#define _WINSOCK_DEPRECATED_NO_WARNINGS
#include <winsock2.h>
#include <ws2tcpip.h>
#include <iphlpapi.h>
#include<TlHelp32.h>
#include <iostream>
#include <iomanip>
using namespace std;
#pragma comment(lib, "iphlpapi.lib")
#pragma comment(lib, "ws2_32.lib")
#define MALLOC(x) HeapAlloc(GetProcessHeap(), 0, (x))
#define FREE(x) HeapFree(GetProcessHeap(), 0, (x))
bool GetProcessNameByIdW(DWORD ProcessId, WCHAR* Buf, DWORD Length)
{
PROCESSENTRY32W PE;
memset(&PE, 0, sizeof(PROCESSENTRY32W));
PE.dwSize = sizeof(PROCESSENTRY32W);
if (ProcessId == 0)
{
wcscpy_s(Buf, Length, L"Idle");
return true;
}
if (ProcessId == 4)
{
wcscpy_s(Buf, Length, L"System");
return true;
}
auto hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hSnapshot == INVALID_HANDLE_VALUE)
{
return false;
}
if (!Process32FirstW(hSnapshot, &PE))
{
CloseHandle(hSnapshot);
return false;
}
bool bRet = false;
do
{
if (PE.th32ProcessID == ProcessId)
{
wcscpy_s(Buf, Length, PE.szExeFile);
bRet = true;
break;
}
} while (Process32NextW(hSnapshot, &PE));
CloseHandle(hSnapshot);
return bRet;
}
int IsIntranet(const char* IP)
{
int bRet = 1;
if (!IP || strlen(IP) == 0)
{
return -1;
}
do
{
ULONG dwIP = inet_addr(IP);
DWORD a = dwIP;
a = a << 24;
a = a | ((dwIP & 0xFF00) << 8);
a = a | ((dwIP & 0xFF0000) >> 8);
a = a | ((dwIP & 0xFF000000) >> 24);
dwIP = a;
if (dwIP == 0)
break;
if (dwIP >= 0x7F000000 && dwIP <= 0x7FFFFFFF)
break;
if (dwIP >= 0x0A000000 && dwIP <= 0x0AFFFFFF)
break;
if (dwIP >= 0xAC100000 && dwIP <= 0xAC1FFFFF)
break;
if (dwIP >= 0xC0A80000 && dwIP <= 0xC0A8FFFF)
break;
bRet = 0;
} while (false);
return bRet;
}
bool WideToAnsi(const wchar_t* in_str, std::string& out_str)
{
int NeedBytes = WideCharToMultiByte(CP_ACP, 0, in_str, (int)wcslen(in_str), NULL, 0, NULL, NULL);
if (0 == NeedBytes)
{
return false;
}
char* Buffer = new char[(ULONG_PTR)NeedBytes + 1];
if (!Buffer)
{
return false;
}
ZeroMemory(Buffer, (ULONG_PTR)NeedBytes + 1);
int TurnedByets = WideCharToMultiByte(CP_ACP, 0, in_str, (int)wcslen(in_str), Buffer, NeedBytes, NULL, NULL);
if (0 == TurnedByets || TurnedByets != NeedBytes)
{
delete[]Buffer;;
Buffer = NULL;
return false;
}
out_str = Buffer;
return true;
}
int main(int argc, char* argv[])
{
PMIB_TCPTABLE_OWNER_PID ptTable;
DWORD dwSize = { 0 };
DWORD dwRetValue = { 0 };
struct in_addr inAddr;
static char TcpState[][32] =
{
"???",
"CLOSED",
"LISTENING",
"SYN_SENT",
"SEN_RECEIVED",
"ESTABLISHED",
"FIN_WAIT",
"FIN_WAIT2",
"CLOSE_WAIT",
"CLOSING",
"LAST_ACK",
"TIME_WAIT"
};
ptTable = (MIB_TCPTABLE_OWNER_PID*)MALLOC(sizeof(MIB_TCPTABLE_OWNER_PID));
dwSize = sizeof(MIB_TCPTABLE);
if ((dwRetValue = GetExtendedTcpTable(ptTable, &dwSize, TRUE, AF_INET, TCP_TABLE_OWNER_PID_ALL, 0)) == ERROR_INSUFFICIENT_BUFFER)
{
FREE(ptTable);
ptTable = NULL;
ptTable = (MIB_TCPTABLE_OWNER_PID*)MALLOC(dwSize);
if (ptTable == NULL)
return 0;
}
char szRemoteAddr[128];
if ((dwRetValue = GetExtendedTcpTable(ptTable, &dwSize, TRUE, AF_INET, TCP_TABLE_OWNER_PID_ALL, 0)) == NO_ERROR)
{
for (int i = 0; i < (int)ptTable->dwNumEntries; i++)
{
inAddr.S_un.S_addr = (u_long)ptTable->table[i].dwRemoteAddr;
if (IsIntranet(inet_ntoa(inAddr))!=0)
{
continue;
}
cout << "进程id:" << ptTable->table[i].dwOwningPid;
sprintf_s(szRemoteAddr, sizeof(szRemoteAddr), "%s:%d", inet_ntoa(inAddr)
, htons(ptTable->table[i].dwRemotePort));
printf("\t%20s", szRemoteAddr);
WCHAR ProcessName[260] = { 0 };
if (GetProcessNameByIdW(ptTable->table[i].dwOwningPid, ProcessName,260) == true)
{
std::string sName;
if (WideToAnsi(ProcessName, sName) == true)
{
printf("\t%s\n", sName.c_str());
}
}
}
}
if (dwRetValue == ERROR_INSUFFICIENT_BUFFER)
{
cout << "Insufficent Buffer." << endl;
}
if (dwRetValue == ERROR_INVALID_PARAMETER)
{
cout << "Invalid Paramters Given." << endl;
}
cin.get();
return 0;
}
549
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
