sysinf.cpp

 #include "stdafx.h"
#include "sysinf.h"

CSysinfo::CSysinfo()
{
	memptr = (DWORD*)VirtualAlloc ((void*)0x100000, 
						0x10000, 
						MEM_COMMIT,
						PAGE_READWRITE); 
}

CSysinfo::~CSysinfo()
{
	VirtualFree (memptr, 0, MEM_RELEASE);
}

// Holt alle Process-IDs des Computers
// Rueckgabe -> Anzahl der Prozesse
int CSysinfo::GetPIDs (DWORD *dest)
{
	int s=0;
	DWORD *startblock = memptr;
	Refresh();	
	while (startblock)
	{
		dest[s++] = *(startblock + 17);
		startblock = NextBlock (startblock);
	}
	return (s);
}

// Ermittelt die Anzahl der Threads eines Prozesses
DWORD CSysinfo::NumThreads (DWORD pid)
{
	DWORD *block;
	Refresh();
	block = FindBlock (pid);
	if (block)
		return *(block+1);
	else
		return 0;
}

// Holt den Namen eines Prozesses
BOOL CSysinfo::GetProcessName (DWORD pid, char *dest)
{
	DWORD *block;
	Refresh();
	block = FindBlock (pid);
	if (!block)
	{
		dest[0] = '\0';
		return FALSE;
	}
	MakeAnsiString ((WORD*)(*(block+15)), dest);
	return TRUE;
}

// 19 !!!
DWORD CSysinfo::GetHandleCount (DWORD pid)
{
	DWORD *block;
	Refresh();
	block = FindBlock (pid);
	if (!block)
		return 0;
	return block[19];
}

// Holt alle Thread-IDs eines Prozesses
// und den dazugehoerigen ThreadStatus (optional)
// tstatus == 0x505 -> Thread ist suspended
// Rueckgabe -> Anzahl der Threads
int CSysinfo::GetTIDs (DWORD pid, DWORD *tids, DWORD *tstatus)
{
	DWORD *block;
	DWORD s;
	Refresh();
	block = FindBlock (pid);
	if (!block)
		return 0;
	for (s=0; s < *(block+1); s++)
	{
		tids[s] = *(block+43+s*16);	
		if (tstatus)
			tstatus[s] = *(block+48+s*16) + (*(block+47+s*16)<<8);
	}
	return (int)s;
}

// Findet den Process zu dem ein Thread gehoert
// Rueckgabe PID oder 0xffffffff wenn nicht gefunden
DWORD CSysinfo::FindThreadProcess (DWORD find_tid)
{
	DWORD pids[256];
	DWORD tids[256];
	int num_pids;
	int num_tids;

	num_pids = GetPIDs (pids);
	for (int s=0; s<num_pids; s++)
	{
		num_tids = GetTIDs (pids[s], tids);
		for (int l=0; l<num_tids; l++)
		{
			if (find_tid == tids[l])
				return pids[s];
		}
	}
	return 0xffffffff;
}

// Oeffnet ein Handle zu irgendeinem Thread
HANDLE CSysinfo::OpenThread (DWORD tid, DWORD accessflag)
{
	HANDLE hThread = NULL;
	DWORD struct1[] = {0x18, 0, 0, 0, 0, 0}; //OBJECT_ATTRIBUTES
	DWORD struct2[] = {0,tid}; //CLIENT_ID
	NtOpenThread (&hThread, 
			   accessflag, 
			   struct1, 
			   struct2);

	return hThread;
}


// Schliesst das Handle
void CSysinfo::CloseThread (HANDLE hthread)
{
	NtClose (hthread);
}

// ListBox mit den ProcessDaten fuellen 
void CSysinfo::FillProcessBox (CComboBox *clb)
{
	DWORD pids[128];
	char txt[256];
	char name[64];
	DWORD s;
	DWORD num_tasks;
	num_tasks = GetPIDs (pids); 
	clb->ResetContent();
	for (s=0; s<num_tasks; s++)
	{
		if (!pids[s])
			strcpy (name, "Idle Process");
		else
			GetProcessName (pids[s], name);
		wsprintf (txt, "%04x   %s", pids[s], name);
		clb->AddString (txt);
	}
}

//////////////////////// Helper Funcs ////////////////////////////

__inline DWORD* CSysinfo::NextBlock (DWORD* oldblock)
{
	DWORD offset = *oldblock;
	if (offset)
		return ((DWORD*)((DWORD)oldblock + offset));
	else
		return NULL;
}

__inline void CSysinfo::Refresh (void)
{
	NtQuerySystemInformation (5, memptr, 0x10000 ,0);	
}

__inline void CSysinfo::MakeAnsiString (WORD *unistring, char *ansistring)
{
	int s=0;
	if (unistring)
		while (unistring[s])
			ansistring[s] = (char)unistring[s++];
	ansistring[s] = '\0';
}

__inline DWORD* CSysinfo::FindBlock (DWORD pid)
{
	DWORD *startblock = memptr;
	while (startblock)
	{
		if (*(startblock+17) == pid)
			return startblock;
		startblock = NextBlock (startblock);
	}
	return NULL;
}
Project Homepage:

Handlemon for winnt2000 in c
freesourcecode.net

Download free open source code for your projects!

Project Homepage:

Search form

Project Homepage:
