好看的课外书,穿越小说排行榜,完美世界辰东

新聞中心

這里有您想知道的互聯(lián)網(wǎng)營(yíng)銷(xiāo)解決方案

如何根據(jù)線(xiàn)程號(hào)獲取模塊信息-創(chuàng)新互聯(lián)

在得到線(xiàn)程之后，便可以通過(guò)openThread得到HANDLE，之后通過(guò)ZwQueryInformationThread獲取線(xiàn)程信息。

創(chuàng)新互聯(lián)公司主要從事網(wǎng)站建設(shè)、網(wǎng)站設(shè)計(jì)、網(wǎng)頁(yè)設(shè)計(jì)、企業(yè)做網(wǎng)站、公司建網(wǎng)站等業(yè)務(wù)。立足成都服務(wù)坪山,十年網(wǎng)站建設(shè)經(jīng)驗(yàn),價(jià)格優(yōu)惠、服務(wù)專(zhuān)業(yè),歡迎來(lái)電咨詢(xún)建站服務(wù):18980820575

Part1 準(zhǔn)備：

#include

#pragma comment(lib,"psapi.lib")

typedef enum _THREADINFOCLASS {

ThreadBasicInformation,

ThreadTimes,

ThreadPriority,

ThreadBasePriority,

ThreadAffinityMask,

ThreadImpersonationToken,

ThreadDescriptorTableEntry,

ThreadEnableAlignmentFaultFixup,

ThreadEventPair_Reusable,

ThreadQuerySetWin32StartAddress,

ThreadZeroTlsCell,

ThreadPerformanceCount,

ThreadAmILastThread,

ThreadIdealProcessor,

ThreadPriorityBoost,

ThreadSetTlsArrayAddress,

ThreadIsIoPending,

ThreadHideFromDebugger,

ThreadBreakOnTermination,

MaxThreadInfoClass

} THREADINFOCLASS;

typedef struct _CLIENT_ID {

HANDLE UniqueProcess;

HANDLE UniqueThread;

} CLIENT_ID;

typedef CLIENT_ID *PCLIENT_ID;

typedef struct _THREAD_BASIC_INFORMATION { // Information Class 0

LONG ExitStatus;

PVOID TebBaseAddress;

CLIENT_ID ClientId;

LONG AffinityMask;

LONG Priority;

LONG BasePriority;

} THREAD_BASIC_INFORMATION, *PTHREAD_BASIC_INFORMATION;

extern "C" LONG (__stdcall *ZwQueryInformationThread) (

IN HANDLE ThreadHandle,

IN THREADINFOCLASS ThreadInformationClass,

OUT PVOID ThreadInformation,

IN ULONG ThreadInformationLength,

OUT PULONG ReturnLength OPTIONAL

) = NULL;

主函數(shù)中需要做的準(zhǔn)備工作：

setlocale (LC_ALL, ".ACP");

HINSTANCE hNTDLL = ::GetModuleHandle (TEXT ("ntdll"));

(FARPROC&)ZwQueryInformationThread = ::GetProcAddress (hNTDLL, "ZwQueryInformationThread");

Part 2 獲取相關(guān)信息

THREAD_BASIC_INFORMATION tbi;

PVOID startaddr;

LONG status;

HANDLE thread, process;

thread = ::OpenThread (THREAD_ALL_ACCESS, FALSE, dwThreadId);

if (thread == NULL)

{

printf("cannot open thread handle\n");

return FALSE;

}

status = ZwQueryInformationThread(thread,ThreadQuerySetWin32StartAddress, &startaddr, sizeof (startaddr), NULL);

if (status < 0)

{

CloseHandle (thread);

printf("cannot get status1\n");

return FALSE;

};

printf("線(xiàn)程 %08x 的起始地址為 %p\n", dwThreadId, startaddr);

status = ZwQueryInformationThread (thread,

ThreadBasicInformation,

&tbi,

sizeof (tbi),

NULL);

if (status < 0)

{

CloseHandle (thread);

printf("cannot get status2\n");

return FALSE;

};

printf("線(xiàn)程 %08x 所在進(jìn)程ID為 %08x\n", dwThreadId, (DWORD)tbi.ClientId.UniqueProcess);

process = ::OpenProcess (PROCESS_ALL_ACCESS,

FALSE,

(DWORD)tbi.ClientId.UniqueProcess);

if (process == NULL)

{

DWORD error = ::GetLastError ();

CloseHandle (thread);

SetLastError (error);

return FALSE;

};

TCHAR modname [0x100];

::GetModuleFileNameEx (process, NULL, modname, 0x100);

printf("線(xiàn)程 %08x 所在進(jìn)程映象為 %s\n", dwThreadId, modname);

GetMappedFileName(process,

startaddr,

modname,

0x100);

std::string stName(pName);

std::string stModName(modname);

if(stModName.find(stName) != std::string::npos)

{

printf("線(xiàn)程 %08x 可執(zhí)行代碼所在模塊為 %s\n", dwThreadId, modname);

ret = TRUE;

}

CloseHandle (process);

CloseHandle (thread);

另外有需要云服務(wù)器可以了解下創(chuàng)新互聯(lián)scvps.cn，海內(nèi)外云服務(wù)器15元起步，三天無(wú)理由+7*72小時(shí)售后在線(xiàn)，公司持有idc許可證，提供“云服務(wù)器、裸金屬服務(wù)器、高防服務(wù)器、香港服務(wù)器、美國(guó)服務(wù)器、虛擬主機(jī)、免備案服務(wù)器”等云主機(jī)租用服務(wù)以及企業(yè)上云的綜合解決方案，具有“安全穩(wěn)定、簡(jiǎn)單易用、服務(wù)可用性高、性?xún)r(jià)比高”等特點(diǎn)與優(yōu)勢(shì)，專(zhuān)為企業(yè)上云打造定制，能夠滿(mǎn)足用戶(hù)豐富、多元化的應(yīng)用場(chǎng)景需求。

當(dāng)前題目：如何根據(jù)線(xiàn)程號(hào)獲取模塊信息-創(chuàng)新互聯(lián)
網(wǎng)站網(wǎng)址：http://fisionsoft.com.cn/article/poded.html

新聞中心

其他資訊