;win32汇编环境,如何取得某进程的名称或ID
;主要应用CreateToolhelp32Snapshot,Process32First和Process32Next函数,三者需配合着使用
;其中要使用结构PROCESSENTRY32,其中包含着某进程的相关信息
;下列为Asm文件,复制进RadASM里面可以直接编译运行。
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.386
.model flat,stdcall
option casemap:none
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; Include 文件定义
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include windows.inc
include user32.inc
include kernel32.inc
includelib user32.lib
includelib kernel32.lib
; 自定义函数声明
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
DlgProc proto :DWORD,:DWORD,:DWORD,:DWORD ;对话框窗口函数
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; Equ 等值定义
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
MAINDIALOG equ 1
ICO_MAIN equ 1000 ;图标
ID_BUTTON01 equ 41
ID_EDIT01 equ 11
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
; 数据段
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.data
szMsg db "提示",0
szFrm0D db "%d",0
szErr db "错误",0
szSnapshotErr db "取得进程快照失败",0
szProcessFirstErr db "检索有关系统快照中遇到的第一个进程的信息失败",0
szShowProceMsg db "进程名称:%s ,进程ID:%d",0
szEnter db 13,10,0
.data?
hInstance HINSTANCE ?
hMainhwnd HWND ?
hEdithwnd01 HWND ?
.const
; 代码段
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.code
start:
invoke GetModuleHandle, NULL
mov hInstance,eax
invoke DialogBoxParam, hInstance, MAINDIALOG,NULL, addr DlgProc, NULL
invoke ExitProcess,eax
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
DlgProc proc hWnd:HWND, uMsg:UINT, wParam:WPARAM, lParam:LPARAM
LOCAL @szBuffer[256]:byte
LOCAL @pe32:PROCESSENTRY32
LOCAL @hProcessSnap
.if uMsg == WM_INITDIALOG
invoke LoadIcon,hInstance,ICO_MAIN
invoke SendMessage,hWnd,WM_SETICON,ICON_BIG,eax
invoke GetDlgItem,hWnd,ID_EDIT01
mov hEdithwnd01,eax
.elseif uMsg == WM_COMMAND
mov ebx,wParam
.if bx == ID_BUTTON01
invoke CreateToolhelp32Snapshot,TH32CS_SNAPPROCESS,0 ;产生进程快照
mov @hProcessSnap,eax
.if eax == INVALID_HANDLE_VALUE
invoke MessageBox,hWnd,addr szSnapshotErr,addr szMsg,MB_OK
.endif
mov @pe32.dwSize,sizeof PROCESSENTRY32
invoke Process32First,@hProcessSnap,addr @pe32
.if eax == FALSE
invoke MessageBox,hWnd,addr szProcessFirstErr,addr szMsg,MB_OK
invoke CloseHandle,@hProcessSnap
.endif
invoke SendMessage,hEdithwnd01,WM_SETTEXT,0,0 ;清空编辑框
;循环得到进程的名称和ID
.while TRUE
invoke Process32Next,@hProcessSnap,addr @pe32
.break .if eax == FALSE
invoke wsprintf,addr @szBuffer,addr szShowProceMsg,addr @pe32.szExeFile,@pe32.th32ProcessID
invoke SendMessage,hEdithwnd01,EM_REPLACESEL,FALSE,addr @szBuffer
invoke SendMessage,hEdithwnd01,EM_REPLACESEL,FALSE,addr szEnter
.endw
invoke CloseHandle,@hProcessSnap
.endif
.elseif uMsg == WM_CLOSE
invoke EndDialog,hWnd,NULL
.else
mov eax,FALSE
ret
.endif
mov eax,TRUE
ret
DlgProc endp
end start
;下面为rc文件内容
#include "resource.h" //提示缺少该文件,可以在资源里下载
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
#define MAINDIALOG 1
#define ICO_MAIN 1000 //图标
#define ID_BUTTON01 41
#define ID_EDIT01 11 //编辑框标识符
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
ICO_MAIN ICON "Main.ico"
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
//定义对话框
MAINDIALOG DIALOG 10, 10, 180, 270
STYLE DS_CENTER | WS_CAPTION | WS_MINIMIZEBOX |
WS_SYSMENU | WS_VISIBLE | WS_OVERLAPPED | DS_MODALFRAME | DS_3DLOOK
CAPTION "对话框程序模版"
FONT 11, "方正姚体"
BEGIN
PUSHBUTTON "测试取得进程PID", ID_BUTTON01, 40,10,100,13
CONTROL "这里显示的是服务器返回的信息",ID_EDIT01,"Edit",WS_CHILDWINDOW|WS_VISIBLE|WS_TABSTOP|ES_MULTILINE|ES_WANTRETURN|ES_AUTOVSCROLL|WS_VSCROLL,10, 35, 160, 220,WS_EX_CLIENTEDGE //设置成多行编辑框,按回车时加回车符
END
