//Coded by Robinh00d
//list process,kill specific process by PID
//Date:2005/08/28
#include
#include
#include
int usage() ;
void EnumProcesses() ;
BOOL KillProcess(int pid) ;
void EnumModule(int pid) ;
void EnumThread(int pid) ;
int main(int argc, char *argv[])
{
BOOL isKilled ;
if (argc == 1)
{
usage() ;
}
else if (!strncmp(argv[1], "/l", 2))
{
EnumProcesses() ;
}
else if (!strncmp(argv[1], "/k",2) && argv[2] != NULL)
{
isKilled = KillProcess(atoi(argv[2])) ;
if (isKilled)
{
printf("Clear Process List!:-)\n") ;
}
else
{
printf("Fail!:-(\n") ;
}
}
else if (!strncmp(argv[1], "/m",2) && argv[2] != NULL)
{
EnumModule(atoi(argv[2])) ;
}
else if (!strncmp(argv[1], "/?", 2))
{
usage() ;
}
else
{
printf("Wrong Arguments!\n") ;
usage() ;
}
}
int usage()
{
printf("\n") ;
printf("-----------------------------\n") ;
printf("[Process List v1.0]\n\n") ;
printf("Author:Robinh00d\n") ;
printf("Date:2005/08/25\n") ;
printf("-----------------------------\n") ;
printf("usage:pi /l /k [PID] /m[PID]\n") ;
printf("/l:List all the process\n") ;
printf("/k [PID]:Clear the process\n") ;
printf("/m [PID]:Process List") ;
printf("\n-----------------------------\n") ;
printf("\n") ;
return 0 ;
}
void EnumProcesses()
{
HANDLE hSnapshot ;
BOOL ret ;
TCHAR *szPid = TEXT("PID") ;
TCHAR *iCntThreads = TEXT("Threads") ;
TCHAR *szExeFile = TEXT("Executable") ;
PROCESSENTRY32 pe32 ;
pe32.dwSize = sizeof(PROCESSENTRY32) ;
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0) ;
if (INVALID_HANDLE_VALUE == hSnapshot)
{
printf("Error Number: %d", GetLastError()) ;
ExitProcess(1) ;
}
ret = Process32First(hSnapshot, &pe32) ;
printf("%5s%15s%25s\n", szPid, iCntThreads, szExeFile) ;
printf("==============================================\n") ;
while(ret)
{
printf("%5d%15d%25s\n",pe32.th32ProcessID, pe32.cntThreads, pe32.szExeFile) ;
ret = Process32Next(hSnapshot, &pe32) ;
}
CloseHandle(hSnapshot) ;
}
BOOL KillProcess(int pid)
{
BOOL ret ;
HANDLE hToken ;
HANDLE hProcess ;
TOKEN_PRIVILEGES tp ;
ret = OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken) ;
if (ret == 0)
{
printf("Error Number:%d\n", GetLastError()) ;
ExitProcess(1) ;
}
LookupPrivilegeValue(NULL, "SeDebugPrivilege", &tp.Privileges[0].Luid) ;
tp.PrivilegeCount = 1 ;
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED ;
ret = AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(tp), NULL, NULL) ;
if (ret != 0)
{
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid) ;
if (hProcess == NULL)
{
printf("Error Number:%d\n", GetLastError()) ;
ExitProcess(1) ;
}
ret = TerminateProcess(hProcess, 1) ;
if (ret == 0)
{
return FALSE ;
}
WaitForSingleObject(hProcess, 5000) ;
}
CloseHandle(hToken) ;
return TRUE ;
}
void EnumModule(int pid)
{
HANDLE hSnapshot ;
MODULEENTRY32 me32 ;
BOOL ret ;
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid) ;
me32.dwSize = sizeof(MODULEENTRY32) ;
ret = Module32First(hSnapshot, &me32) ;
printf("Process ID:%d[Module Infomation]\n", pid) ;
printf("==============================================\n") ;
while(ret)
{
printf("Mudule Name = %s\n",me32.szModule) ;
printf("Usage Count(Global) = %d\n", me32.GlblcntUsage) ;
printf("Usage Count(Process) = %d\n", me32.GlblcntUsage) ;
printf("Base Address = 0x%x\n", me32.modBaseAddr) ;
printf("Base Size = %d??\n", me32.modBaseSize) ;
printf("Executable = %s\n", me32.szExePath) ;
printf("\n\n") ;
ret = Module32Next(hSnapshot, &me32) ;
}
}
Nghiên cứu Multimedia (âm thanh, hình ảnh, ánh sáng, phim ) - Kỹ thuật đảo mã độc hại - Bẻ khóa phần mềm - Độc tấu ghita - Phần mềm văn phòng - Kiếm tiền trên mạng - Lĩnh vực khác
Trao đổi với tôi
http://www.buidao.com