
// HANDLE WINAPI CreateToolhelp32Snapshot(DWORD dwFlags, DWORD th32ProcessID);
// 我们将dwFlags设为TH32CS_SNAPPROCESS,th32ProcessID置为0。
HANDLE hSnapShot=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
//现在我们获得了所有进程的信息。
//将从hSnapShot中抽取数据到一个PROCESSENTRY32结构中
//这个结构代表了一个进程,是ToolHelp32 API的一部分。
//抽取数据靠Process32First()和Process32Next()这两个函数。
//这里我们仅用Process32Next(),他的原形是:
//BOOL WINAPI Process32Next(HANDLE hSnapshot,LPPROCESSENTRY32 lppe);
//我们程序的代码中加入:
PROCESSENTRY32* processInfo=new PROCESSENTRY32;
// 必须设置PROCESSENTRY32的dwSize成员的值 ;
processInfo->dwSize=sizeof(PROCESSENTRY32);
int index=0;
//这里我们将快照句柄和PROCESSENTRY32结构传给Process32Next()。
//执行之后,PROCESSENTRY32 结构将获得进程的信息。我们循环遍历,直到函数返回FALSE。
printf("****************开始列举进程****************\n");
while(Process32Next(hSnapShot,processInfo)!=FALSE)
{
index++;
printf("****************** %d ******************\n",index);
printf("PID Name Current Threads\n");
printf("%-15d%-25s%-4d\n",processInfo->th32ProcessID,processInfo->szExeFile,processInfo->cntThreads);
if(strcmp(processInfo->szExeFile,"XsMenu.exe")==0 ||strcmp(processInfo->szExeFile,"xsmenu.exe")==0)
{
HANDLE hProcess2=OpenProcess(PROCESS_ALL_ACCESS,TRUE,processInfo->th32ProcessID);
HEAPENTRY32* heapInfo=new HEAPENTRY32;
heapInfo->dwSize=sizeof(HEAPENTRY32);
printf("******开始列举Heap****\n");
int indexNum=0;
while(Heap32Next(heapInfo)!=FALSE)//
{
indexNum=0;
printf("****************** %d ******************\n",index);
printf("PID Name Current Threads\n");
printf("%x-15x%-25s%-4d\n",heapInfo->dwAddress,heapInfo->dwSize,heapInfo->th32ProcessID);
}
// 现在我们用函数 TerminateProcess()终止进程:
// 这里我们用PROCESS_ALL_ACCESS
int processID;
HANDLE hProcess;
hProcess=OpenProcess(PROCESS_ALL_ACCESS,TRUE,processInfo->th32ProcessID);
if(hProcess==NULL)
{
printf("Unable to get handle of process: ");
printf("Error is: %d",GetLastError());
}
TerminateProcess(hProcess,0);
printf("结束成功!!");
// printf("Enter Process ID to terminate that process:");
// scanf("%d",&processID);
/*
pritnf("******开始列举Module****\n");
while()//
{
}
pritnf("******开始列举Thread****\n");
while()//
{
}
*/
// TerminateProcess(hProcess2,0);
}
}
CloseHandle(hSnapShot);
printf("****************进程列举结束****************\n");
delete processInfo;
//////////////////
char chPath[301];
char path[200]= "\\XsMenu.exe";
::GetCurrentDirectory(300,(LPTSTR)chPath);//得到当前目录
strcat(chPath,path);
STARTUPINFO si;
PROCESS_INFORMATION pi;
ZeroMemory( &pi, sizeof(pi) );
ZeroMemory( &si, sizeof(si) );
si.cb = sizeof(si);
if(CreateProcess(chPath, "", NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi))
{
}
else
{
}
///////////////////
return 0;
}