vc++挂起进程 冻结进程

#include <windows.h> #include <tchar.h> #include <stdio.h> #include <tlhelp32.h> typedef HANDLE (CALLBACK* OPENTHREADPROC)(DWORD, BOOL, DWORD); HANDLE OpenThread( DWORD dwDesiredAccess, // access right BOOL bInheritHandle, // handle inheritance option DWORD dwThreadId // thread identifier ); BOOL EnableDebugPriv(); BOOL Lock(char *); BOOL Unlock(char *); void main(int argc,char *argv[]) { EnableDebugPriv(); if (argc!=3) { printf("usage:\n\tmake ProcessName Lock|Unlock\n"); return; } if (strncmp("Lock",argv[2],4)==0) { Lock(argv[1]); } else if (strncmp("Unlock",argv[2],6)==0) { Unlock(argv[1]); } else { printf("usage:\n\thang ProcessName Lock|Unlock\n"); return; } } BOOL Lock(char *ProcessName) { PROCESSENTRY32 pe32; pe32.dwSize=sizeof(pe32); unsigned long Pid; HANDLE hProcessSnap=::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); if(hProcessSnap==INVALID_HANDLE_VALUE) { printf("CreateToolhelp32Snapshot调用失败！"); return -1; } BOOL b=::Process32First(hProcessSnap,&pe32); while(b) { if(!strcmp(pe32.szExeFile,ProcessName)) { printf("Find %s ok!\n",pe32.szExeFile); Pid=pe32.th32ProcessID; break; } b=::Process32Next(hProcessSnap,&pe32); } ::CloseHandle(hProcessSnap); THREADENTRY32 th32; th32.dwSize=sizeof(th32); HANDLE hThreadSnap=::CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD,0); if(hThreadSnap==INVALID_HANDLE_VALUE) { printf("CreateToolhelp32Snapshot调用失败！"); return -1; } b=::Thread32First(hThreadSnap,&th32); while(b) { if(th32.th32OwnerProcessID==Pid) { HANDLE oth=OpenThread(THREAD_ALL_ACCESS,FALSE,th32.th32ThreadID); if(!(::SuspendThread(oth))) { printf("Onlock Thread id:%d\n",th32.th32ThreadID); printf("Onlock ThreadOwnerProcessID:%d\n",th32.th32OwnerProcessID); printf("Onlock ExeFileName %s\n",pe32.szExeFile); } CloseHandle(oth); // break; //对于线程不能break了,注意哦~ } b=::Thread32Next(hThreadSnap,&th32); } ::CloseHandle(hThreadSnap); return TRUE; } BOOL Unlock(char *ProcessName) { PROCESSENTRY32 pe32; pe32.dwSize=sizeof(pe32); unsigned long Pid; HANDLE hProcessSnap=::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); if(hProcessSnap==INVALID_HANDLE_VALUE) { printf("CreateToolhelp32Snapshot调用失败！"); return -1; } BOOL b=::Process32First(hProcessSnap,&pe32); while(b) { if(!strcmp(pe32.szExeFile,ProcessName)) { printf("Find %s ok!\n",pe32.szExeFile); Pid=pe32.th32ProcessID; break; } b=::Process32Next(hProcessSnap,&pe32); } ::CloseHandle(hProcessSnap); THREADENTRY32 th32; th32.dwSize=sizeof(th32); HANDLE hThreadSnap=::CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD,0); if(hThreadSnap==INVALID_HANDLE_VALUE) { printf("CreateToolhelp32Snapshot调用失败！"); return -1; } b=::Thread32First(hThreadSnap,&th32); while(b) { if(th32.th32OwnerProcessID==Pid) { HANDLE oth=OpenThread(THREAD_ALL_ACCESS,FALSE,th32.th32ThreadID); if(::ResumeThread(oth)) { printf("Unlock Thread id:%d\n",th32.th32ThreadID); printf("Unlock ThreadOwnerProcessID:%d\n",th32.th32OwnerProcessID); printf("Unlock ExeFileName %s\n",pe32.szExeFile); } CloseHandle(oth); //break;与上面的Lock同理~ } b=::Thread32Next(hThreadSnap,&th32); } ::CloseHandle(hThreadSnap); return TRUE; } HANDLE OpenThread( DWORD dwDesiredAccess, // access right BOOL bInheritHandle, // handle inheritance option DWORD dwThreadId // thread identifier ) { HMODULE hModule = NULL; OPENTHREADPROC pOpenThread = NULL; hModule = GetModuleHandle(_T("kernel32.dll")); if (NULL == hModule) { return NULL; } pOpenThread = (OPENTHREADPROC)GetProcAddress(hModule, _T("OpenThread")); if (NULL == pOpenThread) { return NULL; } return pOpenThread(dwDesiredAccess, bInheritHandle, dwThreadId); } //提升进程访问权限 BOOL EnableDebugPriv() { HANDLE hToken; LUID sedebugnameValue; TOKEN_PRIVILEGES tkp; if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) { return false; } if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &sedebugnameValue)) { CloseHandle(hToken); return false; } tkp.PrivilegeCount = 1; tkp.Privileges[0].Luid = sedebugnameValue; tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; if (!AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(tkp), NULL, NULL)) { CloseHandle(hToken); return false; } return true; }