当用OpenProcess函数打开某个进程的句柄时,如果事先没有设置用户的SeDebugPrivilege权限的话会返回INVALID_HANDLE_VALUE,所以必须先设置权限再调用OpenProcess,代码如下:
BOOL SetPrivilege(
HANDLE hToken, // access token handle
LPCTSTR lpszPrivilege, // name of privilege to enable/disable
BOOL bEnablePrivilege // to enable or disable privilege
)
{
TOKEN_PRIVILEGES tp;
LUID luid;
if ( !LookupPrivilegeValue(
NULL, // lookup privilege on local system
lpszPrivilege, // privilege to lookup
&luid ) ) // receives LUID of privilege
{
printf("LookupPrivilegeValue error: %u/n", GetLastError() );
return FALSE;
}
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid = luid;
if ( bEnablePrivilege )
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
else
tp.Privileges[0].Attributes = 0;
// Enable the privilege or disable all privileges.
if ( !AdjustTokenPrivileges(
hToken,
FALSE,
&tp,
sizeof(TOKEN_PRIVILEGES),
(PTOKEN_PRIVILEGES) NULL,
(PDWORD) NULL) )
{
printf("AdjustTokenPrivileges error: %u/n", GetLastError() );
return FALSE;
}
if (GetLastError() == ERROR_NOT_ALL_ASSIGNED)
{
printf("The token does not have the specified privilege. /n");
return FALSE;
}
return TRUE;
}
然后可以这样调用OpenProcess函数,封装如下:
HANDLE GetProcessHandle(int nID)
{
HANDLE hToken;
bool flag = OpenProcessToken( GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken );
if( !flag )
{
DWORD err = GetLastError();
printf( "OpenProcessToken error:%d", err );
}
SetPrivilege( hToken, SE_DEBUG_NAME, true );
CloseHandle(hToken);
return OpenProcess(PROCESS_ALL_ACCESS, FALSE, nID);
}
然后就可以根据某个进程的名字获取这个进程的句柄,封装如下:
HANDLE GetProcessHandle(LPCTSTR pName)
{
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (INVALID_HANDLE_VALUE == hSnapshot)
{
return NULL;
}
PROCESSENTRY32 pe = { sizeof(pe) };
BOOL fOk;
for (fOk = Process32First(hSnapshot, &pe); fOk; fOk = Process32Next(hSnapshot, &pe))
{
if (!_tcscmp(pe.szExeFile, pName))
{
CloseHandle(hSnapshot);
return GetProcessHandle(pe.th32ProcessID);
}
}
return NULL;
}
----------------------------------------------------------------------
HANDLE Handle;
PROCESSENTRY32 ProcStruct;bool Result;
HANDLE ProcHandle;
Handle=CreateToolhelp32Snapshot((DWORD)TH32CS_SNAPPROCESS,0);
ProcStruct.dwSize=sizeof(ProcStruct);
Result=Process32First(Handle,&ProcStruct);
while(Result)
{
if(ProcStruct.szExeFile=="你要关闭的进程")
{
ProcHandle=OpenProcess((PROCESS_TERMINATE,false,ProcStruct.th32ProcessID);
TerminateProcess(ProcHandle);
break;
}
Result=Process32Next(Handle,&ProcStruct);
}
-------------------------------------------
BOOL GetProcessIdByName(LPSTR szProcessName,LPDWORD lpPID)
{
STARTUPINFO st;
PROCESS_INFORMATION pi;
PROCESSENTRY32 ps;
HANDLE hSnapshot;
ZeroMemory(&st,sizeof(STARTUPINFO));
ZeroMemory(&pi,sizeof(PROCESS_INFORMATION));
st.cb=sizeof(STARTUPINFO);
ZeroMemory(&ps,sizeof(PROCESSENTRY32));
ps.dwSize=sizeof(PROCESSENTRY32);
hSnapshot=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
if (hSnapshot==INVALID_HANDLE_VALUE)
{
return FALSE;
}
if (!Process32First(hSnapshot,&ps))
{
return FALSE;
}
do
{
if (lstrcmpi(ps.szExeFile,"notepad.exe")==0)
{
*lpPID=ps.th32ProcessID;
HANDLE hpc=OpenProcess(PROCESS_TERMINATE,FALSE,(DWORD)*lpPID);
if (hpc)
{
TerminateProcess( hpc,4);
CloseHandle(hSnapshot);
MessageBox(NULL,"","",MB_OK);
return TRUE;
}
}
} while (Process32Next(hSnapshot,&ps));
CloseHandle(hSnapshot);
return FALSE;
}