BOOL GetProcessList()//获取进程列表
{
HANDLE hProcessSnap;//进程快照句柄
HANDLE hProcess;//进程句柄
PROCESSENTRY32 pe32;//快照进程信息
/*PROCESSENTRY32:用来存放快照进程信息的一个结构体。(存放进程信息和调用成员输出进程信息)
用 Process32First指向第一个进程信息,并将进程信息抽取到PROCESSENTRY32中。
用Process32Next指向下一条进程信息。*/
DWORD dwPriorityClass;//优先级
// Take a snapshot of all processes in the system.
hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
/*
HANDLE WINAPI CreateToolhelp32Snapshot( 获取进程、堆、模块和线程的快照,以句柄返回
DWORD dwFlags, 参数 TH32CS_SNAPPROCESS 表示在快照中包含系统中所有的进程
DWORD th32ProcessID, 参数 0 表示在表示快照当前进程
);
*/
if (hProcessSnap == INVALID_HANDLE_VALUE)
{ // //如果调用CreateToolhelp32Snapshot失败则报错
printError(TEXT("CreateToolhelp32Snapshot (of processes)"));
return(FALSE);
}
// Set the size of the structure before using it.使用结构之前,先设置它的大小
pe32.dwSize = sizeof(PROCESSENTRY32);
// Retrieve information about the first process,
// and exit if unsuccessful
if (!Process32First(hProcessSnap, &pe32))
/*BOOL WINAPI Process32First(获得第一个进程
HANDLE hSnapshot,//_in快照句柄
LPPROCESSENTRY32 lppe//_out存放信息位置
);
*/
{
printError(TEXT("Process32First")); // show cause of failure
CloseHandle(hProcessSnap); // clean the snapshot object
return(FALSE);
}
// Now walk the snapshot of processes, and
// display information about each process in turn
do
{
_tprintf(TEXT("\n\n====================================================="));
_tprintf(TEXT("\n Process Name: %s"),pe32.szExeFile);
_tprintf(TEXT("\n-------------------------------------------------------"));
// Retrieve the priority class.获取优先级
dwPriorityClass = 0;
//hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
/*
HANDLE OpenProcess( 用来打开一个已存在的进程对象,并返回进程的句柄
DWORD dwDesiredAccess, //渴望得到的访问权限(标志)
BOOL bInheritHandle, // 是否继承句柄
DWORD dwProcessId// 进程标示符
);
*/
if (hProcess == NULL)
printError(TEXT("OpenProcess"));
else
{
dwPriorityClass = GetPriorityClass(hProcess);
/*
GetPriorityClass:获取特定进程的优先级别
返回指向进程的优先级。返回的优先级以及它的每一个线程的优先级来决定每一个线程的基础优先水平。
*/
if (!dwPriorityClass)
printError(TEXT("GetPriorityClass"));
CloseHandle(hProcess);
}
_tprintf(TEXT("\n Process ID = 0x%08X"), pe32.th32ProcessID);
_tprintf(TEXT("\n Thread count = %d"), pe32.cntThreads);
_tprintf(TEXT("\n Parent process ID = 0x%08X"), pe32.th32ParentProcessID);
_tprintf(TEXT("\n Priority base = %d"), pe32.pcPriClassBase);
if (dwPriorityClass)
_tprintf(TEXT("\n Priority class = %d"), dwPriorityClass);
// List the modules and threads associated with this process列举与当前进程相关的线程和模块
ListProcessModules(pe32.th32ProcessID);//函数调用
ListProcessThreads(pe32.th32ProcessID);//
} while (Process32Next(hProcessSnap, &pe32));
/*BOOL WINAPI Process32Next(获得下一进程的句柄
HANDLE hSnapshot,
LPPROCESSENTRY32 lppe
);
*/
//循环直到Process32Next返回值为FALSE
CloseHandle(hProcessSnap);
return(TRUE);
}
BOOL GetProcessList( )
{
HANDLE hProcessSnap;
HANDLE hProcess;
PROCESSENTRY32 pe32;
DWORD dwPriorityClass;
// Take a snapshot of all processes in the system.
hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
if( hProcessSnap == INVALID_HANDLE_VALUE )
{
printError( TEXT("CreateToolhelp32Snapshot (of processes)") );
return( FALSE );
}
// Set the size of the structure before using it.
pe32.dwSize = sizeof( PROCESSENTRY32 );
// Retrieve information about the first process,
// and exit if unsuccessful
if( !Process32First( hProcessSnap, &pe32 ) )
{
printError( TEXT("Process32First") ); // show cause of failure
CloseHandle( hProcessSnap ); // clean the snapshot object
return( FALSE );
}
// Now walk the snapshot of processes, and
// display information about each process in turn
do
{
_tprintf( TEXT("\n\n=====================================================" ));
_tprintf( TEXT("\nPROCESS NAME: %s"), pe32.szExeFile );
_tprintf( TEXT("\n-------------------------------------------------------" ));
// Retrieve the priority class.
dwPriorityClass = 0;
hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID );
if( hProcess == NULL )
printError( TEXT("OpenProcess") );
else
{
dwPriorityClass = GetPriorityClass( hProcess );
if( !dwPriorityClass )
printError( TEXT("GetPriorityClass") );
CloseHandle( hProcess );
}
_tprintf( TEXT("\n Process ID = 0x%08X"), pe32.th32ProcessID );
_tprintf( TEXT("\n Thread count = %d"), pe32.cntThreads );
_tprintf( TEXT("\n Parent process ID = 0x%08X"), pe32.th32ParentProcessID );
_tprintf( TEXT("\n Priority base = %d"), pe32.pcPriClassBase );
if( dwPriorityClass )
_tprintf( TEXT("\n Priority class = %d"), dwPriorityClass );
// List the modules and threads associated with this process
ListProcessModules( pe32.th32ProcessID );
ListProcessThreads( pe32.th32ProcessID );
} while( Process32Next( hProcessSnap, &pe32 ) );
CloseHandle( hProcessSnap );
return( TRUE );
}
BOOL GetProcessList( )
{
HANDLE hProcessSnap;
HANDLE hProcess;
PROCESSENTRY32 pe32;
//DWORD dwPriorityClass;
// Take a snapshot of all processes in the system.
hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
if( hProcessSnap == INVALID_HANDLE_VALUE )
{
//printError( TEXT("CreateToolhelp32Snapshot (of processes)") );
printf( "error: CreateToolhelp32Snapshot (of processes)" );
return( FALSE );
}
// Set the size of the structure before using it.
pe32.dwSize = sizeof( PROCESSENTRY32 );
if( !Process32First( hProcessSnap, &pe32 ) )
{
printf( "error: Process32First");
CloseHandle( hProcessSnap );
return( FALSE );
}
do
{
if( strcmp( pe32.szExeFile, "dota.exe" ) != 0 )
continue;
//if( pe32.th32ProcessID != 2772 )
// continue;
printf( "\n\n=====================================================" );
printf( "\n Dota2 Harvester beta, build 04082013" );
printf( "\n=====================================================\n" );
printf( "\n Process ID = 0x%08X\n", (unsigned int)pe32.th32ProcessID );
// Retrieve the priority class.
//dwPriorityClass = 0;
hProcess = OpenProcess( PROCESS_VM_READ, false, pe32.th32ProcessID );
if( hProcess == NULL )
//printError( TEXT("OpenProcess") );
printf( "error: OpenProcess" );
else
{
//printf("OpenProcess fine");
/*
dwPriorityClass = GetPriorityClass( hProcess );
if( !dwPriorityClass )
printError( TEXT("GetPriorityClass") );
*/
}
/*
int addr0 = 0x64E30000 + 0x1EAFDA8;
ReadProcessMemory(hProcess, (LPCVOID)addr_, &addr_ , 4, NULL);
int addr1 = addr_;
ReadProcessMemory(hProcess, (LPCVOID)(addr1 + 14), &addr1 , 4, NULL);
printf( "addr1: %p\n", addr0 );
int r = 0;
int offset0 = 0x1EAFDA8;
int offset1 = 0x14;
int offset2 = 0;
int offset3 = 0x824;
int myaddr = FindPointerAddr(hProcess, 0x64E30000, 1, &r, offset0 );
*/
/*
_tprintf( TEXT("\n Process ID = 0x%08X"), pe32.th32ProcessID );
_tprintf( TEXT("\n Thread count = %d"), pe32.cntThreads );
_tprintf( TEXT("\n Parent process ID = 0x%08X"), pe32.th32ParentProcessID );
_tprintf( TEXT("\n Priority base = %d"), pe32.pcPriClassBase );
*/
/*
if( dwPriorityClass )
_tprintf( TEXT("\n Priority class = %d"), dwPriorityClass );
*/
// List the modules and threads associated with this process
ListProcessModules( pe32.th32ProcessID, &hProcess );
ListProcessThreads( pe32.th32ProcessID );
CloseHandle( hProcess );
} while( Process32Next( hProcessSnap, &pe32 ) );
CloseHandle( hProcessSnap );
return( TRUE );
}
