冻结进程
#include <stdio.h>
#include <windows.h>
#include <tlhelp32.h>
int main(int argc,char *argv[])
{
PROCESSENTRY32 pe32;
pe32.dwSize=sizeof(pe32);
unsigned long Pid;
HANDLE hProcessSnap=::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
if(hProcessSnap==INVALID_HANDLE_VALUE)
{
printf("CreateToolhelp32Snapshot调用失败!");
return -1;
}
BOOL b=::Process32First(hProcessSnap,&pe32);
while(b)
{
if(!strcmp(pe32.szExeFile,argv[1]))
{
printf("Find %s ok!/n",pe32.szExeFile);
Pid=pe32.th32ProcessID;
break;
}
b=::Process32Next(hProcessSnap,&pe32);
}
::CloseHandle(hProcessSnap);
THREADENTRY32 th32;
th32.dwSize=sizeof(th32);
HANDLE hThreadSnap=::CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD,0);
if(hThreadSnap==INVALID_HANDLE_VALUE)
{
printf("CreateToolhelp32Snapshot调用失败!");
return -1;
}
b=::Thread32First(hThreadSnap,&th32);
while(b)
{
if(th32.th32OwnerProcessID==Pid)
{
HANDLE oth=OpenThread(THREAD_ALL_ACCESS,FALSE,th32.th32ThreadID);
if(!(::SuspendThread(oth)))
{
printf("Onlock Thread id:%d/n",th32.th32ThreadID);
printf("Onlock ThreadOwnerProcessID:%d/n",th32.th32OwnerProcessID);
printf("Onlock ExeFileName %s/n",pe32.szExeFile);
}
CloseHandle(oth);
break;
}
::Thread32Next(hThreadSnap,&th32);
}
::CloseHandle(hThreadSnap);
return 0;
}
解冻进程
#include <stdio.h>
#include <windows.h>
#include <tlhelp32.h>
int main(int argc,char *argv[])
{
PROCESSENTRY32 pe32;
pe32.dwSize=sizeof(pe32);
unsigned long Pid;
HANDLE hProcessSnap=::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
if(hProcessSnap==INVALID_HANDLE_VALUE)
{
printf("CreateToolhelp32Snapshot调用失败!");
return -1;
}
BOOL b=::Process32First(hProcessSnap,&pe32);
while(b)
{
if(!strcmp(pe32.szExeFile,argv[1]))
{
printf("Find %s ok!/n",pe32.szExeFile);
Pid=pe32.th32ProcessID;
break;
}
b=::Process32Next(hProcessSnap,&pe32);
}
::CloseHandle(hProcessSnap);
THREADENTRY32 th32;
th32.dwSize=sizeof(th32);
HANDLE hThreadSnap=::CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD,0);
if(hThreadSnap==INVALID_HANDLE_VALUE)
{
printf("CreateToolhelp32Snapshot调用失败!");
return -1;
}
b=::Thread32First(hThreadSnap,&th32);
while(b)
{
if(th32.th32OwnerProcessID==Pid)
{
HANDLE oth=OpenThread(THREAD_ALL_ACCESS,FALSE,th32.th32ThreadID);
if(::ResumeThread(oth))
{
printf("Unlock Thread id:%d/n",th32.th32ThreadID);
printf("Unlock ThreadOwnerProcessID:%d/n",th32.th32OwnerProcessID);
printf("Unlock ExeFileName %s/n",pe32.szExeFile);
}
CloseHandle(oth);
break;
}
::Thread32Next(hThreadSnap,&th32);
}
::CloseHandle(hThreadSnap);
return 0;
}
| 欢迎光临 滴水逆向联盟 (http://dtdebug.com/) | Powered by Discuz! X3.2 |