LONG status = NtQueryInformationProcess(hProcess,
0,
pinfo,
sizeof(PVOID)*6,
NULL);
PPEB ppeb = (PPEB)((PVOID*)pinfo)[1];
PPEB ppebCopy = (PPEB)malloc(sizeof(PEB));
BOOL result = ReadProcessMemory(hProcess,
ppeb,
ppebCopy,
sizeof(PEB),
NULL); PRTL_USER_PROCESS_PARAMETERS pRtlProcParam = ppebCopy->ProcessParameters;
PRTL_USER_PROCESS_PARAMETERS pRtlProcParamCopy =
(PRTL_USER_PROCESS_PARAMETERS)malloc(sizeof(RTL_USER_PROCESS_PARAMETERS));
result = ReadProcessMemory(hProcess,
pRtlProcParam,
pRtlProcParamCopy,
sizeof(RTL_USER_PROCESS_PARAMETERS),
NULL);
PWSTR wBuffer = pRtlProcParamCopy->CommandLine.Buffer;
USHORT len = pRtlProcParamCopy->CommandLine.Length;
PWSTR wBufferCopy = (PWSTR)malloc(len);
result = ReadProcessMemory(hProcess,
wBuffer,
wBufferCopy, // command line goes here
len,
NULL);
0,
pinfo,
sizeof(PVOID)*6,
NULL);
PPEB ppeb = (PPEB)((PVOID*)pinfo)[1];
PPEB ppebCopy = (PPEB)malloc(sizeof(PEB));
BOOL result = ReadProcessMemory(hProcess,
ppeb,
ppebCopy,
sizeof(PEB),
NULL); PRTL_USER_PROCESS_PARAMETERS pRtlProcParam = ppebCopy->ProcessParameters;
PRTL_USER_PROCESS_PARAMETERS pRtlProcParamCopy =
(PRTL_USER_PROCESS_PARAMETERS)malloc(sizeof(RTL_USER_PROCESS_PARAMETERS));
result = ReadProcessMemory(hProcess,
pRtlProcParam,
pRtlProcParamCopy,
sizeof(RTL_USER_PROCESS_PARAMETERS),
NULL);
PWSTR wBuffer = pRtlProcParamCopy->CommandLine.Buffer;
USHORT len = pRtlProcParamCopy->CommandLine.Length;
PWSTR wBufferCopy = (PWSTR)malloc(len);
result = ReadProcessMemory(hProcess,
wBuffer,
wBufferCopy, // command line goes here
len,
NULL);
解决方案 »
- 【跪求大神】VC6中利用MFC给编辑框控件关联了变量,如何更改默认的消息框样式?
- 如何实现局域网中对服务器的自动扫描像cs那样,主要是实现局域网对战
- 为什么状态栏不显示文本?
- Microsoft Visual Studio.Net(VS2005/2008)有没有像Borland C++ Builder 6.0一样的FinControl
- 可以用DAO访问ACCESS2002吗?
- ++++++++200分就是用来接的+++++++++++领工资了,试用期结束了,明年回来签正式合同!幸福一下子,呵呵
- 关于重载的 CListBox
- 初次走上工作岗位,有点不踏实,不知道作为一个程序员到底水平要到什么程度?有那些事情要特别注意的?请前辈们指点!--------散分
- 如何改变多媒体定时器的时间周期,高手进来~
- vc++中,把字符转化为ascII码,把字符型数字转化为数字,各用哪个函数?
- MFC利用PDFlib生成PDF报表文档
- 客户端使用WSAAsyncSelect只能发送,却收不到服务器断的数据
Header Declared in Winternl.h.
DLL Requires Ntdll.dll.