Novi Sad (Dejan Mitrovic) wrote in message
news:[email protected]...Evo ti code koji moze da suspenduje proces po izbori. Moras ga malo izmeniti, and then off you go...
Code:
Code:
// pausep.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include "pausep.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#endif
using namespace std;
BOOL PauseResumeThreadList(DWORD dwOwnerPID, bool bResumeThread)
{
HANDLE hThreadSnap = NULL;
BOOL bRet = FALSE;
THREADENTRY32 te32 = {0};
// Take a snapshot of all threads currently in the system.
hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
if (hThreadSnap == INVALID_HANDLE_VALUE)
return (FALSE);
// Fill in the size of the structure before using it.
te32.dwSize = sizeof(THREADENTRY32);
// Walk the thread snapshot to find all threads of the process.
// If the thread belongs to the process, add its information
// to the display list.
if (Thread32First(hThreadSnap, te32))
{
do
{
if (te32.th32OwnerProcessID == dwOwnerPID)
{
HANDLE hThread = OpenThread(THREAD_SUSPEND_RESUME, FALSE, te32.th32ThreadID);
if (bResumeThread)
{
cout _T("Resuming Thread 0x") cout.setf( ios_base::hex ) te32.th32ThreadID quot;nquot;;
ResumeThread(hThread);
}
else
{
cout _T("Suspending Thread 0x") cout.setf( ios_base::hex ) te32.th32ThreadID quot;nquot;;
SuspendThread(hThread);
}
CloseHandle(hThread);
}
}
while (Thread32Next(hThreadSnap, te32));
bRet = TRUE;
}
else
bRet = FALSE; // could not walk the list of threads
// Do not forget to clean up the snapshot object.
CloseHandle (hThreadSnap);
return (bRet);
}
BOOL ProcessList()
{
HANDLE hProcessSnap = NULL;
BOOL bRet = FALSE;
PROCESSENTRY32 pe32 = {0};
// Take a snapshot of all processes in the system.
hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hProcessSnap == INVALID_HANDLE_VALUE)
return (FALSE);
// Fill in the size of the structure before using it.
pe32.dwSize = sizeof(PROCESSENTRY32);
// Walk the snapshot of the processes, and for each process,
// display information.
if (Process32First(hProcessSnap, pe32))
{
do
{
cout _T("PIDt") pe32.th32ProcessID quot;tquot; pe32.szExeFile quot;nquot;;
}
while (Process32Next(hProcessSnap, pe32));
bRet = TRUE;
}
else
bRet = FALSE; // could not walk the list of processes
// Do not forget to clean up the snapshot object.
CloseHandle (hProcessSnap);
return (bRet);
}
int _tmain(int argc, TCHAR* argv[], TCHAR* /* envp[] */)
{
if (argc = 1)
{
cerr _T("Usage: pausep PID /rn");
cerr _T("/r: resumes the execution of PIDn");
ProcessList();
return 1;
}
else
{
DWORD pid = _ttoi(argv[1]);
if (pid == 0)
{
cerr _T("Invalid PID number: ") pid quot;nquot;;
return 1;
}
else
PauseResumeThreadList(pid, (argc 2) (!_tcsicmp(argv[2], _T("/r"))));
}
return 0;
}
--
http://www.elitesecurity.org/poruka/725504