c++中进程的挂起
来源:互联网 发布:知金教育收费多少 编辑:程序博客网 时间:2024/05/16 06:26
NtTerminateProcess 、NtResumeProcess 、NtSuspendProcess
这三个函数是微软内核api
可以在线查询
*++Module Name:NtSuspendProcess.cppAbstract:This utility [Suspend|Resume] processes.Author:Michael Wookey 6-Jun-2003 ([email]ntutils@wookey.org[/email])Notes:NtSuspendProcess.exe [Suspend|Resume] pidCompiler:VC7Build:cl NtSuspendProcess.cpp// Add Unicode Suppert, [2/23/2010 dnybz([email]cnfreebsd@163.com[/email])]--*/#define STRICT#define WIN32_LEAN_AND_MEAN#include <windows.h>#include <stdlib.h>#include <stdio.h>#include <tchar.h>//// The native functions exported from ntdll.//typedef LONG ( NTAPI *_NtSuspendProcess )( IN HANDLE ProcessHandle );typedef LONG ( NTAPI *_NtResumeProcess )( IN HANDLE ProcessHandle );bool EnableDebugPrivilege() { HANDLE hToken; LUID sedebugnameValue; TOKEN_PRIVILEGES tkp; if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)){ return FALSE; } if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &sedebugnameValue)) { CloseHandle(hToken); return false; } tkp.PrivilegeCount = 1; tkp.Privileges[0].Luid = sedebugnameValue; tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; if (!AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(tkp), NULL, NULL)) { CloseHandle(hToken); return false; } return true; }int _tmain( int argc, _TCHAR* argv[] ){HANDLE ProcessHandle = 0;_NtSuspendProcess NtSuspendProcess = 0;_NtResumeProcess NtResumeProcess = 0;//// Make sure we have enough arguments.//if( 3 > argc ){ printf( "usage [Suspend|Resume] pid\n" ); return 0;}//// Obtain our function imports.//NtSuspendProcess = (_NtSuspendProcess) GetProcAddress( GetModuleHandle( _T("ntdll") ), "NtSuspendProcess" );NtResumeProcess = (_NtResumeProcess) GetProcAddress( GetModuleHandle( _T("ntdll") ), "NtResumeProcess" );//// Attempt to open the target process.//EnableDebugPrivilege();ProcessHandle = OpenProcess( PROCESS_ALL_ACCESS, FALSE, _tstoi( argv[2] ));//// Suspend or Resume the process. Note that these alter the process'// suspend count, so freezing the process twice will require thawing// the process twice to restore.//if( ! ProcessHandle ){ printf( "Unable to open process id %d\n", _tstoi( argv[2] ));}else{ if( ! lstrcmpi( argv[1], _T("Suspend") )) { if( NtSuspendProcess ) { NtSuspendProcess( ProcessHandle ); } } else if( ! lstrcmpi( argv[1], _T("Resume") )) { if( NtResumeProcess ) { NtResumeProcess( ProcessHandle ); } } else { printf( "usage [Suspend|Resume] pid\n" ); }}//// Close our process handle.//if( ProcessHandle ){ CloseHandle( ProcessHandle );}return 0;}/* EOF */
- c++中进程的挂起
- 进程管理中,挂起的具体含义
- 进程的挂起
- 进程的挂起状态
- C 挂起和恢复进程
- 【语言-C++】C++、C 创建挂起进程
- Jbpm中进程实例的挂起与释放
- 一段挂起进程中所有线程的代码
- linux中线程的挂起与恢复(进程暂停)
- linux中线程的挂起与恢复(进程暂停)
- linux中线程的挂起与恢复(进程暂停)
- 挂起某个进程中所有线程的方法
- 挂起进程和进程的阻塞和挂起的区别
- 挂起进程的三个函数
- 进程的阻塞和挂起
- 进程的挂起与阻塞
- 进程的挂起与阻塞
- 进程的阻塞和挂起的区别
- 写给那些分手之后还留在原地的人:伤感日志
- MMAP和madvise的配套使用
- FEC(Forward Error Correction)前向纠错 UDP\RTP 中使用用于改善无线等网络丢包等问题
- Solr中文分词配置(IKAnalyzer)
- 关于宝宝培养的思考 (二)
- c++中进程的挂起
- spring3.0 MVC笔记3--从spring2.0转向spring3.0-集成Hibernate3及声明式事务
- 各种有用的网址(持续更新)
- 内联函数与宏定义区别
- WEB Content-Type
- Canvas类介绍以及相关方法
- 2009-03-17 13:32 HP小机常见故障及解决办法
- Oracle rownum 分页, 排序
- cc
