| View previous topic :: View next topic |
| Author |
Message |
nevereon
Cheater
 Reputation: 0
Joined: 16 Mar 2008
Posts: 49
|
 Posted: Sun Aug 16, 2009 6:56 am Post subject: [c++] Reading and comparing process list |
 |
|
Hey guys, I got a quick question. I would like to know how I could make a program which would read my current process list and then compare the running processes to a stored list. How would I go about doing this? I've never fiddled with processes in programming before and so I would love it if someone could either point me to a tutorial dealing with this, or if it's as simple as it sounds to do quickly explain it to me.
Thanks beforehand.
|
|
| Back to top |
|
 |
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Sun Aug 16, 2009 8:09 am Post subject: |
|
|
| you can obtain the list either with system snapshots ( CreateToolhelp32Snapshot ) or EnumProcesses. then if you want to compare it visually a listview sounds like a good idea. not sure how else you would want to compare them..
|
|
| Back to top |
|
|
nevereon
Cheater
Reputation: 0
Joined: 16 Mar 2008
Posts: 49
|
| Posted: Sun Aug 16, 2009 8:17 am Post subject: |
|
|
| Slugsnack wrote: | | you can obtain the list either with system snapshots ( CreateToolhelp32Snapshot ) or EnumProcesses. then if you want to compare it visually a listview sounds like a good idea. not sure how else you would want to compare them.. |
Well I was thinking to use it as a means of controlling which processes are running. For instance it would compare the active processes to a "blacklist" and if any of the "blacklisted" processes would be running it would perform a certain action, if else return. Catch my drift? :d
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Sun Aug 16, 2009 8:27 am Post subject: |
|
|
yeah then if you are taking snapshots you can read off szExeFile in the PROCESSENTRY32 structure you fill in. then do like strcmp or something
if you're doing enumprocesses you can do GetModuleFileNameEx
to kill processes you can use TerminateProcess
|
|
| Back to top |
|
|
nevereon
Cheater
Reputation: 0
Joined: 16 Mar 2008
Posts: 49
|
| Posted: Sun Aug 16, 2009 8:36 am Post subject: |
|
|
| Slugsnack wrote: | yeah then if you are taking snapshots you can read off szExeFile in the PROCESSENTRY32 structure you fill in. then do like strcmp or something
if you're doing enumprocesses you can do GetModuleFileNameEx
to kill processes you can use TerminateProcess |
Thanks  Would you might showing me an example of how you could use them? What would the difference be and which would be more suited do you think?
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Sun Aug 16, 2009 8:57 am Post subject: |
|
|
| yeah, going out right now i'll code an example when i get back which watches for notepad.exe and closes it
|
|
| Back to top |
|
|
nevereon
Cheater
Reputation: 0
Joined: 16 Mar 2008
Posts: 49
|
| Posted: Sun Aug 16, 2009 10:01 am Post subject: |
|
|
| Slugsnack wrote: | | yeah, going out right now i'll code an example when i get back which watches for notepad.exe and closes it |
Even more then I hoped for tbh :] Thanks a lot man <3
|
|
| Back to top |
|
|
HomerSexual
Grandmaster Cheater Supreme
 Reputation: 5
Joined: 03 Feb 2007
Posts: 1657
|
| Posted: Sun Aug 16, 2009 12:22 pm Post subject: |
|
|
bruteforce? it would give you hidden processes too (on phone short post)
_________________
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Sun Aug 16, 2009 2:19 pm Post subject: |
|
|
something like this mebbe..
| Code: | #include <windows.h>
#include <Tchar.h>
#include <Tlhelp32.h>
int main()
{
PROCESSENTRY32 pe32;
HANDLE hProcess;
HANDLE hSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, NULL );
pe32.dwSize = sizeof pe32;
Process32First( hSnapshot, &pe32 );
do
{
if ( !wcscmp( (const wchar_t *)&pe32.szExeFile, _T("notepad.exe") ) )
{
hProcess = OpenProcess( PROCESS_TERMINATE, FALSE, pe32.th32ProcessID );
TerminateProcess( hProcess, 0 );
CloseHandle( hProcess );
}
}
while( Process32Next( hSnapshot, &pe32 ) );
return 0;
} |
want enumprocesses example as well ?
|
|
| Back to top |
|
|
hcavolsdsadgadsg
I'm a spammer
![]() Reputation: 26
Joined: 11 Jun 2007
Posts: 5801
|
| Posted: Sun Aug 16, 2009 5:40 pm Post subject: |
|
|
| Just a nitpick - arrays don't require the & to have their addresses passed.
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Mon Aug 17, 2009 2:45 am Post subject: |
|
|
| thanks
|
|
| Back to top |
|
|
nevereon
Cheater
Reputation: 0
Joined: 16 Mar 2008
Posts: 49
|
| Posted: Mon Aug 17, 2009 3:14 am Post subject: |
|
|
| Slugsnack wrote: | something like this mebbe..
| Code: | #include <windows.h>
#include <Tchar.h>
#include <Tlhelp32.h>
int main()
{
PROCESSENTRY32 pe32;
HANDLE hProcess;
HANDLE hSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, NULL );
pe32.dwSize = sizeof pe32;
Process32First( hSnapshot, &pe32 );
do
{
if ( !wcscmp( (const wchar_t *)&pe32.szExeFile, _T("notepad.exe") ) )
{
hProcess = OpenProcess( PROCESS_TERMINATE, FALSE, pe32.th32ProcessID );
TerminateProcess( hProcess, 0 );
CloseHandle( hProcess );
}
}
while( Process32Next( hSnapshot, &pe32 ) );
return 0;
} |
want enumprocesses example as well ? |
Wow thanks man!  It's fine this will very much do The syntax feels foreign to me x'D But that's probably not strange considering I'm more of a Java person Kudos.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
