A small tool for A/C + + traversal process and process ID

When we write some destructive program, we need to traverse and extract the ID of the process.

For these features, let's start with a few APIs

1.createtoolhelp32snapshout function

Get a snapshot of a process, module, or thread

The syntax is as follows:

HANDLE WINAPI CreateToolhelp32Snapshot (    _in_ DWORD dwFlags,    _in_ DWORD Th32processid  );

First parameter: The snapshot contains a part of the system with the following parameters:

We use th32cs_snapprocess here.

The snapshot contains all the processes inside the system.

The second one is about the PROCESSENTRY32 structure.

The syntax is as follows:

typedef struct TAGPROCESSENTRY32 {    DWORD     dwsize;    DWORD     cntusage;    DWORD     Th32processid;    Ulong_ptr Th32defaultheapid;    DWORD     Th32moduleid;    DWORD     cntthreads;    DWORD     Th32parentprocessid;    LONG      pcpriclassbase;    DWORD     dwFlags;    TCHAR     Szexefile[max_path];  } PROCESSENTRY32, *pprocessentry32;

This describes a portal, which is a process that is read in the system address space when the snapshot is invoked.

This is only about Szexefile[max_path] and

Th32parentprocessid: This is the identity of the process after the process was created (parent process)

Szexefile: The name of the executable file inside the process

Here is the source code! Some functions are not explained, but can be understood by comments or by literal means

#include <Windows.h>  #include <stdio.h>  #include <TlHelp32.h>    int main ()  {      HANDLE Hproceessnap = createtoolhelp32snapshot (th32cs_snapprocess, 0);      if (Hproceessnap = = Invalid_handle_value)      {          printf_s ("Failed to create snapshot \ n");          return-1;      }      else      {          PROCESSENTRY32 pe32;          pe32.dwsize = sizeof (PE32);          BOOL hprocess = Process32First (Hproceessnap, &pe32);          Char buff[1024];          while (hprocess)          {              wsprintf (buff, "process name:%s--------------------process id:%d", Pe32.szexefile, PE32.TH32PARENTPROCESSID);              printf_s ("%s\n", buff);              memset (Buff, 0x00, 1024x768);              hprocess = Process32Next (Hproceessnap, &pe32);          }      }      CloseHandle (HPROCEESSNAP);        return 0;  }

The operation results are as follows

These are the contents of the widgets for the C/s + + traversal process and the process ID, please follow topic.alibabacloud.com (www.php.cn) for more information!

