#include <TlHelp32.h>
#include <vector>
BOOL TraversalModule1(OUT std::vector<MODULEENTRY32> &vec, IN DWORD dwPid)
{
/************************************************************************/
/*
typedef struct tagMODULEENTRY32
{
DWORD dwSize;
DWORD th32ModuleID; // This module
DWORD th32ProcessID; // owning process
DWORD GlblcntUsage; // Global usage count on the module
DWORD ProccntUsage; // Module usage count in th32ProcessID's context
BYTE * modBaseAddr; // Base address of module in th32ProcessID's context
DWORD modBaseSize; // Size in bytes of module starting at modBaseAddr
HMODULE hModule; // The hModule of this module in th32ProcessID's context
char szModule[MAX_MODULE_NAME32 + 1];
char szExePath[MAX_PATH];
} MODULEENTRY32;
*/
/************************************************************************/
vec.clear();
try
{
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwPid);
if (hSnap != INVALID_HANDLE_VALUE)
{
MODULEENTRY32 item;
item.dwSize = sizeof(item);
if (Module32First(hSnap, &item))
{
do
{
vec.push_back(item);
} while (Module32Next(hSnap, &item));
}
CloseHandle(hSnap);
}
}
catch (...)
{
OutputDebugStringA(__FUNCTION__);
return 0;
}
return vec.size() > 0;
}
int main()
{
STARTUPINFO si = { 0 };
si.cb = sizeof(si);
PROCESS_INFORMATION pi = { 0 };
BOOL b = CreateProcess(_T("C:/Using/winmine.exe"), 0, 0, 0, 0, 0, 0, 0, &si, &pi);
if (b)
{
Sleep(1000);
std::vector<MODULEENTRY32> vec;
TraversalModule1(vec, pi.dwProcessId);
for each (MODULEENTRY32 var in vec)
{
printf("%08X %08X", var.modBaseAddr, var.modBaseSize);
printf(" %S", var.szExePath);
printf("\r\n");
}
TerminateProcess(OpenProcess(PROCESS_ALL_ACCESS, 0, pi.dwProcessId), 0);
}
return 0;
}
浙公网安备 33010602011771号