本文整理汇总了C++中Module32Next函数的典型用法代码示例。如果您正苦于以下问题:C++ Module32Next函数的具体用法?C++ Module32Next怎么用?C++ Module32Next使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了Module32Next函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: hookAllModules
static void
hookAllModules(void)
{
HANDLE hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, GetCurrentProcessId());
if (hModuleSnap == INVALID_HANDLE_VALUE) {
return;
}
MODULEENTRY32 me32;
me32.dwSize = sizeof me32;
if (VERBOSITY > 0) {
static bool first = true;
if (first) {
if (Module32First(hModuleSnap, &me32)) {
debugPrintf(" modules:\n");
do {
debugPrintf(" %s\n", me32.szExePath);
} while (Module32Next(hModuleSnap, &me32));
}
first = false;
}
}
if (Module32First(hModuleSnap, &me32)) {
do {
hookModule(me32.hModule, me32.szExePath);
} while (Module32Next(hModuleSnap, &me32));
}
CloseHandle(hModuleSnap);
}
开发者ID:hadrien-psydk,项目名称:apitrace,代码行数:32,代码来源:injectee.cpp
示例2: VBoxServicePageSharingInspectModules
/**
* Inspect all loaded modules for the specified process
* @param dwProcessId Process id
*/
void VBoxServicePageSharingInspectModules(DWORD dwProcessId)
{
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessId);
if (hSnapshot == INVALID_HANDLE_VALUE)
{
printf("VBoxServicePageSharingInspectModules: CreateToolhelp32Snapshot failed with %d\n", GetLastError());
return;
}
printf("VBoxServicePageSharingInspectModules\n");
MODULEENTRY32 ModuleInfo;
BOOL bRet;
ModuleInfo.dwSize = sizeof(ModuleInfo);
bRet = Module32First(hSnapshot, &ModuleInfo);
do
{
/** todo when changing this make sure VBoxService.exe is excluded! */
char *pszDot = strrchr(ModuleInfo.szModule, '.');
if ( pszDot
&& (pszDot[1] == 'e' || pszDot[1] == 'E'))
continue; /* ignore executables for now. */
VBoxServicePageSharingCheckModule(&ModuleInfo);
}
while (Module32Next(hSnapshot, &ModuleInfo));
CloseHandle(hSnapshot);
}
开发者ID:virendramishra,项目名称:VirtualBox4.1.18,代码行数:34,代码来源:tstPageFusion.cpp
示例3: CreateToolhelp32Snapshot
QString CCrashStack::GetModuleByRetAddr(PBYTE Ret_Addr, PBYTE & Module_Addr)
{
MODULEENTRY32 M = {sizeof(M)};
HANDLE hSnapshot;
wchar_t Module_Name[MAX_PATH] = {0};
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, 0);
if ((hSnapshot != INVALID_HANDLE_VALUE) &&
Module32First(hSnapshot, &M))
{
do
{
if (DWORD(Ret_Addr - M.modBaseAddr) < M.modBaseSize)
{
lstrcpyn(Module_Name, M.szExePath, MAX_PATH);
Module_Addr = M.modBaseAddr;
break;
}
} while (Module32Next(hSnapshot, &M));
}
CloseHandle(hSnapshot);
QString sRet = QString::fromWCharArray(Module_Name);
return sRet;
}
开发者ID:czHero,项目名称:czDHT,代码行数:28,代码来源:ccrashstack.cpp
示例4: find_in_any_module_using_toolhelp
static gpointer
find_in_any_module_using_toolhelp (const gchar *symbol_name)
{
HANDLE snapshot;
MODULEENTRY32 me32;
gpointer p;
if ((snapshot = CreateToolhelp32Snapshot (TH32CS_SNAPMODULE, 0)) == (HANDLE) -1)
return NULL;
me32.dwSize = sizeof (me32);
p = NULL;
if (Module32First (snapshot, &me32))
{
do {
if ((p = GetProcAddress (me32.hModule, symbol_name)) != NULL)
break;
} while (Module32Next (snapshot, &me32));
}
CloseHandle (snapshot);
return p;
}
开发者ID:cosimoc,项目名称:glib,代码行数:25,代码来源:gmodule-win32.c
示例5: GetModuleBase
uint32_t GetModuleBase(DWORD procId, char* modName)
{
HANDLE snapshot;
MODULEENTRY32 modInfo;
snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, procId);
modInfo.dwSize = sizeof(MODULEENTRY32);
if (Module32First(snapshot, &modInfo))
{
// printf("mod %s\n", modInfo.szModule);
if (!strcmp(modInfo.szModule, modName))
{
CloseHandle(snapshot);
return (uint32_t)modInfo.modBaseAddr;
}
while (Module32Next(snapshot, &modInfo))
{
// printf("mod %s\n", modInfo.szModule);
if (!strcmp(modInfo.szModule, modName))
{
CloseHandle(snapshot);
return (uint32_t)modInfo.modBaseAddr;
}
}
}
CloseHandle(snapshot);
return 0;
}
开发者ID:BBLN,项目名称:sc2reader,代码行数:29,代码来源:sc2dump.cpp
示例6: DetectExeType
// detect which exe it is (installer, sumatra static or sumatra with dlls)
static ExeType DetectExeType()
{
ExeType exeType = ExeSumatraStatic;
HANDLE snap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, GetCurrentProcessId());
if (snap == INVALID_HANDLE_VALUE) {
plog("DetectExeType(): failed to detect type");
return exeType;
}
MODULEENTRY32 mod;
mod.dwSize = sizeof(mod);
BOOL cont = Module32First(snap, &mod);
while (cont) {
WCHAR *name = mod.szModule;
if (str::EqI(name, L"libmupdf.dll")) {
exeType = ExeSumatraLib;
break;
}
if (str::StartsWithI(name, L"SumatraPDF-") && str::EndsWithI(name, L"install.exe")) {
exeType = ExeInstaller;
break;
}
cont = Module32Next(snap, &mod);
}
CloseHandle(snap);
return exeType;
}
开发者ID:DavidWiberg,项目名称:sumatrapdf,代码行数:27,代码来源:CrashHandler.cpp
示例7: GetPsModuleNameByAddress
BOOL
GetPsModuleNameByAddress(
ULONG ProcessId,
ULONG pfnAddress,
LPTSTR pszModuleName,
ULONG cbszModuleName
)
{
MODULEENTRY32 ModuleEntry;
HANDLE hSnapShot;
BOOL bFlag = FALSE;
hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, ProcessId);
ModuleEntry.dwSize = sizeof(MODULEENTRY32);
bFlag = Module32First(hSnapShot, &ModuleEntry);
while (bFlag)
{
if ((pfnAddress >= (ULONG)ModuleEntry.modBaseAddr) &&
(pfnAddress <= (ULONG)ModuleEntry.modBaseAddr + ModuleEntry.modBaseSize))
{
wcscpy_s(pszModuleName, cbszModuleName, ModuleEntry.szModule);
CloseHandle(hSnapShot);
return TRUE;
}
bFlag = Module32Next(hSnapShot, &ModuleEntry);
}
CloseHandle(hSnapShot);
return FALSE;
}
开发者ID:agostinopanico,项目名称:scdetective,代码行数:29,代码来源:Module.cpp
示例8: ScanMod
//---------------------------------------------------------------------------
void ScanMod(DWORD pid, DWORD* list)
{
MainForm->lb_mod->Items->Clear();
MainForm->clb_sec->Items->Clear();
memset(mod_list, 0, sizeof(mod_list));
BOOL working = 0;
MODULEENTRY32 me32 = {0};
me32.dwSize = sizeof(MODULEENTRY32);
unsigned int i = 0;
HANDLE hSnapshot;
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid);
if (hSnapshot)
{
working = Module32First(hSnapshot, &me32);
while (working)
{
MainForm->lb_mod->Items->Add(UnicodeString(me32.szModule));
list[i] = (DWORD)me32.modBaseAddr;
working = Module32Next(hSnapshot,&me32);
i++;
}
CloseHandle(hSnapshot);
}
return;
}
开发者ID:SpyderLink,项目名称:Hackaround,代码行数:29,代码来源:main.cpp
示例9: CreateToolhelp32Snapshot
bool QtProcessFinder::processUsesQt(int pid) {
HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
MODULEENTRY32 me32;
// Take a snapshot of all modules in the specified process.
hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid);
if (hModuleSnap == INVALID_HANDLE_VALUE) {
qWarning("CreateToolhelp32Snapshot (of modules)");
return false;
}
// Set the size of the structure before using it.
me32.dwSize = sizeof(MODULEENTRY32);
// Retrieve information about the first module,
// and exit if unsuccessful
if (!Module32First(hModuleSnap, &me32)) {
qWarning("Module32First"); // show cause of failure
CloseHandle(hModuleSnap); // clean the snapshot object
return false;
}
// Now walk the module list of the process,
// and display information about each module
do {
if (wcsncmp(me32.szModule, L"Qt5", 3) == 0) {
return true;
}
} while (Module32Next(hModuleSnap, &me32));
CloseHandle(hModuleSnap);
return false;
}
开发者ID:othrayte,项目名称:qtinterfaceinspector,代码行数:33,代码来源:qtprocessfinder.cpp
示例10: sizeof
BOOL CInjectDLL::Uninject(const DWORD dwRemoteProcessID, const LPCTSTR& lpwszRemoteDllFullPath)
{
std::wstring wstrRemoteDllFullPath = lpwszRemoteDllFullPath;
HANDLE hSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwRemoteProcessID);
MODULEENTRY32 Me32 = {0};
Me32.dwSize = sizeof(MODULEENTRY32);
BOOL bRet = ::Module32First(hSnap, &Me32);
while (bRet)
{
if (wcscmp(Me32.szExePath, wstrRemoteDllFullPath.c_str()) == 0)
{
break;
}
bRet = Module32Next(hSnap, &Me32);
}
CloseHandle(hSnap);
HANDLE hRemoteProgress = ::OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwRemoteProcessID);
if (hRemoteProgress == NULL)
{
//wprintf_s(_T("OpenProcess fail\n"));
return FALSE;
}
FARPROC pfnFunAddr = ::GetProcAddress(::GetModuleHandle(_T("Kernel32")),"FreeLibrary");
::CreateRemoteThread(hRemoteProgress, NULL, 0, (LPTHREAD_START_ROUTINE) pfnFunAddr, Me32.hModule, 0, NULL);
::CloseHandle(hRemoteProgress);
return TRUE;
}
开发者ID:yufanpi,项目名称:DllInject,代码行数:32,代码来源:InjectDLL.cpp
示例11: EnumAndLoadModuleSymbols
// Enumerate the modules we have running and load their symbols.
// Return true if successful.
bool EnumAndLoadModuleSymbols(HANDLE hProcess, DWORD pid )
{
HANDLE hSnapShot;
MODULEENTRY32 me = { sizeof me };
bool keepGoing;
hSnapShot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, pid );
if ( hSnapShot == (HANDLE) -1 )
return false;
keepGoing = Module32First( hSnapShot, &me );
while ( keepGoing )
{
// here, we have a filled-in MODULEENTRY32. Use it to load symbols.
// Don't check errors, if we can't load symbols for some modules we just
// won't be able to do symbolic reports on them.
StrAnsi staExePath(me.szExePath);
StrAnsi staModule(me.szModule);
// SymLoadModule( hProcess, 0, me.szExePath, me.szModule, (DWORD) me.modBaseAddr,
// me.modBaseSize);
::SymLoadModule( hProcess, 0, const_cast<char *>(staExePath.Chars()),
const_cast<char *>(staModule.Chars()), (DWORD)me.modBaseAddr, me.modBaseSize);
keepGoing = Module32Next( hSnapShot, &me );
}
CloseHandle( hSnapShot );
return true;
}
开发者ID:agran147,项目名称:FieldWorks,代码行数:29,代码来源:StackDumperWin32.cpp
示例12: GetModuleInfo
LPMODULEENTRY32 GetModuleInfo(DWORD dwPid)
{
static MODULEENTRY32 s_sModule;
HANDLE hSnapshot;
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,dwPid);
if( hSnapshot == INVALID_HANDLE_VALUE )
{
printf("CreateToolhelp32Snapshot failed: %i\n",GetLastError());
return NULL;
}
s_sModule.dwSize = sizeof(MODULEENTRY32);
if( Module32First(hSnapshot,&s_sModule) == FALSE )
{
CloseHandle(hSnapshot);
printf("Module32First failed: %i\n",GetLastError());
return NULL;
}
do
{
if( strcmp("League of Legends.exe",s_sModule.szModule) == 0 )
{
CloseHandle(hSnapshot);
return &s_sModule;
}
}while(Module32Next(hSnapshot,&s_sModule));
printf("Couldn't find League of Legends module!\n");
CloseHandle(hSnapshot);
return NULL;
}
开发者ID:dukie,项目名称:LOL-ZoomHack,代码行数:33,代码来源:main.cpp
示例13: CreateToolhelp32Snapshot
// すべてのモジュールに対してAPIフックを行う関数
void CAPIHook::ReplaceIATEntryInAllMods(
PCSTR pszModuleName,
PROC pfnCurrent,
PROC pfnNew)
{
// 自分自身(API_Hook_Lib.dll)のモジュールハンドルを取得
MEMORY_BASIC_INFORMATION mbi;
if(VirtualQuery(ReplaceIATEntryInAllMods, &mbi, sizeof(mbi)) == 0)
return;
HMODULE hModThisMod = (HMODULE) mbi.AllocationBase;
// モジュールリストを取得
HANDLE hModuleSnap = CreateToolhelp32Snapshot(
TH32CS_SNAPMODULE, GetCurrentProcessId());
if(hModuleSnap == INVALID_HANDLE_VALUE)
return;
MODULEENTRY32 me;
me.dwSize = sizeof(me);
BOOL bModuleResult = Module32First(hModuleSnap, &me);
// それぞれのモジュールに対してReplaceIATEntryInOneModを実行
// ただし自分自身(API_Hook_Lib.dll)には行わない
while(bModuleResult) {
if(me.hModule != hModThisMod)
ReplaceIATEntryInOneMod(pszModuleName, pfnCurrent, pfnNew, me.hModule);
bModuleResult = Module32Next(hModuleSnap, &me);
}
CloseHandle(hModuleSnap);
}
开发者ID:togashi,项目名称:HoPrRe,代码行数:30,代码来源:HoPrRe.cpp
示例14: CreateToolhelp32Snapshot
vector<MODULEENTRY32> CProcessTool::GetProcessModules(DWORD dwPID)
{
HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
MODULEENTRY32 me32;
VCTMOD vctMod;
hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,dwPID);
memset(&me32,0,sizeof(me32));
if( hModuleSnap == INVALID_HANDLE_VALUE)
{
LOG::printError(TEXT("CreateToolhelp32Snapshot (od modules)"));
return vctMod;
}
me32.dwSize = sizeof(MODULEENTRY32);
if(!Module32First(hModuleSnap,&me32))
{
LOG::printError(TEXT("Module32First"));
CloseHandle(hModuleSnap);
return vctMod;
}
do
{
vctMod.push_back(me32);
} while (Module32Next(hModuleSnap,&me32));
CloseHandle(hModuleSnap);
return vctMod;
}
开发者ID:louk78,项目名称:GetSystemInfo,代码行数:35,代码来源:processtool.cpp
示例15: FindModuleByAddress
// Helper function
bool FindModuleByAddress(const BYTE* lpAddress, LPWSTR pszModule, int cchMax)
{
bool bFound = false;
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, GetCurrentProcessId());
if (hSnap != INVALID_HANDLE_VALUE)
{
MODULEENTRY32 mi = {sizeof(mi)};
if (Module32First(hSnap, &mi))
{
do {
if ((lpAddress >= mi.modBaseAddr) && (lpAddress < (mi.modBaseAddr + mi.modBaseSize)))
{
bFound = true;
if (pszModule)
lstrcpyn(pszModule, mi.szExePath, cchMax);
break;
}
} while (Module32Next(hSnap, &mi));
}
CloseHandle(hSnap);
}
if (!bFound && pszModule)
*pszModule = 0;
return bFound;
}
开发者ID:AITW,项目名称:ConEmu,代码行数:27,代码来源:hkKernel.cpp
示例16: CheckDllInProcess
BOOL CheckDllInProcess(DWORD dwPID, LPCTSTR szDllPath)
{
BOOL bMore = FALSE;
HANDLE hSnapshot = INVALID_HANDLE_VALUE;
MODULEENTRY32 me = { sizeof(me), };
if (INVALID_HANDLE_VALUE ==
(hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwPID)))
{
wsprintf(buf, L"CheckDllInProcess() : CreateToolhelp32Snapshot(%d) failed!!! [%d]\n",
dwPID, GetLastError());
MessageBox(NULL, buf, L"error", MB_OK);
return FALSE;
}
bMore = Module32First(hSnapshot, &me);
for (; bMore; bMore = Module32Next(hSnapshot, &me))
{
if (!_tcsicmp(me.szModule, szDllPath) ||
!_tcsicmp(me.szExePath, szDllPath))
{
CloseHandle(hSnapshot);
return TRUE;
}
}
CloseHandle(hSnapshot);
return FALSE;
}
开发者ID:gkscndrl,项目名称:GoldRushData,代码行数:30,代码来源:main.cpp
示例17: ZeroMemory
int CATCodeMgr::GetAllLoadedModules( PMODULEENTRY32 pRetBuf, int maxCnt )
{
int curCnt = 0;
// 반환 버퍼 초기화
ZeroMemory(pRetBuf, sizeof(PMODULEENTRY32)*maxCnt);
// 프로세스 스냅샷 핸들을 생성
HANDLE hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, GetCurrentProcessId());
if(INVALID_HANDLE_VALUE == hModuleSnap) return 0;
pRetBuf[curCnt].dwSize = sizeof(MODULEENTRY32);
BOOL bExist = Module32First(hModuleSnap, &pRetBuf[curCnt]);
while( bExist == TRUE && curCnt < maxCnt )
{
curCnt++;
pRetBuf[curCnt].dwSize = sizeof(MODULEENTRY32);
bExist = Module32Next(hModuleSnap, &pRetBuf[curCnt]);
}
CloseHandle (hModuleSnap);
return curCnt;
}
开发者ID:adrix89,项目名称:araltrans03,代码行数:25,代码来源:ATCodeMgr.cpp
示例18: ModuleFromAddress
//---------------------------------------------------------------------------
//ReplaceIATEntryInAllModules
void WINAPI TAPIHook::ReplaceIATEntryInAllModules(PCSTR DllName,
PROC pfnCurrent,PROC pfnNew,bool IsHookSelfDll)
{
// 是否Hook DLL本身的相应函数。对一些系统函数,如GetProcAddress、LoadLibraryA、
// LoadLibraryW、LoadLibraryEx、LoadLibraryExW这些函数,DLL本身是不能对它们进
// 行Hook的,否则会引起死循环。
HMODULE hThisModule = NULL;
hThisModule = (IsHookSelfDll) ? NULL : ModuleFromAddress(ReplaceIATEntryInAllModules);
/////
HANDLE hSnapshot;
MODULEENTRY32 ModEntry32;
DWORD dwProcessId;
BOOL Result;
dwProcessId = GetCurrentProcessId();
hSnapshot = CreateToolhelp32Snapshot((DWORD)TH32CS_SNAPMODULE,dwProcessId);
ModEntry32.dwSize = sizeof(MODULEENTRY32);
Result = Module32First(hSnapshot,&ModEntry32);
while(Result)
{
if(ModEntry32.hModule != hThisModule)
ReplaceIATEntryInModule(DllName,pfnCurrent,pfnNew,ModEntry32.hModule);
Result = Module32Next(hSnapshot,&ModEntry32);
}
CloseHandle(hSnapshot);
}
开发者ID:sg-first,项目名称:Process-prevent-killed,代码行数:34,代码来源:HookClass.cpp
示例19: GetProcessModule
BOOL GetProcessModule (DWORD dwPID, DWORD dwModuleID,
LPMODULEENTRY32 lpMe32, DWORD cbMe32)
{
BOOL bRet = FALSE;
BOOL bFound = FALSE;
HANDLE hModuleSnap = NULL;
MODULEENTRY32 me32 = {0};
hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwPID);
if (hModuleSnap == (HANDLE)-1)
return (FALSE);
me32.dwSize = sizeof(MODULEENTRY32);
if (Module32First(hModuleSnap, &me32))
{
do
{
if (me32.th32ModuleID == dwModuleID)
{
CopyMemory (lpMe32, &me32, cbMe32);
bFound = TRUE;
}
}
while (!bFound && Module32Next(hModuleSnap, &me32));
bRet = bFound;
}
else
bRet = FALSE;
CloseHandle (hModuleSnap);
return (bRet);
}
开发者ID:cyberthreats,项目名称:malware-source-piece,代码行数:34,代码来源:PieceByPiece.c
示例20: GetModuleBase
DWORD GetModuleBase(const DWORD dwProcessId, const char *szModuleName)
{
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, dwProcessId);
if (!hSnap)
{
return 0;
}
MODULEENTRY32 me;
me.dwSize = sizeof(MODULEENTRY32);
DWORD dwReturn = 0;
if (Module32First(hSnap, &me))
{
while (Module32Next(hSnap, &me))
{
printf("%s %x\n", me.szModule, me.modBaseAddr);
if (lstrcmpi(me.szModule, szModuleName) == 0)
{
dwReturn = (DWORD)me.modBaseAddr;
break;
}
}
}
CloseHandle(hSnap);
return dwReturn;
}
开发者ID:clanstyles,项目名称:Fake-AntiVirus,代码行数:25,代码来源:MalwareAway.cpp
注:本文中的Module32Next函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论