相关函数:
//获取当前活动窗口
HWND GetForegroundWindow(VOID);
//获取窗口名
int GetWindowText( HWND hWnd, // handle to window or control
LPTSTR lpString, // text buffer
int nMaxCount // maximum number of characters to copy);
//获取窗口的进程ID和主线程ID,线程ID作为返回值,进程ID作为传出参数
DWORD GetWindowThreadProcessId( HWND hWnd, // handle to window
LPDWORD lpdwProcessId // process identifier);
有了进程ID后我们就可以做很多的事情,比如OpenProocess,枚举进程的信息,最后与此进程相关的用户名,用户ID,SessionID,都会搜索出来。。。。。。,可以根据自己的喜好继续往下写
上面的几个函数都比较简单,不做过多的说明。接下来写一个小练习:
void main()
{
HWND hWindow = GetForegroundWindow();
wchar_t szCaption[MAX_PATH] = { 0 };
GetWindowText(hWindow, szCaption, MAX_PATH * sizeof(WCHAR));
wstring strCaption = szCaption;
DWORD dwProcessId;
GetWindowThreadProcessId(hWindow, &dwProcessId);
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, dwProcessId);
WCHAR szFileName[MAX_PATH] = { 0 };
//GetModuleFileNameEx(hProcess, NULL, szFileName, MAX_PATH);
wchar_t wszImageFileName[MAX_PATH] = { 0 };
GetProcessImageFileName(hProcess, wszImageFileName, MAX_PATH);
wstring strFilePath;
wstring strExeName;
if (szFileName)
strFilePath = wszImageFileName;
int nPos = strFilePath.find_last_of('\');
if (nPos > 0)
{
strExeName = strFilePath.substr(nPos + 1, strFilePath.length() - nPos - 1);
}
wprintf(L"processName:%ws ProcessId:%d, Caption:%ws
", strExeName.c_str(), dwProcessId, szCaption);
Sleep(1000 * 2);
}