VC获取父进程PID
2014-11-18 20:20
183 查看
// tt.cpp : 定义控制台应用程序的入口点。
//
#include "stdafx.h"
#include <windows.h>
#include <stdio.h>
typedef enum enumSYSTEM_INFORMATION_CLASS
{
SystemBasicInformation,
SystemProcessorInformation,
SystemPerformanceInformation,
SystemTimeOfDayInformation,
}SYSTEM_INFORMATION_CLASS;
typedef struct tagPROCESS_BASIC_INFORMATION
{
DWORD ExitStatus;
DWORD PebBaseAddress;
DWORD AffinityMask;
DWORD BasePriority;
ULONG UniqueProcessId;
ULONG InheritedFromUniqueProcessId;
}PROCESS_BASIC_INFORMATION;
typedef LONG (WINAPI *PNTQUERYINFORMATIONPROCESS)(HANDLE,UINT,PVOID,ULONG,PULONG);
PNTQUERYINFORMATIONPROCESS NtQueryInformationProcess = NULL;
#define PRINT_LINE printf("---------------------------------------------\n")
int GetParentProcessID(DWORD dwId)
{
LONG status;
DWORD dwParentPID = 0;
HANDLE hProcess;
PROCESS_BASIC_INFORMATION pbi;
hProcess = OpenProcess(PROCESS_QUERY_INFORMATION,FALSE,dwId);
if(!hProcess)
return -1;
status = NtQueryInformationProcess(hProcess,SystemBasicInformation,(PVOID)&pbi,sizeof(PROCESS_BASIC_INFORMATION),NULL);
if(!status)
dwParentPID = pbi.InheritedFromUniqueProcessId;
CloseHandle (hProcess);
return dwParentPID;
}
int _tmain(int argc, _TCHAR* argv[])
{
NtQueryInformationProcess = (PNTQUERYINFORMATIONPROCESS)GetProcAddress(GetModuleHandle("ntdll"),"NtQueryInformationProcess");
if (!NtQueryInformationProcess)
return -1;
int nID = GetCurrentProcessId();
int nTemp = 0;
PRINT_LINE;
nTemp = GetParentProcessID(nID);
if(nTemp == -1)
{
printf(" 获取失败!\n");
return -1;
}
printf("进程:%lu ---->>>>>父进程PID为:%lu\n",nID,nTemp);
while (true)
{
nID = GetParentProcessID(nTemp);
if(nID == -1)
break;
printf("进程:%lu ---->>>>>父进程PID为:%lu\n",nTemp,nID);
nTemp = nID;
}
PRINT_LINE;
getchar();
return 0;
}
//
#include "stdafx.h"
#include <windows.h>
#include <stdio.h>
typedef enum enumSYSTEM_INFORMATION_CLASS
{
SystemBasicInformation,
SystemProcessorInformation,
SystemPerformanceInformation,
SystemTimeOfDayInformation,
}SYSTEM_INFORMATION_CLASS;
typedef struct tagPROCESS_BASIC_INFORMATION
{
DWORD ExitStatus;
DWORD PebBaseAddress;
DWORD AffinityMask;
DWORD BasePriority;
ULONG UniqueProcessId;
ULONG InheritedFromUniqueProcessId;
}PROCESS_BASIC_INFORMATION;
typedef LONG (WINAPI *PNTQUERYINFORMATIONPROCESS)(HANDLE,UINT,PVOID,ULONG,PULONG);
PNTQUERYINFORMATIONPROCESS NtQueryInformationProcess = NULL;
#define PRINT_LINE printf("---------------------------------------------\n")
int GetParentProcessID(DWORD dwId)
{
LONG status;
DWORD dwParentPID = 0;
HANDLE hProcess;
PROCESS_BASIC_INFORMATION pbi;
hProcess = OpenProcess(PROCESS_QUERY_INFORMATION,FALSE,dwId);
if(!hProcess)
return -1;
status = NtQueryInformationProcess(hProcess,SystemBasicInformation,(PVOID)&pbi,sizeof(PROCESS_BASIC_INFORMATION),NULL);
if(!status)
dwParentPID = pbi.InheritedFromUniqueProcessId;
CloseHandle (hProcess);
return dwParentPID;
}
int _tmain(int argc, _TCHAR* argv[])
{
NtQueryInformationProcess = (PNTQUERYINFORMATIONPROCESS)GetProcAddress(GetModuleHandle("ntdll"),"NtQueryInformationProcess");
if (!NtQueryInformationProcess)
return -1;
int nID = GetCurrentProcessId();
int nTemp = 0;
PRINT_LINE;
nTemp = GetParentProcessID(nID);
if(nTemp == -1)
{
printf(" 获取失败!\n");
return -1;
}
printf("进程:%lu ---->>>>>父进程PID为:%lu\n",nID,nTemp);
while (true)
{
nID = GetParentProcessID(nTemp);
if(nID == -1)
break;
printf("进程:%lu ---->>>>>父进程PID为:%lu\n",nTemp,nID);
nTemp = nID;
}
PRINT_LINE;
getchar();
return 0;
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- VC获取父进程PID
- MFC中获取进程名、PID及进程所在路径
- 通过PID获取进程路径
- VC下通过进程ID获取进程镜像文件路径的方法及其存在的缺陷
- bash shell获取进程的pid
- 编写一个任务管理器/进程获取/PID获取
- VC中枚举进程,及获取进程相关信息的资料整理
- VC++实现获取进程端口检测木马
- 例程之九_GUI_获取窗口的进程PID
- 通过PID获取进程相关信息,如cmdline
- GUI_获取窗口的进程PID
- VC获取其他进程ListCtrl内容
- VC控制台获取进程
- VB6 根据进程ID(PID)获取窗体句柄
- java 调用 cmd 中的 tasklist 来获取特定进程的PID
- 通过进程名获取进程PID
- 通过进程名获取进程PID
- VC 获取进程线程数
- 通过PID获取进程名
- linux下获取指定exe进程pid和详细信息的命令