请教ntquerysysteminformation的5号功能-付费问答-看雪-安全社区|安全招聘|kanxue.com

最新回复 (1)
crackhell 雪币： 100 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 118 粉丝 0 关注私信	crackhell 2 楼 typedef struct _VM_COUNTERS { ULONG PeakVirtualSize;//虚拟存储峰值大小； ULONG VirtualSize;//虚拟存储大小； ULONG PageFaultCount;///页故障数目； ULONG PeakWorkingSetSize;///工作集峰值大小； ULONG WorkingSetSize;///工作集大小； ULONG QuotaPeakPagedPoolUsage;//分页池使用配额峰值； ULONG QuotaPagedPoolUsage;//分页池使用配额； ULONG QuotaPeakNonPagedPoolUsag;//非分页池使用配额峰值； ULONG QuotaNonPagedPoolUsage;//非分页池使用配额； ULONG PagefileUsage;//页文件使用情况； ULONG PeakPagefileUsage;///页文件使用峰值； }VM_COUNTERS,PVM_COUNTERS; typedef struct _CLIENT_ID { PVOID UniqueProcess; PVOID UniqueThread; } CLIENT_ID, PCLIENT_ID; typedef struct _SYSTEM_THREADS{ LARGE_INTEGER KernelTime; LARGE_INTEGER UserTime; LARGE_INTEGER CreateTime; ULONG WaitTime; PVOID StartAddress; CLIENT_ID ClientId; ULONG Priority; LONG BasePriority; ULONG ContextSwitches; ULONG ThreadState; ULONG WaitReason; ULONG Reversed; } SYSTEM_THREAD_INFORMATION,PSYSTEM_THREADS; typedef struct _SYSTEM_PROCESSES { ULONG NextEntryDelta; ULONG ThreadCount; LARGE_INTEGER Reserved1[3]; LARGE_INTEGER CreateTime; LARGE_INTEGER UserTime; LARGE_INTEGER KernelTime; UNICODE_STRING ProcessName; ULONG BasePriority; ULONG ProcessId; ULONG InheritedFromProcessId; ULONG HandleCount; ULONG SessionId; ULONG_PTR PageDirectoryBase; VM_COUNTERS VmCounters; ULONG PrivatePageCount; IO_COUNTERS IoCounters; SYSTEM_THREAD_INFORMATION Threads[1]; } SYSTEM_PROCESSES, PSYSTEM_PROCESSES; 有这些信息应该够了吧 2012-10-19 16:44 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

最新回复 (1)

crackhell

雪币： 100

活跃值： (10)

能力值：

( LV2，RANK：10 )

在线值：

发帖

回帖

118

粉丝

关注

私信

crackhell: 2 楼

typedef struct _VM_COUNTERS
{
ULONG PeakVirtualSize;//虚拟存储峰值大小；
ULONG VirtualSize;//虚拟存储大小；
ULONG PageFaultCount;///页故障数目；
ULONG PeakWorkingSetSize;///工作集峰值大小；
ULONG WorkingSetSize;///工作集大小；
ULONG QuotaPeakPagedPoolUsage;//分页池使用配额峰值；
ULONG QuotaPagedPoolUsage;//分页池使用配额；
ULONG QuotaPeakNonPagedPoolUsag;//非分页池使用配额峰值；
ULONG QuotaNonPagedPoolUsage;//非分页池使用配额；
ULONG PagefileUsage;//页文件使用情况；
ULONG PeakPagefileUsage;///页文件使用峰值；
}VM_COUNTERS,*PVM_COUNTERS;

typedef struct _CLIENT_ID
{
PVOID UniqueProcess;
PVOID UniqueThread;
} CLIENT_ID, *PCLIENT_ID;

typedef struct _SYSTEM_THREADS{
LARGE_INTEGER KernelTime;
LARGE_INTEGER UserTime;
LARGE_INTEGER CreateTime;
ULONG WaitTime;
PVOID StartAddress;
CLIENT_ID ClientId;
ULONG Priority;
LONG BasePriority;
ULONG ContextSwitches;
ULONG ThreadState;
ULONG WaitReason;
ULONG Reversed;
} SYSTEM_THREAD_INFORMATION,*PSYSTEM_THREADS;

typedef struct _SYSTEM_PROCESSES {
ULONG NextEntryDelta;
ULONG ThreadCount;
LARGE_INTEGER Reserved1[3];
LARGE_INTEGER CreateTime;
LARGE_INTEGER UserTime;
LARGE_INTEGER KernelTime;
UNICODE_STRING ProcessName;
ULONG BasePriority;
ULONG ProcessId;
ULONG InheritedFromProcessId;
ULONG HandleCount;
ULONG SessionId;
ULONG_PTR PageDirectoryBase;
VM_COUNTERS VmCounters;
ULONG PrivatePageCount;
IO_COUNTERS IoCounters;
SYSTEM_THREAD_INFORMATION Threads[1];
} SYSTEM_PROCESSES, *PSYSTEM_PROCESSES;

有这些信息应该够了吧

2012-10-19 16:44

[旧帖] 请教ntquerysysteminformation的5号功能 0.00雪花