Task Manager

Post date: Nov 28, 2013 1:12:36 AM

سلام

در این پست، برنامه‌ای برای نمایش و توقف processهای در حال اجرا در ویندوز بررسی می‌شود. برنامه این است:

#include <conio.h>

#include <string>

#include <iostream>

#include <vector>

#include <map>

#include <iomanip>

using namespace std;

#undef UNICODE

#define UNICODE

#include <windows.h>

#include <psapi.h>

#pragma comment(lib,"psapi.lib")

void ToLower(wstring& wstr)

{

unsigned len = wstr.length();

for(unsigned i = 0; i < len; i++)

{

if(L'A' <= wstr[i] && wstr[i] <= L'Z')

wstr[i] = wstr[i] + L'a' - L'A';

}

}

inline bool Priv(bool enable_privilege = true)

{

char* privilege_name = "SeDebugPrivilege";

HANDLE current_process = GetCurrentProcess();

HANDLE process_token;

if(!OpenProcessToken(current_process,

TOKEN_ADJUST_PRIVILEGES,

&process_token))

{

return false;

}

TOKEN_PRIVILEGES tp;

LUID luid;

if

(

!LookupPrivilegeValueA

(

0, // lookup privilege on local system

privilege_name,

&luid

)

)

{

CloseHandle(process_token);

return false;

}

tp.PrivilegeCount = 1;

tp.Privileges -> Luid = luid;

if(enable_privilege)

tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

else

tp.Privileges[0].Attributes = 0;

if

(

!AdjustTokenPrivileges

(

process_token,

0,

&tp,

sizeof(TOKEN_PRIVILEGES),

0,

0

)

)

{

CloseHandle(process_token);

return false;

}

CloseHandle(process_token);

return true;

}

inline void Suicide()

{

HANDLE current_process = GetCurrentProcess();

unsigned long exit_code;

if(!GetExitCodeProcess(current_process,&exit_code))

exit_code = 0;

ExitProcess(exit_code);

}

class Processes

{

unsigned number_of_processes;

vector<wstring> names;

vector<unsigned long> ids;

void Add(unsigned long process_id)

{

wchar_t name[MAX_PATH] = L"";

void* han = OpenProcess

(

PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,

FALSE,

process_id

);

if(han == 0)

{

names.push_back(L"Access Denied");

return;

}

HINSTANCE hmod;

unsigned long number_of_bytes_filled;

int res = EnumProcessModules

(

han,

&hmod,

sizeof hmod,

&number_of_bytes_filled

);

if(res == 0)

{

names.push_back(L"Name was not retrieved");

return;

}

GetModuleBaseNameW(han,hmod,name,sizeof name);

for(unsigned i = 0; name[i]; i++)

name[i] = tolower(name[i]);

names.push_back(name);

CloseHandle(han);

}

void Fill()

{

unsigned long process_id_array[1024];

unsigned long number_of_bytes_filled;

int success = EnumProcesses

(

process_id_array,

sizeof process_id_array,

&number_of_bytes_filled

);

if(success == 0)

return;

number_of_processes =

number_of_bytes_filled / sizeof(unsigned long);

for(unsigned i = 0; i < number_of_processes; i++)

{

Add(process_id_array[i]);

ids.push_back(process_id_array[i]);

}

}

public:

void ArrangeById()

{

typedef multimap<unsigned long,wstring> MAP;

typedef MAP::iterator ITERATOR;

typedef pair<unsigned long,wstring> PAIR;

MAP m;

ITERATOR it;

for(unsigned i = 0; i < number_of_processes; i++)

m.insert(PAIR(ids[i],names[i]));

names.clear();

ids.clear();

for(it = m.begin(); it != m.end(); it++)

{

ids.push_back(it -> first);

names.push_back(it -> second);

}

}

void ArrangeByName()

{

typedef multimap<wstring,unsigned long> MAP;

typedef MAP::iterator ITERATOR;

typedef pair<wstring,unsigned long> PAIR;

MAP m;

ITERATOR it;

for(unsigned i = 0; i < number_of_processes; i++)

m.insert(PAIR(names[i],ids[i]));

names.clear();

ids.clear();

for(it = m.begin(); it != m.end(); it++)

{

names.push_back(it -> first);

ids.push_back(it -> second);

}

}

void Update()

{

names.clear();

ids.clear();

Fill();

}

unsigned GetNumber()

{

return number_of_processes;

}

void KillProcess(unsigned i) // kill process by number

{

unsigned long id = this[0][i];

void* han = OpenProcess

(

PROCESS_ALL_ACCESS,

FALSE,

id

);

if(han == 0)

return;

unsigned long d;

if(GetExitCodeProcess(han,&d) == 0)

d = 0;

if(TerminateProcess(han,d) == 0)

{

//print_error("void operator -=(unsigned i)");

return;

}

CloseHandle(han);

Update();

}

void KillProcess(wstring name) // kill process by name

{

for(unsigned i = 0; i < number_of_processes; i++)

if(this[0](i) == name)

KillProcess(i);

}

unsigned operator ~() // number_of_processes

{

return number_of_processes;

}

void operator +() // updates the names & ids of processes

{

Update();

}

void operator -() // arrange by name

{

ArrangeByName();

}

void operator !() // arrange by id

{

ArrangeById();

}

void operator -=(unsigned i) // kill process by number

{

KillProcess(i);

}

void operator -=(wstring name) // kill process by name

{

KillProcess(name);

}

wstring operator()(unsigned i) // get name by number

{

if(i < GetNumber())

return names[i];

else

return L"";

}

unsigned operator[](unsigned i) // get id by number

{

if(i < GetNumber())

return ids[i];

else

return -1;

}

unsigned NumberOfProcsWithName(wstring name)

{

ToLower(name);

unsigned ret = 0;

unsigned size = names.size();

for(unsigned i = 0; i < size; i++)

{

if(names[i] == name)

ret++;

}

return ret;

}

Processes() // constructor creates the list of processes

{

Priv();

Fill();

}

};

int main()

{

Priv(true); // obtain privilege

Processes pr;

unsigned n = ~pr; // number of processes

-pr; // arrange by name

for(unsigned i = 0; i < n; i++)

{

wcout<< setw(2) << i << L": "; // number

wcout<< setw(4) << pr[i] << L" : "; // id

wcout<< pr(i) << L"\n"; // name

}

pr.KillProcess(L"fdm.exe");

Priv(false); // lose privilege

_getch();

Suicide(); // end program

_getch();

}

Output:

0: 0 : Access Denied

1: 4 : Access Denied

2: 4168 : Access Denied

3: 5760 : bds.exe

4: 2084 : cappswk.exe

5: 2548 : cappswk.exe

6: 2628 : cappswk.exe

7: 700 : caprpcsk.exe

8: 1548 : cisvc.exe

9: 3764 : conhost.exe

10: 1504 : conhost.exe

11: 3064 : conhost.exe

12: 6104 : console.exe

13: 368 : csrss.exe

14: 424 : csrss.exe

15: 604 : dwm.exe

16: 1012 : explorer.exe

17: 4328 : explorer.exe

18: 3808 : iexplore.exe

19: 4600 : iexplore.exe

20: 1616 : inetinfo.exe

21: 2564 : internettimev3.exe

22: 540 : lsass.exe

23: 548 : lsm.exe

24: 1772 : mdm.exe

25: 1812 : mqsvc.exe

26: 2884 : mqtgsvc.exe

27: 4828 : msbuild.exe

28: 5920 : msbuild.exe

29: 2960 : nfsclnt.exe

30: 5548 : officelivesignin.exe

31: 2640 : onenotem.exe

32: 416 : psxss.exe

33: 2464 : seaport.exe

34: 2152 : searchindexer.exe

35: 532 : services.exe

36: 2504 : sidebar.exe

37: 260 : smss.exe

38: 2016 : smsvchost.exe

39: 3140 : smsvchost.exe

40: 2604 : snmp.exe

41: 1352 : spoolsv.exe

42: 1852 : sqlservr.exe

43: 2740 : sqlwriter.exe

44: 640 : svchost.exe

45: 716 : svchost.exe

46: 812 : svchost.exe

47: 868 : svchost.exe

48: 896 : svchost.exe

49: 1092 : svchost.exe

50: 1192 : svchost.exe

51: 1388 : svchost.exe

52: 1528 : svchost.exe

53: 1596 : svchost.exe

54: 1700 : svchost.exe

55: 1724 : svchost.exe

56: 2772 : svchost.exe

57: 2848 : svchost.exe

58: 4240 : svchost.exe

59: 5380 : svchost.exe

60: 3736 : svchost.exe

61: 1952 : taskhost.exe

62: 2572 : tcpsvcs.exe

63: 2804 : ulcdrsvr.exe

64: 3856 : vcexpress.exe

65: 4088 : vcpkgsrv.exe

66: 2456 : wfwiz.exe

67: 4864 : windowslivewriter.exe

68: 440 : wininit.exe

69: 492 : winlogon.exe

70: 5044 : winword.exe

71: 1748 : wlcomm.exe

72: 4456 : wlmail.exe

73: 1348 : wltuser.exe

74: 4324 : wordpad.exe

75: 3796 : wuauclt.exe

این لیست همه پروسه‌هایی است که در کامپیوتر من در حال اجرا هستند. در پایان برنامه، پرسه fdm.exe در صورتی که در حال اجرا باشد متوقف می‌شود. البته همان طور که در لیست می‌بینید این پروسه در کامپیوتر من در حال اجرا نیست.

این برنامه می‌تواند به نوشتن خیلی از برنامه‌های مفید در مورد آمار گیری و توقف پروسه‌ها در ویندوز کمک کند.