#include<windows.h>
#include <stdio.h>
#include "PSAPI.H"
#pragma comment( lib, "PSAPI.LIB" )
BOOL EnablePrivilege(HANDLE hToken,LPCSTR szPrivName);
int main(void)
{
DWORD processid[1024],needed,processcount,i;
HANDLE hProcess;
HMODULE hModule;
char path[MAX_PATH] = "",temp[256];
HANDLE hToken;
printf("ShowProcessPath 2.0 with [Process Status API]\n\n");
if ( OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES,&hToken) )
{
if (EnablePrivilege(hToken,SE_DEBUG_NAME))
{
EnumProcesses(processid, sizeof(processid), &needed);
processcount=needed/sizeof(DWORD);
for (i=0;i<processcount;i++)
{
hProcess=OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,false,processid[i]);
if (hProcess)
{
EnumProcessModules(hProcess, &hModule, sizeof(hModule), &needed);
GetModuleFileNameEx(hProcess, hModule, path, sizeof(path));
GetShortPathName(path,path,256);
itoa(processid[i],temp,10);
printf("%s --- %s\n",path,temp);
}
else
printf("Failed!!!\n");
}
}
}
CloseHandle(hProcess);
CloseHandle(hModule);
itoa(processcount,temp,10);
printf("\nProcess Count:%s\n\n",temp);
return 0;
}
BOOL EnablePrivilege(HANDLE hToken,LPCSTR szPrivName)
{
TOKEN_PRIVILEGES tkp;
LookupPrivilegeValue( NULL,szPrivName,&tkp.Privileges[0].Luid );//修改进程权限
tkp.PrivilegeCount=1;
tkp.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges( hToken,FALSE,&tkp,sizeof tkp,NULL,NULL );//通知系统修改进程权限
return( (GetLastError()==ERROR_SUCCESS) );
}
posted on 2011-12-23 08:39
烈焰之光 阅读(271)
评论(0) 编辑 收藏 引用 所属分类:
进程