得到某个进程所有线程ID和入口地址 

 1 #include <windows.h>
 2 #include <tlhelp32.h>
 3 #include "iostream"
 4 using namespace std;
 5 void PASS_TPTHREAD(WCHAR ProcessName[]);
 6 typedef LONG NTSTATUS;
 7 typedef NTSTATUS(WINAPI *NTQUERYINFORMATIONTHREAD)(
 8     HANDLE ThreadHandle,
 9     ULONG ThreadInformationClass,
10     PVOID ThreadInformation,
11     ULONG ThreadInformationLength,
12     PULONG ReturnLength);
13 typedef enum _THREADINFOCLASS
14 {
15     ThreadBasicInformation,
16     ThreadTimes,
17     ThreadPriority,
18     ThreadBasePriority,
19     ThreadAffinityMask,
20     ThreadImpersonationToken,
21     ThreadDescriptorTableEntry,
22     ThreadEnableAlignmentFaultFixup,
23     ThreadEventPair_Reusable,
24     ThreadQuerySetWin32StartAddress,
25     ThreadZeroTlsCell,
26     ThreadPerformanceCount,
27     ThreadAmILastThread,
28     ThreadIdealProcessor,
29     ThreadPriorityBoost,
30     ThreadSetTlsArrayAddress,   // Obsolete
31     ThreadIsIoPending,
32     ThreadHideFromDebugger,
33     ThreadBreakOnTermination,
34     ThreadSwitchLegacyState,
35     ThreadIsTerminated,
36     ThreadLastSystemCall,
37     ThreadIoPriority,
38     ThreadCycleTime,
39     ThreadPagePriority,
40     ThreadActualBasePriority,
41     ThreadTebInformation,
42     ThreadCSwitchMon,          // Obsolete
43     ThreadCSwitchPmu,
44     ThreadWow64Context,
45     ThreadGroupInformation,
46     ThreadUmsInformation,      // UMS
47     ThreadCounterProfiling,
48     ThreadIdealProcessorEx,
49     MaxThreadInfoClass
50 } THREADINFOCLASS;
51 DWORD GetProcess(WCHAR ProcessName[])
52 {
53     DWORD ProcessID = NULL;
54     GetWindowThreadProcessId(FindWindowW(NULL, ProcessName), &ProcessID);
55     return ProcessID;
56 }
57 void PASS_TPTHREAD(WCHAR ProcessName[])
58 {
59     DWORD dwStaAddr = NULL;
60     DWORD dwReturnLength = NULL;
61     HANDLE ThreadHWND = NULL;
62     THREADENTRY32 te32;
63     te32.dwSize = sizeof(te32);
64     HMODULE hNtdll = LoadLibraryW(L"ntdll.dll");
65     NTQUERYINFORMATIONTHREAD NtQueryInformationThread = NULL;
66     NtQueryInformationThread = (NTQUERYINFORMATIONTHREAD)
67         GetProcAddress(hNtdll, "NtQueryInformationThread");
68 
69     HANDLE Snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, NULL);
70     if (Thread32First(Snapshot, &te32))
71     {
72         do
73         {
74             ThreadHWND = OpenThread(THREAD_ALL_ACCESS, FALSE, te32.th32ThreadID);
75             NtQueryInformationThread(ThreadHWND, ThreadQuerySetWin32StartAddress,
76                 &dwStaAddr, sizeof(dwStaAddr), &dwReturnLength);
77             DWORD PID = GetProcess(ProcessName);
78             
79             if (GetProcess(ProcessName) == GetProcessIdOfThread(ThreadHWND))
80             {
81                 cout.setf(ios::showbase | ios::uppercase);
82                 cout<<dec<<"游戏线程ID:" << te32.th32ThreadID;
83                 cout << hex << "   线程入口地址:" << dwStaAddr << endl;
84             }
85             
86         } while (Thread32Next(Snapshot, &te32));
87     }
88 }
89 
90 int main()
91 {
92     PASS_TPTHREAD(L"QQ");
93     cout << "主线程ID=" << GetWindowThreadProcessId(FindWindowW(NULL, L"QQ"), NULL) << endl;
94     getchar();
95 }

 

posted @ 2015-09-21 15:09  四月是你的谎言  阅读(1813)  评论(0编辑  收藏  举报