-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathCProcess.cpp
60 lines (52 loc) · 1.33 KB
/
CProcess.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
#include"CProcess.h"
#include<stdio.h>
CProcess::CProcess(DWORD dwPid)
{
HANDLE m_hProcess = OpenProcess(PROCESS_ALL_ACCESS,
FALSE,
dwPid);
m_dwPid = dwPid;
}
CProcess::CProcess(const WCHAR *szProcessName)
{
m_hProcess = NULL;
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
PROCESSENTRY32 pe32 = {sizeof(pe32)};
Process32First(hSnapshot,&pe32);
do
{
if (wcscmp(pe32.szExeFile, szProcessName) == 0)
{
m_hProcess = OpenProcess(PROCESS_ALL_ACCESS,
FALSE,
pe32.th32ProcessID);
m_dwPid = pe32.th32ProcessID;
}
} while (Process32Next(hSnapshot,&pe32));
}
CProcess::~CProcess()
{
if(m_hProcess != NULL)
CloseHandle(m_hProcess);
}
// 获取dll模块基址
DWORD CProcess::GetModule(const WCHAR* szModuleName)
{
DWORD dwModule = 0;
// 根据进程pid获取句柄
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, m_dwPid);
MODULEENTRY32 module32 = {sizeof(module32)};
// 遍历进程所有模块
Module32First(hSnapshot,&module32);
do
{
if (wcscmp(szModuleName, module32.szModule) == 0) {
dwModule = (DWORD)module32.hModule;
wprintf_s(TEXT("SUCESS: %s base address is %d\n"), szModuleName, dwModule);
}
}
while (Module32Next(hSnapshot,&module32));
if (dwModule == 0)
wprintf(TEXT("get %s base address faild! --- error code: %d\n"), szModuleName,GetLastError());
return dwModule;
}