转自:http://blog.csdn.net/zyq11223/article/details/7699631
主要使用CreateToolhelp32Snapshot获取进程快照。
#include
#include
#include
#include
#include
#include "tlhelp32.h"
int main(void)
{
MODULEENTRY32 me32;
//setlocale(LC_ALL,"chs");//置本地环境
//我们获取本进程实例句柄为例子
HANDLE hTlhelpSnapshot=CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,0);
if (hTlhelpSnapshot == INVALID_HANDLE_VALUE)
{
wprintf_s(L"建立进程快照失败\n\n");
getchar();
}
//枚举模块现现填充该结构的SIZE,必须的
me32.dwSize = sizeof(MODULEENTRY32);
//用来计数,有多少个模块
DWORD nCount=0;
if (!Module32First(hTlhelpSnapshot,&me32))
{
wprintf_s(L"获取进程第一个模块失败\n\n");
getchar();
}
else
{
do
{//结构体的信息字段,你懂的
++nCount;
wprintf_s(L"me32.szExePath==%s\n",me32.szExePath);
//std::cout<
//wprintf_s(L"me32.szModule==%s\n",me32.szModule);
wprintf_s(L"me32.th32ProcessID==%x\n",me32.th32ProcessID);
//继续枚举下个模块结构字段信息,直到Module32Next返回值为FALSE
//std::cout<
std::cout<
} while (Module32Next(hTlhelpSnapshot,&me32));
}
std::cout<
//不要忘记关闭句柄哦,释放资源空间嘛,你懂的
CloseHandle(hTlhelpSnapshot);
//等待用户键盘随便输入一个字符,目的是为了看见控制台打印出的信息,你懂的
getchar();
/*获取本进程的pid!!!!!
unsigned long ppp = GetCurrentProcessId();
std::cout<
TCHAR szfilepath[64];
GetModuleFileName(NULL, szfilepath, 63);
std::wcout<
Sleep(200000);
return 0;
}
############上面的可以获取本进程调用的模块的路径,不是系统所有进程######################
############下面的只能获取进程名字#######################
#include "StdAfx.h"
#include "windows.h"
#include "tlhelp32.h"
#include "stdio.h"
int main(int argc, char* argv[])
{
PROCESSENTRY32 pe32;
//在使用这个结构前,先设置它的大小
pe32.dwSize = sizeof(pe32);
//给系统内所有的进程拍个快照
HANDLE hProcessSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
if (hProcessSnap == INVALID_HANDLE_VALUE)
{
printf("CreateToolhelp32Snapshot 调用失败.\n");
return -1;
}
//遍历进程快照,轮流显示每个进程的信息
BOOL bMore = ::Process32First(hProcessSnap,&pe32);
while (bMore)
{
printf("进程名称:%s\n",pe32.szExeFile);
printf("进程ID:%u\n\n",pe32.th32ProcessID);
bMore = ::Process32Next(hProcessSnap,&pe32);
}
//不要忘记清除掉snapshot对象 ::CloseHandle(hProcessSnap);
return 0;
}
##########################杀进程#####################
hPro = OpenProcess(PROCESS_ALL_ACCESS,false,pid)
!TerminateProcess(hPro,0)
CloseHandle hPro
*****************************************以上为win64bit下*****************************************************
*****************************************下面是linux下,ubuntu下测试通过********************************
#include #include #include #include #include #include #define _PATH_MAX 100 int main() { char link[100], _path[100]; pid_t _pid = getpid(); printf("_pid: %d\n",_pid); sprintf(link, "/proc/%d/exe",_pid); printf("link: %s\n",link); readlink(link, _path, sizeof(_path)); printf("_path: %s \n", _path); char* ProcName = strrchr(_path, '/'); printf("ProcName :%s\n", ProcName); ProcName = strtok(ProcName,"/"); printf("ProcName :%s\n", ProcName); //父进程的pid:pid 名字:s DIR *dir; struct dirent *d; int pid, i; char *s; int pnlen; i = 0; int foundpid[10]; foundpid[0] = 0; pnlen = strlen(ProcName); dir = opendir("/proc"); if (!dir) { printf("cannot open /proc"); return -1; } while ((d = readdir(dir)) != NULL) { char exe [_PATH_MAX+1]; char path[_PATH_MAX+1]; int len; int namelen; if ((pid = atoi(d->d_name)) == 0) continue; snprintf(exe, sizeof(exe), "/proc/%s/exe", d->d_name); if ((len = readlink(exe, path, _PATH_MAX)) < 0) continue; path[len] = '\0'; s = strrchr(path, '/'); //printf("s: %s\n", s); if(s == NULL) continue; s++; printf("s: %s\n", s); /* we don't need small name len */ namelen = strlen(s); if(namelen < pnlen) continue; if(!strncmp(ProcName, s, pnlen)) { printf("s: %s\n", s); printf("ProcName: %s\n", ProcName); if(s[pnlen] == ' ' || s[pnlen] == '\0') { foundpid[i] = pid; i++; printf("%d\n", pid); } } } closedir(dir); printf("\n"); return 0; }
1006
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
