枚举进程
1、通过系统快照完成枚举系统进程
#include <Windows.h>
#include <TlHelp32.h>
#include <stdio.h>
int main()
{
PROCESSENTRY32 processEntry = {0};
HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); //创建进程(TH32CS_SNAPPROCESS)的快照,并返回句柄
if (hProcessSnap == INVALID_HANDLE_VALUE) //如果非法
return -1;
processEntry.dwSize = sizeof(PROCESSENTRY32);
BOOL bRet = Process32First(hProcessSnap,&processEntry);
while (bRet)
{
printf("%s,进程ID:%d\n", processEntry.szExeFile,processEntry.th32ProcessID);
bRet = Process32Next(hProcessSnap, &processEntry);
}
printf("hello World!\n");
system("pause");
return 0;
}2、通过枚举进程
/*记得要添加在工程->配置属性->链接器->输入->附加依赖项->增加psapi.lib*/
#include <Windows.h>
#include <stdio.h>
#include <Psapi.h>
#include <stdlib.h>
BOOL UpdateProcessPrivilege(HANDLE hProcess,LPCTSTR lpPrivilegeName = SE_DEBUG_NAME);//提供权限函数声明
int main()
{
//提示权限
UpdateProcessPrivilege(GetCurrentProcess());
DWORD ProcessId[1024];
DWORD cbNeeded;
DWORD processcount;
if (!EnumProcesses(ProcessId, sizeof(ProcessId), &cbNeeded))
{
printf("Failed\n");
return -1;
}
processcount = cbNeeded / sizeof(DWORD); //计算一共有几个进程
printf("当前一共有%d个进程\n\n", processcount);
for (DWORD i = 0; i < processcount;i++)
{
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION|PROCESS_VM_READ,FALSE,ProcessId[i]);//要打开进程,就要提高本身的权限
if (hProcess)
{
printf("\nProcessID:%d打开成功\n",ProcessId[i]);
}else
{
printf("\nProcessID:%d打开失败\n", ProcessId[i]);
}
}
system("pause");
return 0;
}
BOOL UpdateProcessPrivilege(HANDLE hProcess, LPCTSTR lpPrivilegeName)
{
HANDLE hToken;
int iResult;
TOKEN_PRIVILEGES TokenPrivileges;
if (OpenProcessToken(hProcess, TOKEN_ALL_ACCESS, &hToken))
{
LUID destLuid;
if (LookupPrivilegeValue(NULL, lpPrivilegeName, &destLuid))
{
TokenPrivileges.PrivilegeCount = 1;
TokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
TokenPrivileges.Privileges[0].Luid = destLuid;
if (iResult = AdjustTokenPrivileges(hToken, FALSE, &TokenPrivileges, 0, NULL, NULL)){
return TRUE;
}
}
}
return FALSE;
}