光阴弹指一挥间 老去之前你想做的 不要放弃 不要后悔
#include <windows.h>#include <stdio.h>#include "Tlhelp32.h"int main(){BOOL r;HANDLE h;PROCESSENTRY32 pe;//::ZeroMemory(&pe,sizeof(PROCESSENTRY32));pe.dwSize=sizeof(PROCESSENTRY32);h = CreateToolhelp32Snapshot(2,0);r = Process32First(h, &pe);while(r) { printf("%5d\t%s\n", pe.th32ProcessID,pe.szExeFile); r = Process32Next(h, &pe);}system("pause");return 0;}
#include <windows.h>#include <stdio.h>typedef struct tagPROCESSENTRY32 { DWORD dwSize; DWORD cntUsage; DWORD th32ProcessID; DWORD th32DefaultHeapID; DWORD th32ModuleID; DWORD cntThreads; DWORD th32ParentProcessID; LONG pcPriClassBase; DWORD dwFlags; TCHAR szExeFile[MAX_PATH]; DWORD th32MemoryBase;DWORD th32AccessKey;} PROCESSENTRY32, *PPROCESSENTRY32;typedef int (__stdcall *CREATETOOLHELP32SNAPSHOT) (int dw, int pid);CREATETOOLHELP32SNAPSHOT CreateToolhelp32Snapshot;typedef int (__stdcall *PROCESS32FIRST) (int h, int lp);PROCESS32FIRST Process32First;typedef int (__stdcall *PROCESS32NEXT) (int h, int lp);PROCESS32NEXT Process32Next;PROCESSENTRY32 x;int main(){PROCESSENTRY32 pe = {0};int h, r;//获取API地址:HMODULE pk = GetModuleHandleA("kernel32.dll");CreateToolhelp32Snapshot = (CREATETOOLHELP32SNAPSHOT)GetProcAddress(pk, "CreateToolhelp32Snapshot");Process32First = (PROCESS32FIRST)GetProcAddress(pk, "Process32First");Process32Next = (PROCESS32NEXT)GetProcAddress(pk, "Process32Next");h = CreateToolhelp32Snapshot(2, 0);//创建进程快照pe.dwSize = sizeof(PROCESSENTRY32);//r = Process32First(h, (int)&pe);//while(r) {printf("%5d\t%s\n", pe.th32ProcessID, pe.szExeFile);r = Process32Next(h, (int)&pe);}return 0;}上面是原来的复杂代码用到的结构,函数原型都自己在代码里声明用GetProcAddress访问API对Kernerl32.dll这样的系统库 使用GetProcAddress和使用头文件包含应该是一样的 貌似Kernel32不需要考虑动态加载 卸载的问题
posted on 2008-12-13 10:47 张辉 阅读(341) 评论(1) 编辑 收藏 引用
复习内容: typedef int (__stdcall *CREATETOOLHELP32SNAPSHOT) (int dw, int pid);//函数指针 FARPROC WINAPI GetProcAddress( __in HMODULE [url=]hModule[/url], __in LPCSTR [url=]lpProcName[/url] ); 取得dll模块中的函数地址 回复 更多评论
Powered by: C++博客 Copyright © 张辉