本文整理汇总了Python中win32con.PROCESS_VM_READ属性的典型用法代码示例。如果您正苦于以下问题:Python win32con.PROCESS_VM_READ属性的具体用法?Python win32con.PROCESS_VM_READ怎么用?Python win32con.PROCESS_VM_READ使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类win32con
的用法示例。
在下文中一共展示了win32con.PROCESS_VM_READ属性的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _scan_for_self
# 需要导入模块: import win32con [as 别名]
# 或者: from win32con import PROCESS_VM_READ [as 别名]
def _scan_for_self(self):
win32api.Sleep(2000) # sleep to give time for process to be seen in system table.
basename = self.cmdline.split()[0]
pids = win32process.EnumProcesses()
if not pids:
UserLog.warn("WindowsProcess", "no pids", pids)
for pid in pids:
try:
handle = win32api.OpenProcess(
win32con.PROCESS_QUERY_INFORMATION | win32con.PROCESS_VM_READ,
pywintypes.FALSE, pid)
except pywintypes.error, err:
UserLog.warn("WindowsProcess", str(err))
continue
try:
modlist = win32process.EnumProcessModules(handle)
except pywintypes.error,err:
UserLog.warn("WindowsProcess",str(err))
continue
示例2: kill
# 需要导入模块: import win32con [as 别名]
# 或者: from win32con import PROCESS_VM_READ [as 别名]
def kill(self):
handle = win32api.OpenProcess(
win32con.PROCESS_VM_READ | win32con.PROCESS_TERMINATE, pywintypes.FALSE, self.childpid)
win32process.TerminateProcess(handle, 3)
示例3: GetProcessIdByName
# 需要导入模块: import win32con [as 别名]
# 或者: from win32con import PROCESS_VM_READ [as 别名]
def GetProcessIdByName(procname):
"""
Try and get pid for a process by name.
"""
ourPid = -1
procname = procname.lower()
try:
ourPid = win32api.GetCurrentProcessId()
except:
pass
pids = win32process.EnumProcesses()
for pid in pids:
if ourPid == pid:
continue
try:
hPid = win32api.OpenProcess(win32con.PROCESS_QUERY_INFORMATION | win32con.PROCESS_VM_READ, 0, pid)
try:
mids = win32process.EnumProcessModules(hPid)
for mid in mids:
name = str(win32process.GetModuleFileNameEx(hPid, mid))
if name.lower().find(procname) != -1:
return pid
finally:
win32api.CloseHandle(hPid)
except:
pass
return None
示例4: kill_process
# 需要导入模块: import win32con [as 别名]
# 或者: from win32con import PROCESS_VM_READ [as 别名]
def kill_process(name):
for pid in win32process.EnumProcesses():
# do try not to kill yourself
if pid == win32api.GetCurrentProcessId():
continue
try:
p = win32api.OpenProcess(win32con.PROCESS_QUERY_INFORMATION
| win32con.PROCESS_VM_READ
| win32con.PROCESS_TERMINATE,
False, pid)
except:
continue
if not p:
continue
try:
hl = win32process.EnumProcessModules(p)
except:
win32api.CloseHandle(p)
continue
h = hl[0]
pname = win32process.GetModuleFileNameEx(p, h)
root, pname = os.path.split(pname)
#print name, pname
if compare(name, pname):
#print "KILL", pname
win32api.TerminateProcess(p, 0)
win32api.CloseHandle(p)
return True
win32api.CloseHandle(p)
return False
示例5: check_processes
# 需要导入模块: import win32con [as 别名]
# 或者: from win32con import PROCESS_VM_READ [as 别名]
def check_processes():
pids = win32process.EnumProcesses()
# TODO also check out WMI. It might not be running, but it could help if it is:
# http://groups.google.com/group/comp.lang.python/browse_thread/thread/1f50065064173ccb
# TODO process explorer can find quite a lot more information than this script. This script has several problems:
# TODO I can't open 64-bit processes for a 32-bit app. I get this error:
# ERROR: can't open 6100: 299 EnumProcessModules, Only part of a ReadProcessMemory
# or WriteProcessMemory request was completed.
# TODO I can't seem to get the name of elevated processes (user running as me, but with admin privs)
# TODO I can't get details of certain processes runnign as SYSTEM on xp (e.g. pid 4 "system", csrss.exe)
# TODO should be able to find name (and threads?) for all processes. Not necessarily path.
for pid in sorted(pids):
# TODO there's a security descriptor for each process accessible via GetSecurityInfo according to http://msdn.microsoft.com/en-us/library/ms684880%28VS.85%29.aspx
# TODO could we connect with PROCESS_QUERY_LIMITED_INFORMATION instead on Vista+
try:
ph = win32api.OpenProcess(win32con.PROCESS_VM_READ | win32con.PROCESS_QUERY_INFORMATION , False, pid)
except:
# print "ERROR: can't connected to PID " + str(pid)
sys.stdout.write("?")
continue
else:
user = "unknown\\unknown"
try:
tokenh = win32security.OpenProcessToken(ph, win32con.TOKEN_QUERY)
except:
pass
else:
sidObj, intVal = win32security.GetTokenInformation(tokenh, TokenUser)
#source = win32security.GetTokenInformation(tokenh, TokenSource)
if sidObj:
accountName, domainName, accountTypeInt = win32security.LookupAccountSid(remote_server, sidObj)
# print "pid=%d accountname=%s domainname=%s wow64=%s" % (pid, accountName, domainName, win32process.IsWow64Process(ph))
user = domainName + "\\" + accountName
# print "PID %d is running as %s" % (pid, user)
sys.stdout.write(".")
try:
mhs = win32process.EnumProcessModules(ph)
# print mhs
except:
continue
mhs = list(mhs)
exe = win32process.GetModuleFileNameEx(ph, mhs.pop(0))
weak_perms = check_weak_write_perms(exe, 'file')
# print_weak_perms("PID " + str(pid) + " running as " + user + ":", weak_perms)
if weak_perms:
save_issue("WPC016", "weak_perms_exes", weak_perms)
sys.stdout.write("!")
for mh in mhs:
# print "PID %d (%s) has loaded module: %s" % (pid, exe, win32process.GetModuleFileNameEx(ph, mh))
dll = win32process.GetModuleFileNameEx(ph, mh)
weak_perms = check_weak_write_perms(dll, 'file')
# print_weak_perms("DLL used by PID " + str(pid) + " running as " + user + " (" + exe + "):", weak_perms)
if weak_perms:
save_issue("WPC016", "weak_perms_dlls", weak_perms)
sys.stdout.write("!")
print