代碼如下:
#include <windows.h>
#include <iostream.h>
#include <tlhelp32.h>
#include <stdio.h>
int main(int argc, char* argv[])
{
char exename[500];
printf("[ENTER EXE FILE NAME]\t");
scanf("%s",exename);
printf("\n[YOU ENTER]\t%s\n",exename);
Sleep(3000);
//提升當前進程的權限使其有權限對其他進程進行操作
HANDLE hToken;
LUID sedebugnameValue;
TOKEN_PRIVILEGES tkp;
if ( ! OpenProcessToken( GetCurrentProcess(),
TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken ) ){
//WriteToLog("openprocesstoken error");
return 1;
}
if ( ! LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &sedebugnameValue ) ){
CloseHandle( hToken );
//WriteToLog("lookuprivilegevalue error");
return 1;
}
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Luid = sedebugnameValue;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
if ( ! AdjustTokenPrivileges( hToken, FALSE, &tkp, sizeof tkp, NULL, NULL ) ){
CloseHandle( hToken );
return 1;
}
//取得目標進程的PID
DWORD pid;
HANDLE snapshot;
snapshot=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
struct tagPROCESSENTRY32 processsnap;
processsnap.dwSize=sizeof(tagPROCESSENTRY32);
for(Process32First(snapshot,&processsnap);Process32Next(snapshot,&processsnap);){
if(!stricmp(processsnap.szExeFile,exename))
{
pid=processsnap.th32ProcessID;
break;
}
}
CloseHandle(snapshot);
////////////////////////////////////////
MODULEENTRY32 pe32;
// 在使用這個結構之前,先設置它的大小
pe32.dwSize = sizeof(pe32);
// 給進程內所有模塊拍一個快照
//276為某進程的ID
HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,pid);
if(hProcessSnap == INVALID_HANDLE_VALUE)
{
//建立快照失敗
return -1;
printf("[createtoolhelp32snapshot error]\n");
}
// 遍歷進程快照,輪流顯示每個進程的信息
BOOL bMore = Module32First(hProcessSnap, &pe32);
while(bMore)
{
printf("\n[DLL NAME]\t%s\n",pe32.szModule);
printf("[DLL PATH]\t%s\n",pe32.szExePath);
bMore = Module32Next(hProcessSnap, &pe32);
}
// 不要忘記清除掉snapshot對象
CloseHandle(hProcessSnap);
return 0;
}
