//獲得父進程ID,失敗則返回0
DWORD GetPPid()
{
HANDLE hProcessSnap = NULL;
PROCESSENTRY32 pe32 = {0};
DWORD dwPID = GetCurrentProcessId();
hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if(hProcessSnap==(HANDLE)-1)
return (FALSE);
pe32.dwSize = sizeof(PROCESSENTRY32);
if (Process32First(hProcessSnap, &pe32))
{
while(pe32.th32ProcessID!=dwPID)
Process32Next(hProcessSnap, &pe32);
}
CloseHandle(hProcessSnap);
return(pe32.th32ParentProcessID);
}
//判斷程序是否以服務運行
BOOL isRuninServices()
{
DWORD dwPPID = GetPPid();
HANDLE hProcessSnap = NULL;
PROCESSENTRY32 pe32 = {0};
hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hProcessSnap == (HANDLE)-1)
return (FALSE);
pe32.dwSize = sizeof(PROCESSENTRY32);
if (Process32First(hProcessSnap, &pe32))
{
while(pe32.th32ProcessID!=dwPPID)
Process32Next(hProcessSnap, &pe32);
}
CloseHandle(hProcessSnap);
if(_tcsncicmp(pe32.szExeFile,_T("services.exe"),20)==0)
return TRUE;
else return FALSE;
}
//提升爲調試權限
BOOL EnableDebugPrivilege(BOOL bEnable)
{
BOOL bOk = FALSE;
HANDLE hToken;
if(::OpenProcessToken(::GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken))
{
LUID uID;
::LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &uID);
TOKEN_PRIVILEGES tp;
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid = uID;
tp.Privileges[0].Attributes = bEnable ? SE_PRIVILEGE_ENABLED : 0;
::AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(tp), NULL, NULL);
bOk = (::GetLastError() == ERROR_SUCCESS);
::CloseHandle(hToken);
}
return bOk;
}
//用於在release下輸出調試信息
void KDbgPrint(LPCTSTR lpszFormat, ...)
{
#define _countof(array) (sizeof(array)/sizeof(array[0]))
#ifdef KOUT_DEBUG_STRING
va_list args;
va_start(args, lpszFormat);
int nBuf;
TCHAR szBuffer[512];
nBuf = _vsntprintf(szBuffer, _countof(szBuffer), lpszFormat, args);
OutputDebugString(szBuffer);
va_end(args);
#endif
}
//從地址去獲得模塊基址
HMODULE WINAPI ModuleFromAddress(PVOID pv)
{
MEMORY_BASIC_INFORMATION mbi;
if(::VirtualQuery(pv, &mbi, sizeof(mbi)) != 0)
{
return (HMODULE)mbi.AllocationBase;
}
else
{
return NULL;
}
}
//獲得DLL自身
BOOL GetDllPath(TCHAR * path)
{
HMODULE hDll = ModuleFromAddress(GetDllPath);
if(hDll==NULL)
return FALSE;
else
{
GetModuleFileName(hDll, path, _MAX_PATH);
return TRUE;
}
}
//格式化string
void format_string(string & str,LPCTSTR lpszFormat, ...)
{
#define _countof(array) (sizeof(array)/sizeof(array[0]))
va_list args;
va_start(args, lpszFormat);
int nBuf;
TCHAR szBuffer[1024];
nBuf = _vsntprintf(szBuffer, _countof(szBuffer), lpszFormat, args);
str = szBuffer;
va_end(args);
}
//提升所需的權限
BOOL EnablePrivilege(LPCTSTR lpName,BOOL bEnable)
{
BOOL bOk = FALSE;
HANDLE hToken;
if(::OpenProcessToken(::GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken))
{
LUID uID;
::LookupPrivilegeValue(NULL, lpName, &uID);
TOKEN_PRIVILEGES tp;
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid = uID;
tp.Privileges[0].Attributes = bEnable ? SE_PRIVILEGE_ENABLED : 0;
::AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(tp), NULL, NULL);
bOk = (::GetLastError() == ERROR_SUCCESS);
::CloseHandle(hToken);
}
return bOk;
}
//跳轉到註冊表
void Jump2Reg(string strRegPath,string strKey)
{
//ShellExecute(NULL,NULL,"regjump.exe",strRegPath.c_str(),NULL,SW_SHOW);
ShellExecute(NULL,NULL,"regedit.exe",NULL,NULL,SW_SHOW);
//然後查找註冊表窗口
HWND hMain = NULL;
HWND hTree = NULL;
HWND hList = NULL;
BOOL bFind = FALSE;
for(int i=0;i<10;i++)
{
hMain = FindWindow("RegEdit_RegEdit","註冊表編輯器");
if(hMain!=NULL)
{//查找成功
bFind = TRUE;
break;
}
Sleep(200);
}
if(bFind)
{
hTree = FindWindowEx(hMain,NULL,"SysTreeView32",NULL);
hList = FindWindowEx(hMain,NULL,"SysListView32",NULL);
//選擇樹
SetForegroundWindow(hTree);
SetFocus(hTree);
DWORD dwPID;
GetWindowThreadProcessId(hMain,&dwPID);
HANDLE hProc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPID);
//先把樹給摺疊起,最多30層
for(int i=0;i<30;i++)
{
SendMessage(hTree, WM_KEYDOWN, VK_LEFT, 0);
}
SendMessage(hTree, WM_KEYDOWN, VK_RIGHT, 0);
WaitForInputIdle(hProc, INFINITE);
for(i=0;i<strRegPath.length();i++)
{
if(strRegPath.at(i)=='//')
SendMessage(hTree, WM_KEYDOWN, VK_RIGHT, 0);
else
SendMessage(hTree,WM_CHAR,WPARAM(strRegPath.at(i)),0);
}
WaitForInputIdle(hProc, INFINITE);
//然後到列表了..
SetForegroundWindow(hList);
SetFocus(hList);
Sleep(1000);
SendMessage(hList, WM_KEYDOWN, VK_HOME, 0);
for(i=0;i<strKey.length();i++)
{
SendMessage(hList,WM_CHAR,WPARAM(strKey.at(i)),0);
}
CloseHandle(hProc);
}
return;
}
//////////////////////////////////////////////////////////////////////////
//顯示文件屬性
void ShowProperties(string strPath)
{
SHELLEXECUTEINFO si;
ZeroMemory(&si,sizeof(SHELLEXECUTEINFO));
si.cbSize = sizeof(SHELLEXECUTEINFO);
si.fMask = SEE_MASK_NOCLOSEPROCESS | SEE_MASK_INVOKEIDLIST | SEE_MASK_FLAG_NO_UI ;
si.lpVerb = "properties";
si.lpFile = strPath.c_str();
si.nShow = SW_SHOW;
ShellExecuteEx(&si);
}
//定位文件
void Jump2File(string strPath)
{
string cmd = "/e,/select,"+strPath;
ShellExecute(NULL,NULL,"explorer",cmd.c_str(),NULL,SW_SHOW);
}
一些常用函數
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.