C/Cpp/System Windows下C++获取进程ID、进程基址、窗口句柄

文章目录 [隐藏]

获取进程id

#include <iostream>
#include <Windows.h>
#include <string>
#include <Tlhelp32.h>
#include <Psapi.h>

/// param key 目标程序的文件名
/// returns 进程的基址
DWORD getProcessID(LPCWSTR key) {
	HANDLE hSnapshot_1 = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); // 在快照中收录系统中的全部进程
	if (INVALID_HANDLE_VALUE == hSnapshot_1) {
		return -1;
	}

	PROCESSENTRY32 pi;
	pi.dwSize = sizeof(PROCESSENTRY32);
	BOOL bRet = Process32First(hSnapshot_1, &pi);

	while (bRet) {
		DWORD pid = pi.th32ProcessID;
		std::wstring childPath = pi.szExeFile;

		if (childPath.find(key) != childPath.npos) {
			printf("找到目标进程ID=%d=0x%x，路径=%ls \n", pid, pid, childPath.c_str());
			CloseHandle(hSnapshot_1);
			return pid;
		}

		bRet = Process32Next(hSnapshot_1, &pi);
	}

	CloseHandle(hSnapshot_1);
	return -1;
}

#include <iostream>

#include <Windows.h>

#include <string>

#include <Tlhelp32.h>

#include <Psapi.h>

/// param key 目标程序的文件名

/// returns 进程的基址

DWORD getProcessID(LPCWSTR key) {

HANDLE hSnapshot_1 = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); // 在快照中收录系统中的全部进程

if (INVALID_HANDLE_VALUE == hSnapshot_1) {

return -1;

}

PROCESSENTRY32 pi;

pi.dwSize = sizeof(PROCESSENTRY32);

BOOL bRet = Process32First(hSnapshot_1, &pi);

while (bRet) {

DWORD pid = pi.th32ProcessID;

std::wstring childPath = pi.szExeFile;

if (childPath.find(key) != childPath.npos) {

printf("找到目标进程ID=%d=0x%x，路径=%ls \n", pid, pid, childPath.c_str());

CloseHandle(hSnapshot_1);

return pid;

}

bRet = Process32Next(hSnapshot_1, &pi);

}

CloseHandle(hSnapshot_1);

return -1;

}

获取进程基地址

std::string decToHex(int deci) {
	std::string hex;
	char bit;
	do {
		if (deci % 16 < 10)
			bit = deci % 16 + '0';
		else
			bit = deci % 16 + 'A' - 10;
		hex.insert(hex.begin(), bit);
		deci /= 16;
	} while (deci);

	return hex;
}

DWORD getBaseAddress(DWORD pid) {
	HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid); // 在快照中收录指定进程的全部模块
	if (hSnapshot == INVALID_HANDLE_VALUE) {
		return -1;
	}

	MODULEENTRY32 me;
	me.dwSize = sizeof(MODULEENTRY32);
	Module32First(hSnapshot, &me);

	DWORD baseAddr = (DWORD)me.modBaseAddr;
	printf("目标进程基 址：%x \n", baseAddr);
	std::cout << "目标进程基~址：" << std::hex << baseAddr << std::endl;
	std::cout << "目标进程基-址：" << decToHex(baseAddr) << std::endl;

	CloseHandle(hSnapshot);
	return baseAddr;
}

std::string decToHex(int deci) {

std::string hex;

char bit;

do {

if (deci % 16 < 10)

bit = deci % 16 + '0';

else

bit = deci % 16 + 'A' - 10;

hex.insert(hex.begin(), bit);

deci /= 16;

} while (deci);

return hex;

}

DWORD getBaseAddress(DWORD pid) {

HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid); // 在快照中收录指定进程的全部模块

if (hSnapshot == INVALID_HANDLE_VALUE) {

return -1;

}

MODULEENTRY32 me;

me.dwSize = sizeof(MODULEENTRY32);

Module32First(hSnapshot, &me);

DWORD baseAddr = (DWORD)me.modBaseAddr;

printf("目标进程基址：%x \n", baseAddr);

std::cout << "目标进程基~址：" << std::hex << baseAddr << std::endl;

std::cout << "目标进程基-址：" << decToHex(baseAddr) << std::endl;

CloseHandle(hSnapshot);

return baseAddr;

}

通过进程ID获取其顶层窗口句柄

警告：有时候下面代码得到的句柄，和 FindWindow 得到的句柄不同。
FindWindow得到的总是指定了窗口类或窗体名的目标窗体的句柄；
下面代码得到的则是进制中执行其的窗体——可能是子窗体(如弹出的Dialog)——的句柄，同 CWnd::GetSafeHwnd() 。

typedef struct {
	HWND hwndWindow;   // 窗口句柄
	DWORD dwProcessID; // 进程ID
}EnumWindowsArg;

// 枚举窗口回调函数
BOOL CALLBACK EnumWindowsProc(HWND hwnd, LPARAM lParam) {
	EnumWindowsArg* pArg = (EnumWindowsArg*)lParam;
	DWORD dwProcessID = 0;
	GetWindowThreadProcessId(hwnd, &dwProcessID); // 通过窗口句柄取得进程ID
	if (dwProcessID == pArg->dwProcessID) {
		pArg->hwndWindow = hwnd; 
		return FALSE;	// 返回FALSE：找到了
	} 
	return TRUE;// 返回TRUE：没找到，继续找，
}

// 通过进程ID获取窗口句柄-1
HWND getWindowHwndByPID(DWORD dwProcessID) {
	HWND hwndRet = NULL;
	EnumWindowsArg ewa;
	ewa.dwProcessID = dwProcessID;
	ewa.hwndWindow = NULL;
	EnumWindows(EnumWindowsProc, (LPARAM)&ewa);
	if (ewa.hwndWindow) {
		hwndRet = ewa.hwndWindow;
	}
	return hwndRet;
}

// 通过进程ID获取窗口句柄-2
HWND getWindowHandlerByPID(DWORD pid) {
	std::pair<HWND, DWORD> params = { 0, pid };

	// Enumerate the windows using a lambda to process each window
	BOOL bResult = EnumWindows([](HWND hwnd, LPARAM lParam) -> BOOL {
		auto pParams = (std::pair<HWND, DWORD>*)(lParam);

		DWORD processId;
		if (GetWindowThreadProcessId(hwnd, &processId) && processId == pParams->second) {
			// Stop enumerating
			SetLastError(-1);
			pParams->first = hwnd;
			return FALSE;
		}

		// Continue enumerating
		return TRUE;
		}, (LPARAM)&params);

	if (!bResult && GetLastError() == -1 && params.first) {
		return params.first;
	}

	return 0;
}

typedef struct {

HWND hwndWindow; // 窗口句柄

DWORD dwProcessID; // 进程ID

}EnumWindowsArg;

// 枚举窗口回调函数

BOOL CALLBACK EnumWindowsProc(HWND hwnd, LPARAM lParam) {

EnumWindowsArg* pArg = (EnumWindowsArg*)lParam;

DWORD dwProcessID = 0;

GetWindowThreadProcessId(hwnd, &dwProcessID); // 通过窗口句柄取得进程ID

if (dwProcessID == pArg->dwProcessID) {

pArg->hwndWindow = hwnd;

return FALSE; // 返回FALSE：找到了

}

return TRUE;// 返回TRUE：没找到，继续找，

}

// 通过进程ID获取窗口句柄-1

HWND getWindowHwndByPID(DWORD dwProcessID) {

HWND hwndRet = NULL;

EnumWindowsArg ewa;

ewa.dwProcessID = dwProcessID;

ewa.hwndWindow = NULL;

EnumWindows(EnumWindowsProc, (LPARAM)&ewa);

if (ewa.hwndWindow) {

hwndRet = ewa.hwndWindow;

}

return hwndRet;

}

// 通过进程ID获取窗口句柄-2

HWND getWindowHandlerByPID(DWORD pid) {

std::pair<HWND, DWORD> params = { 0, pid };

// Enumerate the windows using a lambda to process each window

BOOL bResult = EnumWindows([](HWND hwnd, LPARAM lParam) -> BOOL {

auto pParams = (std::pair<HWND, DWORD>*)(lParam);

DWORD processId;

if (GetWindowThreadProcessId(hwnd, &processId) && processId == pParams->second) {

// Stop enumerating

SetLastError(-1);

pParams->first = hwnd;

return FALSE;

}

// Continue enumerating

return TRUE;

}, (LPARAM)&params);

if (!bResult && GetLastError() == -1 && params.first) {

return params.first;

}

return 0;

}

测试

int main() {
	DWORD pid = getProcessID(L"Wow客户端.exe"); // 获取进程ID(资源管理器，进程名称)
	DWORD baseAddr = getBaseAddress(pid);      // 获取进程基址(进程id)
	HWND handler = getWindowHwndByPID(pid);    // 获取当前顶层窗口句柄(进程id)
	std::cout << "目标进程顶层窗口句柄（适用非标签卡式窗口）：" << handler << std::endl;
}

int main() {

DWORD pid = getProcessID(L"Wow客户端.exe"); // 获取进程ID(资源管理器，进程名称)

DWORD baseAddr = getBaseAddress(pid); // 获取进程基址(进程id)

HWND handler = getWindowHwndByPID(pid); // 获取当前顶层窗口句柄(进程id)

std::cout << "目标进程顶层窗口句柄（适用非标签卡式窗口）：" << handler << std::endl;

}

- end

声明

本文由 cuiweiyou 原创，转载请注明出处：http://www.gaohaiyan.com/4452.html

承接App定制、企业web站点、办公系统软件设计开发，外包项目，毕设

上下左右都能滑动的AllSidesScrollListView
Android+TLSR8266简单制作蓝牙mesh家庭物联网
Android弹出式对话框AlertDialog中的EditText自动打开软键盘
XML、DTD/Schema约束、解析