zz枚举MS当前进程及端口
王薯熟普通会员
发贴: 17
积分: 0
来自:
注册日期: 2008-01-18
发表时间: 2008-04-08 11:58:43
--------------------------------------------------------------------------------
1 """
2 Enumerates active processes as seen under windows Task Manager on Win
3 NT/2k/XP using PSAPI.dll
4 (new api for processes) and using ctypes.Use it as you please.
5
6 Based on information from
7 http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q175030&ID=KB;EN-US;Q175030
8
9 By Eric Koome
10 email ekoome@yahoo.com
11 license GPL
12 """
13 from ctypes import *
14
15 #PSAPI.DLL
16 psapi = windll.psapi
17 #Kernel32.DLL
18 kernel = windll.kernel32
19
20 def EnumProcesses():
21 arr = c_ulong * 256
22 lpidProcess= arr()
23 cb = sizeof(lpidProcess)
24 cbNeeded = c_ulong()
25 hModule = c_ulong()
26 count = c_ulong()
27 modname = c_buffer(30)
28 PROCESS_QUERY_INFORMATION = 0x0400
29 PROCESS_VM_READ = 0x0010
30
31 #Call Enumprocesses to get hold of process id's
32 psapi.EnumProcesses(byref(lpidProcess),
33 cb,
34 byref(cbNeeded))
35
36 #Number of processes returned
37 nReturned = cbNeeded.value/sizeof(c_ulong())
38
39 pidProcess = [:nReturned]
40
41 for pid in pidProcess:
42
43 #Get handle to the process based on PID
44 hProcess = kernel.OpenProcess(PROCESS_QUERY_INFORMATION |PROCESS_VM_READ,
45 False, pid)
46 if hProcess:
47 psapi.EnumProcessModules(hProcess, byref(hModule),sizeof(hModule), byref(count))
48 psapi.GetModuleBaseNameA(hProcess, hModule.value, modname,sizeof(modname))
49 print "".join([ i for i in modname if i != '\x00'])
50
51 #-- Clean up
52 for i in range(modname._length_):
53 modname='\x00'
54
55 kernel.CloseHandle(hProcess)
56
57 if __name__ == '__main__':
58 EnumProcesses()
ps:用ctypes模块调用dll中的函数而已……
此贴由王薯熟在 2008-04-08 11:59 编辑过。
<---- 以上言论仅代表本人立场 ---->
__________________
我的名字是---各位同学请跟我读---:王~~薯~~熟~~
我也忘了
普通会员
发贴: 4
积分: 0
来自:
注册日期: 2008-01-23
发表时间: 2008-04-13 20:28:46
--------------------------------------------------------------------------------
I'll type this command in the CMD window.
C:\>netstat -ano <CR>
<---- 以上言论仅代表本人立场 ---->
阿狗
普通会员
发贴: 46
积分: 0
来自:
注册日期: 2006-10-27
发表时间: 2008-06-25 09:44:49
--------------------------------------------------------------------------------
我一直用Aproman -p
<---- 以上言论仅代表本人立场 ---->
页:
[1]