本文整理汇总了C++中Module32Next函数的典型用法代码示例。如果您正苦于以下问题:C++ Module32Next函数的具体用法?C++ Module32Next怎么用?C++ Module32Next使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了Module32Next函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: hookAllModules
static void
hookAllModules(void)
{
HANDLE hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, GetCurrentProcessId());
if (hModuleSnap == INVALID_HANDLE_VALUE) {
return;
}
MODULEENTRY32 me32;
me32.dwSize = sizeof me32;
if (VERBOSITY > 0) {
static bool first = true;
if (first) {
if (Module32First(hModuleSnap, &me32)) {
debugPrintf(" modules:\n");
do {
debugPrintf(" %s\n", me32.szExePath);
} while (Module32Next(hModuleSnap, &me32));
}
first = false;
}
}
if (Module32First(hModuleSnap, &me32)) {
do {
hookModule(me32.hModule, me32.szExePath);
} while (Module32Next(hModuleSnap, &me32));
}
CloseHandle(hModuleSnap);
}示例2: VBoxServicePageSharingInspectModules
/**
* Inspect all loaded modules for the specified process
* @param dwProcessId Process id
*/
void VBoxServicePageSharingInspectModules(DWORD dwProcessId)
{
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessId);
if (hSnapshot == INVALID_HANDLE_VALUE)
{
printf("VBoxServicePageSharingInspectModules: CreateToolhelp32Snapshot failed with %d\n", GetLastError());
return;
}
printf("VBoxServicePageSharingInspectModules\n");
MODULEENTRY32 ModuleInfo;
BOOL bRet;
ModuleInfo.dwSize = sizeof(ModuleInfo);
bRet = Module32First(hSnapshot, &ModuleInfo);
do
{
/** todo when changing this make sure VBoxService.exe is excluded! */
char *pszDot = strrchr(ModuleInfo.szModule, '.');
if ( pszDot
&& (pszDot[1] == 'e' || pszDot[1] == 'E'))
continue; /* ignore executables for now. */
VBoxServicePageSharingCheckModule(&ModuleInfo);
}
while (Module32Next(hSnapshot, &ModuleInfo));
CloseHandle(hSnapshot);
}示例3: CreateToolhelp32Snapshot
QString CCrashStack::GetModuleByRetAddr(PBYTE Ret_Addr, PBYTE & Module_Addr)
{
MODULEENTRY32 M = {sizeof(M)};
HANDLE hSnapshot;
wchar_t Module_Name[MAX_PATH] = {0};
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, 0);
if ((hSnapshot != INVALID_HANDLE_VALUE) &&
Module32First(hSnapshot, &M))
{
do
{
if (DWORD(Ret_Addr - M.modBaseAddr) < M.modBaseSize)
{
lstrcpyn(Module_Name, M.szExePath, MAX_PATH);
Module_Addr = M.modBaseAddr;
break;
}
} while (Module32Next(hSnapshot, &M));
}
CloseHandle(hSnapshot);
QString sRet = QString::fromWCharArray(Module_Name);
return sRet;
}示例4: find_in_any_module_using_toolhelp
static gpointer
find_in_any_module_using_toolhelp (const gchar *symbol_name)
{
HANDLE snapshot;
MODULEENTRY32 me32;
gpointer p;
if ((snapshot = CreateToolhelp32Snapshot (TH32CS_SNAPMODULE, 0)) == (HANDLE) -1)
return NULL;
me32.dwSize = sizeof (me32);
p = NULL;
if (Module32First (snapshot, &me32))
{
do {
if ((p = GetProcAddress (me32.hModule, symbol_name)) != NULL)
break;
} while (Module32Next (snapshot, &me32));
}
CloseHandle (snapshot);
return p;
}示例5: GetModuleBase
uint32_t GetModuleBase(DWORD procId, char* modName)
{
HANDLE snapshot;
MODULEENTRY32 modInfo;
snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, procId);
modInfo.dwSize = sizeof(MODULEENTRY32);
if (Module32First(snapshot, &modInfo))
{
// printf("mod %s\n", modInfo.szModule);
if (!strcmp(modInfo.szModule, modName))
{
CloseHandle(snapshot);
return (uint32_t)modInfo.modBaseAddr;
}
while (Module32Next(snapshot, &modInfo))
{
// printf("mod %s\n", modInfo.szModule);
if (!strcmp(modInfo.szModule, modName))
{
CloseHandle(snapshot);
return (uint32_t)modInfo.modBaseAddr;
}
}
}
CloseHandle(snapshot);
return 0;
}示例6: DetectExeType
// detect which exe it is (installer, sumatra static or sumatra with dlls)
static ExeType DetectExeType()
{
ExeType exeType = ExeSumatraStatic;
HANDLE snap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, GetCurrentProcessId());
if (snap == INVALID_HANDLE_VALUE) {
plog("DetectExeType(): failed to detect type");
return exeType;
}
MODULEENTRY32 mod;
mod.dwSize = sizeof(mod);
BOOL cont = Module32First(snap, &mod);
while (cont) {
WCHAR *name = mod.szModule;
if (str::EqI(name, L"libmupdf.dll")) {
exeType = ExeSumatraLib;
break;
}
if (str::StartsWithI(name, L"SumatraPDF-") && str::EndsWithI(name, L"install.exe")) {
exeType = ExeInstaller;
break;
}
cont = Module32Next(snap, &mod);
}
CloseHandle(snap);
return exeType;
}示例7: GetPsModuleNameByAddress
BOOL
GetPsModuleNameByAddress(
ULONG ProcessId,
ULONG pfnAddress,
LPTSTR pszModuleName,
ULONG cbszModuleName
)
{
MODULEENTRY32 ModuleEntry;
HANDLE hSnapShot;
BOOL bFlag = FALSE;
hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, ProcessId);
ModuleEntry.dwSize = sizeof(MODULEENTRY32);
bFlag = Module32First(hSnapShot, &ModuleEntry);
while (bFlag)
{
if ((pfnAddress >= (ULONG)ModuleEntry.modBaseAddr) &&
(pfnAddress <= (ULONG)ModuleEntry.modBaseAddr + ModuleEntry.modBaseSize))
{
wcscpy_s(pszModuleName, cbszModuleName, ModuleEntry.szModule);
CloseHandle(hSnapShot);
return TRUE;
}
bFlag = Module32Next(hSnapShot, &ModuleEntry);
}
CloseHandle(hSnapShot);
return FALSE;
}示例8: ScanMod
//---------------------------------------------------------------------------
void ScanMod(DWORD pid, DWORD* list)
{
MainForm->lb_mod->Items->Clear();
MainForm->clb_sec->Items->Clear();
memset(mod_list, 0, sizeof(mod_list));
BOOL working = 0;
MODULEENTRY32 me32 = {0};
me32.dwSize = sizeof(MODULEENTRY32);
unsigned int i = 0;
HANDLE hSnapshot;
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid);
if (hSnapshot)
{
working = Module32First(hSnapshot, &me32);
while (working)
{
MainForm->lb_mod->Items->Add(UnicodeString(me32.szModule));
list[i] = (DWORD)me32.modBaseAddr;
working = Module32Next(hSnapshot,&me32);
i++;
}
CloseHandle(hSnapshot);
}
return;
}示例9: CreateToolhelp32Snapshot
bool QtProcessFinder::processUsesQt(int pid) {
HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
MODULEENTRY32 me32;
// Take a snapshot of all modules in the specified process.
hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid);
if (hModuleSnap == INVALID_HANDLE_VALUE) {
qWarning("CreateToolhelp32Snapshot (of modules)");
return false;
}
// Set the size of the structure before using it.
me32.dwSize = sizeof(MODULEENTRY32);
// Retrieve information about the first module,
// and exit if unsuccessful
if (!Module32First(hModuleSnap, &me32)) {
qWarning("Module32First"); // show cause of failure
CloseHandle(hModuleSnap); // clean the snapshot object
return false;
}
// Now walk the module list of the process,
// and display information about each module
do {
if (wcsncmp(me32.szModule, L"Qt5", 3) == 0) {
return true;
}
} while (Module32Next(hModuleSnap, &me32));
CloseHandle(hModuleSnap);
return false;
}示例10: sizeof
BOOL CInjectDLL::Uninject(const DWORD dwRemoteProcessID, const LPCTSTR& lpwszRemoteDllFullPath)
{
std::wstring wstrRemoteDllFullPath = lpwszRemoteDllFullPath;
HANDLE hSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwRemoteProcessID);
MODULEENTRY32 Me32 = {0};
Me32.dwSize = sizeof(MODULEENTRY32);
BOOL bRet = ::Module32First(hSnap, &Me32);
while (bRet)
{
if (wcscmp(Me32.szExePath, wstrRemoteDllFullPath.c_str()) == 0)
{
break;
}
bRet = Module32Next(hSnap, &Me32);
}
CloseHandle(hSnap);
HANDLE hRemoteProgress = ::OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwRemoteProcessID);
if (hRemoteProgress == NULL)
{
//wprintf_s(_T("OpenProcess fail\n"));
return FALSE;
}
FARPROC pfnFunAddr = ::GetProcAddress(::GetModuleHandle(_T("Kernel32")),"FreeLibrary");
::CreateRemoteThread(hRemoteProgress, NULL, 0, (LPTHREAD_START_ROUTINE) pfnFunAddr, Me32.hModule, 0, NULL);
::CloseHandle(hRemoteProgress);
return TRUE;
}示例11: EnumAndLoadModuleSymbols
// Enumerate the modules we have running and load their symbols.
// Return true if successful.
bool EnumAndLoadModuleSymbols(HANDLE hProcess, DWORD pid )
{
HANDLE hSnapShot;
MODULEENTRY32 me = { sizeof me };
bool keepGoing;
hSnapShot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, pid );
if ( hSnapShot == (HANDLE) -1 )
return false;
keepGoing = Module32First( hSnapShot, &me );
while ( keepGoing )
{
// here, we have a filled-in MODULEENTRY32. Use it to load symbols.
// Don't check errors, if we can't load symbols for some modules we just
// won't be able to do symbolic reports on them.
StrAnsi staExePath(me.szExePath);
StrAnsi staModule(me.szModule);
// SymLoadModule( hProcess, 0, me.szExePath, me.szModule, (DWORD) me.modBaseAddr,
// me.modBaseSize);
::SymLoadModule( hProcess, 0, const_cast<char *>(staExePath.Chars()),
const_cast<char *>(staModule.Chars()), (DWORD)me.modBaseAddr, me.modBaseSize);
keepGoing = Module32Next( hSnapShot, &me );
}
CloseHandle( hSnapShot );
return true;
}示例12: GetModuleInfo
LPMODULEENTRY32 GetModuleInfo(DWORD dwPid)
{
static MODULEENTRY32 s_sModule;
HANDLE hSnapshot;
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,dwPid);
if( hSnapshot == INVALID_HANDLE_VALUE )
{
printf("CreateToolhelp32Snapshot failed: %i\n",GetLastError());
return NULL;
}
s_sModule.dwSize = sizeof(MODULEENTRY32);
if( Module32First(hSnapshot,&s_sModule) == FALSE )
{
CloseHandle(hSnapshot);
printf("Module32First failed: %i\n",GetLastError());
return NULL;
}
do
{
if( strcmp("League of Legends.exe",s_sModule.szModule) == 0 )
{
CloseHandle(hSnapshot);
return &s_sModule;
}
}while(Module32Next(hSnapshot,&s_sModule));
printf("Couldn't find League of Legends module!\n");
CloseHandle(hSnapshot);
return NULL;
}示例13: CreateToolhelp32Snapshot
// すべてのモジュールに対してAPIフックを行う関数
void CAPIHook::ReplaceIATEntryInAllMods(
PCSTR pszModuleName,
PROC pfnCurrent,
PROC pfnNew)
{
// 自分自身(API_Hook_Lib.dll)のモジュールハンドルを取得
MEMORY_BASIC_INFORMATION mbi;
if(VirtualQuery(ReplaceIATEntryInAllMods, &mbi, sizeof(mbi)) == 0)
return;
HMODULE hModThisMod = (HMODULE) mbi.AllocationBase;
// モジュールリストを取得
HANDLE hModuleSnap = CreateToolhelp32Snapshot(
TH32CS_SNAPMODULE, GetCurrentProcessId());
if(hModuleSnap == INVALID_HANDLE_VALUE)
return;
MODULEENTRY32 me;
me.dwSize = sizeof(me);
BOOL bModuleResult = Module32First(hModuleSnap, &me);
// それぞれのモジュールに対してReplaceIATEntryInOneModを実行
// ただし自分自身(API_Hook_Lib.dll)には行わない
while(bModuleResult) {
if(me.hModule != hModThisMod)
ReplaceIATEntryInOneMod(pszModuleName, pfnCurrent, pfnNew, me.hModule);
bModuleResult = Module32Next(hModuleSnap, &me);
}
CloseHandle(hModuleSnap);
}示例14: CreateToolhelp32Snapshot
vector<MODULEENTRY32> CProcessTool::GetProcessModules(DWORD dwPID)
{
HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
MODULEENTRY32 me32;
VCTMOD vctMod;
hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,dwPID);
memset(&me32,0,sizeof(me32));
if( hModuleSnap == INVALID_HANDLE_VALUE)
{
LOG::printError(TEXT("CreateToolhelp32Snapshot (od modules)"));
return vctMod;
}
me32.dwSize = sizeof(MODULEENTRY32);
if(!Module32First(hModuleSnap,&me32))
{
LOG::printError(TEXT("Module32First"));
CloseHandle(hModuleSnap);
return vctMod;
}
do
{
vctMod.push_back(me32);
} while (Module32Next(hModuleSnap,&me32));
CloseHandle(hModuleSnap);
return vctMod;
}示例15: FindModuleByAddress
// Helper function
bool FindModuleByAddress(const BYTE* lpAddress, LPWSTR pszModule, int cchMax)
{
bool bFound = false;
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, GetCurrentProcessId());
if (hSnap != INVALID_HANDLE_VALUE)
{
MODULEENTRY32 mi = {sizeof(mi)};
if (Module32First(hSnap, &mi))
{
do {
if ((lpAddress >= mi.modBaseAddr) && (lpAddress < (mi.modBaseAddr + mi.modBaseSize)))
{
bFound = true;
if (pszModule)
lstrcpyn(pszModule, mi.szExePath, cchMax);
break;
}
} while (Module32Next(hSnap, &mi));
}
CloseHandle(hSnap);
}
if (!bFound && pszModule)
*pszModule = 0;
return bFound;
}