#include<Windows.h>
#include<stdio.h>
#include <malloc.h>
#include <TlHelp32.h>
#include <string.h>
#include <malloc.h>
#define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)
#define STATUS_SUCCESS 0x00000000
#define STATUS_UNSUCCESSFUL 0xC0000001
#define STATUS_INFO_LENGTH_MISMATCH 0xC0000004
typedef enum _SYSTEM_INFORMATION_CLASS {
SystemBasicInformation,
SystemProcessorInformation, // obsolete...delete
SystemPerformanceInformation,
SystemTimeOfDayInformation,
SystemPathInformation,
SystemProcessInformation,
SystemCallCountInformation,
SystemDeviceInformation,
SystemProcessorPerformanceInformation,
SystemFlagsInformation,
SystemCallTimeInformation,
SystemModuleInformation,
SystemLocksInformation,
SystemStackTraceInformation,
SystemPagedPoolInformation,
SystemNonPagedPoolInformation,
SystemHandleInformation,
SystemObjectInformation,
SystemPageFileInformation,
SystemVdmInstemulInformation,
SystemVdmBopInformation,
SystemFileCacheInformation,
SystemPoolTagInformation,
SystemInterruptInformation,
SystemDpcBehaviorInformation,
SystemFullMemoryInformation,
SystemLoadGdiDriverInformation,
SystemUnloadGdiDriverInformation,
SystemTimeAdjustmentInformation,
SystemSummaryMemoryInformation,
SystemMirrorMemoryInformation,
SystemPerformanceTraceInformation,
SystemObsolete0,
SystemExceptionInformation,
SystemCrashDumpStateInformation,
SystemKernelDebuggerInformation,
SystemContextSwitchInformation,
SystemRegistryQuotaInformation,
SystemExtendServiceTableInformation,
SystemPrioritySeperation,
SystemVerifierAddDriverInformation,
SystemVerifierRemoveDriverInformation,
SystemProcessorIdleInformation,
SystemLegacyDriverInformation,
SystemCurrentTimeZoneInformation,
SystemLookasideInformation,
SystemTimeSlipNotification,
SystemSessionCreate,
SystemSessionDetach,
SystemSessionInformation,
SystemRangeStartInformation,
SystemVerifierInformation,
SystemVerifierThunkExtend,
SystemSessionProcessInformation,
SystemLoadGdiDriverInSystemSpace,
SystemNumaProcessorMap,
SystemPrefetcherInformation,
SystemExtendedProcessInformation,
SystemRecommendedSharedDataAlignment,
SystemComPlusPackage,
SystemNumaAvailableMemory,
SystemProcessorPowerInformation,
SystemEmulationBasicInformation,
SystemEmulationProcessorInformation,
SystemExtendedHandleInformation,
SystemLostDelayedWriteInformation,
SystemBigPoolInformation,
SystemSessionPoolTagInformation,
SystemSessionMappedViewInformation,
SystemHotpatchInformation,
SystemObjectSecurityMode,
SystemWatchdogTimerHandler,
SystemWatchdogTimerInformation,
SystemLogicalProcessorInformation,
SystemWow64SharedInformation,
SystemRegisterFirmwareTableInformationHandler,
SystemFirmwareTableInformation,
SystemModuleInformationEx,
SystemVerifierTriageInformation,
SystemSuperfetchInformation,
SystemMemoryListInformation,
SystemFileCacheInformationEx,
MaxSystemInfoClass // MaxSystemInfoClass should always be the last enum
} SYSTEM_INFORMATION_CLASS;
typedef struct _LSA_UNICODE_STRING {
USHORT Length;
USHORT MaximumLength;
PWSTR Buffer;} LSA_UNICODE_STRING, *PLSA_UNICODE_STRING, UNICODE_STRING, *PUNICODE_STRING;
typedef struct _SYSTEM_HANDLE_INFORMATION
{
ULONG dwProcessId;
BYTE bObjectType;
BYTE bFlags;
USHORT wValue;
PVOID pAddress;
DWORD GrantedAccess;
} SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;
typedef struct _SYSTEM_HANDLE_INFORMATION_EX{
ULONG NumberOfHandles;
SYSTEM_HANDLE_INFORMATION Handles[1];
} SYSTEM_HANDLE_INFORMATION_EX, *PSYSTEM_HANDLE_INFORMATION_EX;
//=====================函式定義=============================
typedef NTSTATUS (WINAPI *NTQUERYSYSTEMINFORMATION)(SYSTEM_INFORMATION_CLASS,PVOID,ULONG,PULONG);
ULONG _GetProcessID()
{
int a;
BOOL A;
HANDLE Handle;
PROCESSENTRY32 pe32;
pe32.dwSize=sizeof(pe32);
Handle=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
A=Process32First(Handle,&pe32);
while(A!=FALSE)
{
a=strcmp(pe32.szExeFile,"KuGou.exe");
if (a==0)
{
CloseHandle(Handle);
return (ULONG)pe32.th32ProcessID;
}
A=Process32Next(Handle,&pe32);
}
printf("程式沒有運行!\n");
CloseHandle(Handle);
return 0;
}
DWORD _GetHandleinInformation(LPVOID lpParam)
{
NTSTATUS Status;
PSYSTEM_HANDLE_INFORMATION_EX hdInfo;
PVOID pBuffer;
ULONG needsize=0x8000;
NTQUERYSYSTEMINFORMATION ZwQuerySystemInformation;
ZwQuerySystemInformation=(NTQUERYSYSTEMINFORMATION)(GetProcAddress(LoadLibraryA("ntdll.dll"),"ZwQuerySystemInformation"));
//printf("ZwQuerySystemInformation:%0x\n",ZwQuerySystemInformation);
if (ZwQuerySystemInformation==NULL)
{
printf("ZwQuerySystemInformationFaild\n");
return 0;
}
do
{
pBuffer=malloc(needsize);
//memset(pBuffer,0,needsize);
Status=ZwQuerySystemInformation(SystemHandleInformation,pBuffer,needsize,NULL);
if (Status!=STATUS_SUCCESS)
{
free(pBuffer);
needsize=needsize*2;
}
} while (Status!=STATUS_SUCCESS);
printf("GetHandleInfoSucessful\n");
hdInfo=(PSYSTEM_HANDLE_INFORMATION_EX)pBuffer;
free(pBuffer);
if (hdInfo=NULL)
{
printf("TurntoSYSTEM_HANDLE_INFORMATION,Faild\n");
free(pBuffer);
return 0;
}
for (int i=0;i<hdInfo->NumberOfHandles;i++)
{
if (hdInfo->Handles->dwProcessId!=_GetProcessID())
{
continue;
}
printf("1\n");
}
return 1;
}
ULONG _GetHandleInformation()
{
HANDLE ThreadHandle;
DWORD threadid,m;
PVOID pParm=NULL;
ThreadHandle=CreateThread(NULL,0,(LPTHREAD_START_ROUTINE)_GetHandleinInformation,pParm,0,&threadid);
m=WaitForSingleObject(ThreadHandle,INFINITE);
if (m==WAIT_TIMEOUT||m==WAIT_FAILED)
{
TerminateThread(ThreadHandle,0);
CloseHandle(ThreadHandle);
}
CloseHandle(ThreadHandle);
return 1;
}
void main()
{
_GetHandleInformation();
system("pause");
}
求指點!一直出錯
轉載請註明出處,本文鏈接:https://www.uj5u.com/houduan/122228.html
標籤:茶館
上一篇:C++ LEDA庫 parameterized graph write()的時候報錯,求大神指點
下一篇:C如何定義多個二維矩陣