Visual c++ 枚举进程()
我用VC++编写了一个基本代码,通过Psapi中的EnumProcesses()检索进程列表。我在管理模式下打开VS2012。在调试期间,代码成功地检索所有进程句柄。当我构建流程时,它无法作为一个独立的应用程序获取流程句柄;大多数进程句柄返回空值。我试图将linker中的“UAC执行级别”设置为requireAdministrator;但一切都没有改变。有什么建议吗Visual c++ 枚举进程(),visual-c++,Visual C++,我用VC++编写了一个基本代码,通过Psapi中的EnumProcesses()检索进程列表。我在管理模式下打开VS2012。在调试期间,代码成功地检索所有进程句柄。当我构建流程时,它无法作为一个独立的应用程序获取流程句柄;大多数进程句柄返回空值。我试图将linker中的“UAC执行级别”设置为requireAdministrator;但一切都没有改变。有什么建议吗 DWORD proc_id[1024]; // array for process id's DWORD ret_bytes
DWORD proc_id[1024]; // array for process id's
DWORD ret_bytes; // number of bytes returned from EnumProcesses()
FILE *proc_file; // to store the process list
// Get list of process id's
if ( !EnumProcesses( proc_id, sizeof(proc_id), &ret_bytes ) )
{
printf("Can not execute EnumProcesses()...\n");
system("pause");
return;
}
printf("Retriving process id list...\n");
// Calculate how many process identifiers were returned.
DWORD number_of_proc; // number of processes
number_of_proc = ret_bytes / sizeof(DWORD);
printf("%u working processes found...\n",number_of_proc);
// Read all the process' names
proc_file=fopen("process.txt","w");
for (unsigned int i=0;i<number_of_proc;i++)
{
if (proc_id[i]!=0) // if the id is not empty
{
TCHAR proc_name[MAX_PATH] = TEXT("<unknown>"); // array for storing name of process
TCHAR file_name[MAX_PATH] = TEXT("<unknown>"); // array for executable of process
HANDLE proc_handle = OpenProcess(PROCESS_ALL_ACCESS , false, proc_id[i]); // open the process
if(proc_handle==NULL) fprintf(proc_file,"%3u - NULL HANDLE (PID: %u) err %u\n\n",i,proc_id[i],GetLastError());
HMODULE hMod;
DWORD cbNeeded;
if(EnumProcessModulesEx( proc_handle, &hMod, sizeof(HMODULE),&cbNeeded,LIST_MODULES_ALL))
{
GetModuleBaseName( proc_handle, hMod, proc_name,sizeof(proc_name)/sizeof(TCHAR) ); // Get the name of the process
/*_tprintf( TEXT("%3u - %s (PID: %u)\n"),i, proc_name,proc_id[i] );*/
fprintf(proc_file,("%3u - %s (PID: %u)\n"),i, proc_name,proc_id[i]);
//GetProcessImageFileName(proc_handle,file_name,sizeof(file_name)/sizeof(TCHAR));
DWORD size=sizeof(file_name)/sizeof(TCHAR);
QueryFullProcessImageName(proc_handle,0,file_name,&size); // Get the name of the image base file
//_tprintf( TEXT("%s\n"),file_name );
fprintf(proc_file,("\t%s\n"),file_name);
}
else
if(proc_handle!=NULL)
fprintf(proc_file,"%3u - EnumProcessModules() not working... (PID: %u) err %u\n",i,proc_id[i],GetLastError());
//QueryFullProcessImageName(proc_handle,1,proc_name,sizeof(proc_name)/sizeof(TCHAR));
//GetProcessImageFileName(proc_handle,proc_name,sizeof(proc_name)/sizeof(TCHAR));
}
}
fclose(proc_file);
DWORD proc_id[1024];//进程id的数组
DWORD ret_字节;//从EnumProcess()返回的字节数
文件*proc_文件;//存储进程列表的步骤
//获取进程id的列表
if(!enumprocess(proc_id,sizeof(proc_id),&ret_字节))
{
printf(“无法执行枚举进程()…\n”);
系统(“暂停”);
返回;
}
printf(“检索进程id列表…\n”);
//计算返回了多少进程标识符。
程序的DWORD编号进程数
进程的数量=返回字节/大小(DWORD);
printf(“找到%u个工作进程…\n”,进程的编号);
//读取所有进程的名称
proc_file=fopen(“process.txt”、“w”);
对于(unsigned int i=0;i要在您没有权限时获取进程\u ALL\u访问权限,请调用您的SeDebugPrivilege
参考文献
若要在您没有权限时获取PROCESS\u ALL\u访问权限,请调用您的SeDebugPrivilege权限
参考文献
多亏了推荐,我才能够对问题进行排序。下面是信息的工作代码
DWORD proc_id[1024]; // array for process id's
DWORD ret_bytes; // number of bytes returned from EnumProcesses()
FILE *proc_file; // to store the process list
HANDLE hProcess; // handle for current process
HANDLE hToken; // handle for token result
LUID Luid; // local unique identifier
TOKEN_PRIVILEGES TP; // token priviliges
TOKEN_PRIVILEGES TPprev;
DWORD cbprev;
hProcess = GetCurrentProcess(); // Get handle for current process
DWORD lResult = OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY , &hToken); // Open process token for current process
if (lResult==0){
printf("Cannot open process token: %x\n",lResult);
system("pause");
return;}
else{
printf("Open process token: %x\n",hToken);
}
// Grab the LUID for the request privilege.
lResult = LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &Luid);
if (lResult==0){
printf("Cannot open look up priv. value: %x\n",lResult);
system("pause");
return;}
else{
printf("Priv. look up succesfull: %x\n",Luid);
}
cbprev=sizeof(TP);
TP.PrivilegeCount=1;
TP.Privileges[0].Luid = Luid;
TP.Privileges[0].Attributes = 0;
lResult = AdjustTokenPrivileges(hToken, FALSE, &TP, sizeof(TP), &TPprev, &cbprev );
if (lResult==0){
printf("Cannot retrieve privilege: %x (error:%u)\n",lResult,GetLastError());
system("pause");
return;}
else{
printf("Privilege retrieved succesfully\n");
}
// Adjust the token privilege
TPprev.PrivilegeCount=1;
TPprev.Privileges[0].Luid=Luid;
TPprev.Privileges[0].Attributes=2; //SE_PRIVILEGE_ENABLED
lResult = AdjustTokenPrivileges(hToken, FALSE, &TPprev, sizeof(TP), &TP, &cbprev);
if (lResult==0){
printf("Cannot adjust privilege: %x (error:%u)\n",lResult,GetLastError());
system("pause");
return;}
else{
printf("Privilege adjusted succesfully\n");
}
// Get list of process id's
if ( !EnumProcesses( proc_id, sizeof(proc_id), &ret_bytes ) )
{
printf("Can not execute EnumProcesses()...\n");
system("pause");
return;
}
printf("Retriving process id list...\n");
// Calculate how many process identifiers were returned.
DWORD number_of_proc; // number of processes
number_of_proc = ret_bytes / sizeof(DWORD);
printf("%u working processes found...\n",number_of_proc);
// Read all the process' names
proc_file=fopen("process.txt","w");
for (unsigned int i=0;i<number_of_proc;i++)
{
if (proc_id[i]!=0) // if the id is not empty
{
TCHAR proc_name[MAX_PATH] = TEXT("<unknown>"); // array for storing name of process
TCHAR file_name[MAX_PATH] = TEXT("<unknown>"); // array for executable of process
HANDLE proc_handle = OpenProcess(PROCESS_ALL_ACCESS , false, proc_id[i]); // open the process
if(proc_handle==NULL) fprintf(proc_file,"%3u - NULL HANDLE (PID: %u) err %u\n\n",i,proc_id[i],GetLastError());
HMODULE hMod;
DWORD cbNeeded;
if(EnumProcessModulesEx( proc_handle, &hMod, sizeof(HMODULE),&cbNeeded,LIST_MODULES_ALL))
{
GetModuleBaseName( proc_handle, hMod, proc_name,sizeof(proc_name)/sizeof(TCHAR) ); // Get the name of the process
fprintf(proc_file,("%3u - %s (PID: %u)\n"),i, proc_name,proc_id[i]);
DWORD size=sizeof(file_name)/sizeof(TCHAR);
QueryFullProcessImageName(proc_handle,0,file_name,&size); // Get the name of the image base file
fprintf(proc_file,("\t%s\n"),file_name);
}
else
if(proc_handle!=NULL)
fprintf(proc_file,"%3u - EnumProcessModules() not working... (PID: %u) err %u\n",i,proc_id[i],GetLastError());
}
}
fclose(proc_file);
DWORD proc_id[1024];//进程id的数组
DWORD ret_bytes;//从EnumProcess()返回的字节数
FILE*proc_FILE;//用于存储进程列表
HANDLE hProcess;//当前进程的句柄
HANDLE hToken;//令牌结果的句柄
LUID LUID;//本地唯一标识符
令牌特权TP;//令牌特权
TOKEN_特权TPprev;
德沃德·卡普雷夫;
HPProcess=GetCurrentProcess();//获取当前进程的句柄
DWORD lResult=OpenProcessToken(hproces,TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,&hToken);//为当前进程打开进程令牌
如果(lResult==0){
printf(“无法打开进程令牌:%x\n”,lResult);
系统(“暂停”);
返回;}
否则{
printf(“打开进程令牌:%x\n”,hToken);
}
//获取请求权限的LUID。
lResult=LookupPrivilegeValue(NULL、SE_DEBUG_NAME和Luid);
如果(lResult==0){
printf(“无法打开查找优先级值:%x\n”,lResult);
系统(“暂停”);
返回;}
否则{
printf(“Priv.查找成功:%x\n”,Luid);
}
cbprev=sizeof(TP);
TP.privilegecont=1;
TP.Privileges[0]。Luid=Luid;
TP.Privileges[0]。属性=0;
lResult=AdjustTokenPrivileges(hToken、FALSE和TP、sizeof(TP)、TPprev和cbprev);
如果(lResult==0){
printf(“无法检索权限:%x(错误:%u)\n”,lResult,GetLastError());
系统(“暂停”);
返回;}
否则{
printf(“成功检索到权限\n”);
}
//调整令牌权限
TPprev.privilegecont=1;
TPprev.Privileges[0]。Luid=Luid;
TPprev.Privileges[0].Attributes=2;//SE\u PRIVILEGE\u已启用
lResult=AdjustTokenPrivileges(hToken、FALSE和TPprev、sizeof(TP)、TP和cbprev);
如果(lResult==0){
printf(“无法调整权限:%x(错误:%u)\n”,lResult,GetLastError());
系统(“暂停”);
返回;}
否则{
printf(“权限成功调整\n”);
}
//获取进程id的列表
if(!enumprocess(proc_id,sizeof(proc_id),&ret_字节))
{
printf(“无法执行枚举进程()…\n”);
系统(“暂停”);
返回;
}
printf(“检索进程id列表…\n”);
//计算返回了多少进程标识符。
DWORD number_of_proc;//进程数
进程的数量=返回字节/大小(DWORD);
printf(“找到%u个工作进程…\n”,进程的编号);
//读取所有进程的名称
proc_file=fopen(“process.txt”、“w”);
对于(unsigned int i=0;i,由于建议,我能够对问题进行排序
DWORD proc_id[1024]; // array for process id's
DWORD ret_bytes; // number of bytes returned from EnumProcesses()
FILE *proc_file; // to store the process list
HANDLE hProcess; // handle for current process
HANDLE hToken; // handle for token result
LUID Luid; // local unique identifier
TOKEN_PRIVILEGES TP; // token priviliges
TOKEN_PRIVILEGES TPprev;
DWORD cbprev;
hProcess = GetCurrentProcess(); // Get handle for current process
DWORD lResult = OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY , &hToken); // Open process token for current process
if (lResult==0){
printf("Cannot open process token: %x\n",lResult);
system("pause");
return;}
else{
printf("Open process token: %x\n",hToken);
}
// Grab the LUID for the request privilege.
lResult = LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &Luid);
if (lResult==0){
printf("Cannot open look up priv. value: %x\n",lResult);
system("pause");
return;}
else{
printf("Priv. look up succesfull: %x\n",Luid);
}
cbprev=sizeof(TP);
TP.PrivilegeCount=1;
TP.Privileges[0].Luid = Luid;
TP.Privileges[0].Attributes = 0;
lResult = AdjustTokenPrivileges(hToken, FALSE, &TP, sizeof(TP), &TPprev, &cbprev );
if (lResult==0){
printf("Cannot retrieve privilege: %x (error:%u)\n",lResult,GetLastError());
system("pause");
return;}
else{
printf("Privilege retrieved succesfully\n");
}
// Adjust the token privilege
TPprev.PrivilegeCount=1;
TPprev.Privileges[0].Luid=Luid;
TPprev.Privileges[0].Attributes=2; //SE_PRIVILEGE_ENABLED
lResult = AdjustTokenPrivileges(hToken, FALSE, &TPprev, sizeof(TP), &TP, &cbprev);
if (lResult==0){
printf("Cannot adjust privilege: %x (error:%u)\n",lResult,GetLastError());
system("pause");
return;}
else{
printf("Privilege adjusted succesfully\n");
}
// Get list of process id's
if ( !EnumProcesses( proc_id, sizeof(proc_id), &ret_bytes ) )
{
printf("Can not execute EnumProcesses()...\n");
system("pause");
return;
}
printf("Retriving process id list...\n");
// Calculate how many process identifiers were returned.
DWORD number_of_proc; // number of processes
number_of_proc = ret_bytes / sizeof(DWORD);
printf("%u working processes found...\n",number_of_proc);
// Read all the process' names
proc_file=fopen("process.txt","w");
for (unsigned int i=0;i<number_of_proc;i++)
{
if (proc_id[i]!=0) // if the id is not empty
{
TCHAR proc_name[MAX_PATH] = TEXT("<unknown>"); // array for storing name of process
TCHAR file_name[MAX_PATH] = TEXT("<unknown>"); // array for executable of process
HANDLE proc_handle = OpenProcess(PROCESS_ALL_ACCESS , false, proc_id[i]); // open the process
if(proc_handle==NULL) fprintf(proc_file,"%3u - NULL HANDLE (PID: %u) err %u\n\n",i,proc_id[i],GetLastError());
HMODULE hMod;
DWORD cbNeeded;
if(EnumProcessModulesEx( proc_handle, &hMod, sizeof(HMODULE),&cbNeeded,LIST_MODULES_ALL))
{
GetModuleBaseName( proc_handle, hMod, proc_name,sizeof(proc_name)/sizeof(TCHAR) ); // Get the name of the process
fprintf(proc_file,("%3u - %s (PID: %u)\n"),i, proc_name,proc_id[i]);
DWORD size=sizeof(file_name)/sizeof(TCHAR);
QueryFullProcessImageName(proc_handle,0,file_name,&size); // Get the name of the image base file
fprintf(proc_file,("\t%s\n"),file_name);
}
else
if(proc_handle!=NULL)
fprintf(proc_file,"%3u - EnumProcessModules() not working... (PID: %u) err %u\n",i,proc_id[i],GetLastError());
}
}
fclose(proc_file);
DWORD proc_id[1024];//进程id的数组
DWORD ret_bytes;//从EnumProcess()返回的字节数
FILE*proc_FILE;//用于存储进程列表
HANDLE hProcess;//当前进程的句柄
HANDLE hToken;//令牌结果的句柄
LUID LUID;//本地唯一标识符
令牌特权TP;//令牌特权
TOKEN_特权TPprev;
德沃德·卡普雷夫;
HPProcess=GetCurrentProcess();//获取当前进程的句柄
DWORD lResult=OpenProcessToken(hproces,TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,&hToken);//为当前进程打开进程令牌
如果(lResult==0){
printf(“无法打开进程令牌:%x\n”,lResult);
系统(“暂停”);
返回;}
否则{
printf(“打开进程令牌:%x\n”,hToken);
}
//获取请求权限的LUID。
lResult=LookupPrivilegeValue(NULL、SE_DEBUG_NAME和Luid);
如果(lResult==0){
printf(“无法打开查找优先级值:%x\n”,lResult);
系统(“暂停”);
返回;}
否则{
printf(“Priv.查找成功:%x\n”,Luid);
}
cbprev=sizeof(TP);
TP.privilegecont=1;
TP.Privileges[0]。Luid=Luid;
TP.Privileges[0]。属性=0;
lResult=AdjustTokenPrivileges(hToken、FALSE和TP、sizeof(TP)、TPprev和cbprev);
如果(lResult==0){
printf(“无法检索权限:%x(错误:%u)\n”,lResult,GetLastError());
系统(“暂停”);
返回;}
否则{
printf(“成功检索到权限\n”);
}
//调整令牌权限
TPprev.privilegecont=1;
TPprev.Privileges[0]。Luid=Luid;
TPprev.Privileges[0].Attributes=2;//SE\u PRIVILEGE\u已启用
lResult=AdjustTokenPrivileges(hToken、FALSE和TPprev、sizeof(TP)、TP和cbprev);
如果(lResult==0){
printf(“无法调整权限:%x(错误:%u)\n”,lResult,GetLastError());
系统(“暂停”);
返回;}
否则{
printf(“权限成功调整\n”);
}
//获取进程id的列表
if(!enumprocess(proc_id,sizeof(proc_id),&ret_字节))
{
printf(“无法执行枚举进程()…\n”);
系统(“暂停”);
返回;
}
printf