-
-
[分享]VC遍历进程,从别人代码抠出来的
-
发表于:
2010-9-28 01:30
5954
-
F5的代码如下
signed int __cdecl sub_418650()
{
HANDLE v0; // edi@1
PROCESSENTRY32W pe; // [sp+8h] [bp-22Ch]@1
pe.dwSize = 556;
v0 = CreateToolhelp32Snapshot(2u, 0);
if ( v0 == (HANDLE)-1 )
return 0;
if ( !Process32FirstW(v0, &pe) )
{
LABEL_5:
CloseHandle(v0);
return 0;
}
while ( StrCmpIW(pe.szExeFile, L"QQ.exe") )
{
if ( !Process32NextW(v0, &pe) )
goto LABEL_5;
}
return 1;
}
[课程]Linux pwn 探索篇!