枚举进程

枚举进程

1、通过系统快照完成枚举系统进程

#include <Windows.h>#include <TlHelp32.h>#include <stdio.h>int main(){PROCESSENTRY32 processEntry = {0};HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);//创建进程（TH32CS_SNAPPROCESS）的快照，并返回句柄if (hProcessSnap == INVALID_HANDLE_VALUE)//如果非法return -1;processEntry.dwSize = sizeof(PROCESSENTRY32);BOOL bRet = Process32First(hProcessSnap,&processEntry);while (bRet){printf("%s,进程ID:%d\n",  processEntry.szExeFile,processEntry.th32ProcessID);bRet = Process32Next(hProcessSnap, &processEntry);}printf("hello World!\n");system("pause");return 0;}

2、通过枚举进程

/*记得要添加在工程->配置属性->链接器->输入->附加依赖项->增加psapi.lib*/#include <Windows.h>#include <stdio.h>#include <Psapi.h>#include <stdlib.h>BOOL UpdateProcessPrivilege(HANDLE hProcess,LPCTSTR lpPrivilegeName = SE_DEBUG_NAME);//提供权限函数声明int main(){//提示权限UpdateProcessPrivilege(GetCurrentProcess());DWORD ProcessId[1024];DWORD cbNeeded;DWORD processcount;if (!EnumProcesses(ProcessId, sizeof(ProcessId), &cbNeeded)){printf("Failed\n");return -1;}processcount = cbNeeded / sizeof(DWORD);//计算一共有几个进程printf("当前一共有%d个进程\n\n", processcount);for (DWORD i = 0; i < processcount;i++){HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION|PROCESS_VM_READ,FALSE,ProcessId[i]);//要打开进程，就要提高本身的权限if (hProcess){printf("\nProcessID:%d打开成功\n",ProcessId[i]);}else{printf("\nProcessID:%d打开失败\n", ProcessId[i]);}}system("pause");return 0;}BOOL UpdateProcessPrivilege(HANDLE hProcess, LPCTSTR lpPrivilegeName){HANDLE hToken;int iResult;TOKEN_PRIVILEGES TokenPrivileges;if (OpenProcessToken(hProcess, TOKEN_ALL_ACCESS, &hToken)){LUID destLuid;if (LookupPrivilegeValue(NULL, lpPrivilegeName, &destLuid)){TokenPrivileges.PrivilegeCount = 1;TokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;TokenPrivileges.Privileges[0].Luid = destLuid;if (iResult = AdjustTokenPrivileges(hToken, FALSE, &TokenPrivileges, 0, NULL, NULL)){return TRUE;}}}return FALSE;}