32位的程序无法读取64位的模块
读模块之前先枚举一下
下附代码
cpp
#include <windows.h>
#include <iostream>
#include <string>
#include <Psapi.h>
using namespace std;
// 获取指定进程的名称
wstring GetProcessName(DWORD processID) {
wstring processName;
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, processID);
if (hProcess != NULL) {
HMODULE hModules[1024];
DWORD cbNeeded;
if (EnumProcessModules(hProcess, hModules, sizeof(hModules), &cbNeeded)) {
TCHAR szProcessName[MAX_PATH];
if (GetModuleBaseName(hProcess, hModules[0], szProcessName, sizeof(szProcessName))) {
processName = szProcessName;
}
else {
DWORD error = GetLastError();
cerr << "GetModuleBaseName failed with error: " << error << endl;
}
}
else {
DWORD error = GetLastError();
cerr << "EnumProcessModules failed with error: " << error << endl;
}
CloseHandle(hProcess);
}
else {
DWORD error = GetLastError();
cerr << "OpenProcess failed with error: " << error << endl;
}
return processName;
}
int main() {
DWORD aProcesses[1024], cbNeeded, cProcesses;
if (!EnumProcesses(aProcesses, sizeof(aProcesses), &cbNeeded)) {
cerr << "EnumProcesses failed." << endl;
return 0;
}
// 计算获取到的进程数
cProcesses = cbNeeded / sizeof(DWORD);
// 枚举进程数组并输出名称
for (DWORD i = 0; i < cProcesses; ++i) {
if (aProcesses[i] != 0) {
wstring processName = GetProcessName(aProcesses[i]);
if (!processName.empty()) {
printf("PID: %-10d Module Name: %ls\n", aProcesses[i], processName.c_str());
}
}
}
return 0;
}