摘要:
=ERROR_SUCCESS){bResult=FALSE;}CloseHandle;returnbResult;}//我们以“计算器”这个实例来枚举该进程的所有用到的模块的句柄,并打印出来intmain(){DebugPrivilege;HMODULEnHmodule[1024]={NULL};charlpFilename[MAX_PATH]="";DWORDcbNeeded=0;HWNDhwnd=::FindWindow;//以计算机为例子,枚举它的模块句柄DWORDidProcess=0;::GetWindowThreadProcessId;//获取计算器进程IDHANDLEhCalc=::OpenProcess;//获取进程的句柄if(!
//tt2.cpp : 定义控制台应用程序的入口点. #include "stdafx.h"#include <windows.h>#include <iostream.h>#include "Shlwapi.h" #include "Psapi.h" #pragma comment(lib,"Psapi.lib") bool DebugPrivilege(const char *PName, BOOL bEnable) { bool bResult =TRUE; HANDLE hToken; TOKEN_PRIVILEGES TokenPrivileges; if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, &hToken)) { bResult =FALSE; returnbResult; } TokenPrivileges.PrivilegeCount = 1; TokenPrivileges.Privileges[0].Attributes = bEnable ? SE_PRIVILEGE_ENABLED : 0; LookupPrivilegeValue(NULL, PName, &TokenPrivileges.Privileges[0].Luid); AdjustTokenPrivileges(hToken, FALSE, &TokenPrivileges, sizeof(TOKEN_PRIVILEGES), NULL, NULL); if (GetLastError() !=ERROR_SUCCESS) { bResult =FALSE; } CloseHandle(hToken); returnbResult; } //我们以“计算器”这个实例来枚举该进程的所有用到的模块的句柄,并打印出来 intmain() { DebugPrivilege(SE_DEBUG_NAME, TRUE); HMODULE nHmodule[1024]={NULL}; char lpFilename[MAX_PATH]=""; DWORD cbNeeded=0; HWND hwnd=::FindWindow(NULL,"计算器");//以计算机为例子,枚举它的模块句柄 DWORD idProcess=0; ::GetWindowThreadProcessId(hwnd,&idProcess);//获取计算器进程ID HANDLE hCalc=::OpenProcess(PROCESS_ALL_ACCESS,NULL,idProcess);//获取进程的句柄 if (!hCalc) { CloseHandle(hwnd); ::MessageBox(NULL,"很遗憾,你没有运行计算器","EnumProcessModules",MB_OK); } else{ BOOL bRetn= ::EnumProcessModules(hCalc,nHmodule,sizeof(nHmodule),&cbNeeded); if (!bRetn) { CloseHandle(hCalc); ::MessageBox(NULL,"很遗憾,获取模块句柄失败","EnumProcessModules",MB_OK); } else{ for (int i=0;i<((int)cbNeeded/sizeof(HMODULE));i++) { cout<<"第"<<i<<"个:"; GetModuleFileNameEx(hCalc,nHmodule[i],lpFilename,MAX_PATH); cout<<lpFilename; cout<<endl; } } } DebugPrivilege(SE_DEBUG_NAME, FALSE); return 0; }