如何在Delphi中自动附加进程 [英] how to auto attach a process in Delphi

问题描述

Hi
i这里的代码在LUA脚本中

Hi i have this code here in LUA Script

function myattach(timer)
  if getProcessIDFromProcessName("Tutorial-i386.exe") ~= nil then
    object_destroy(timer)
    openProcess("Tutorial-i386.exe")
  end
end

f=createForm(false) --create an invisible window
t=createTimer(f);
timer_setInterval(t,100) --10 might have been too fast for xp...
timer_onTimer(t,myattach)

所以我怎么能用delphi语言这样做...所以我可以附上只需点击一下即可处理

并附上拥有最大ram的进程...对不起我的坏英语

谢谢你

so how can i do this in delphi language ... so i can attach to process with one click
and attach the process who has the biggest ram that takes ... sorry for my bad english
thank you

推荐答案

uses Windows, PsAPI, SysUtils;

const
  SE_SECURITY_NAME                     = 'SeSecurityPrivilege';
  PROC_THREAD_ATTRIBUTE_PARENT_PROCESS =

00020000;
EXTENDED_STARTUPINFO_PRESENT =

00020000; EXTENDED_STARTUPINFO_PRESENT =

00080000;

type
PPROC_THREAD_ATTRIBUTE_LIST = 指针;

STARTUPINFOEX =打包记录
StartupInfo：TStartupInfo;
lpAttributeList：PPROC_THREAD_ATTRIBUTE_LIST;
end ;

{ WinVista API}

function InitializeProcThreadAttributeList（lpAttributeList：PPROC_THREAD_ATTRIBUTE_LIST; dwAttributeCount，dwFlags：DWORD; var lpSize：Cardinal）：布尔; STDCALL;
external ' kernel32.dll';

过程UpdateProcThreadAttribute（lpAttributeList：PPROC_THREAD_ATTRIBUTE_LIST; dwFlags，属性：DWORD; var pValue：DWORD; cbSize：红衣主教; pPreviousValue：指针;
pReturnSize：PCardinal）; STDCALL; external ' kernel32.dll';

程序DeleteProcThreadAttributeList（lpAttributeList：PPROC_THREAD_ATTRIBUTE_LIST）; STDCALL; external ' Kernel32.dll';


function EnableDebugPrivilege（PrivName： string ; CanDebug：Boolean ）：布尔;
var
TP：Windows.TOKEN_PRIVILEGES;
Dummy：红衣主教;
hToken：THandle;
开始
OpenProcessToken（GetCurrentProcess，TOKEN_ADJUST_PRIVILEGES，hToken）;
TP.PrivilegeCount：= 1 ;
LookupPrivilegeValue（nil，pchar（PrivName），TP.Privileges [ 0 ]。Luid）;
如果 CanDebug 那么
TP.Privileges [ 0 ]。属性：= SE_PRIVILEGE_ENABLED
else
TP.Privileges [ 0 ]。属性：= 0 ;
结果：= AdjustTokenPrivileges（hToken，False，TP，SizeOf（TP）， nil ，假）;
hToken：= 0 ;
end ;

function GetProcessIDFromProcessName（const ProcessName：WideString）：DWORD;
var
hProcesss： array [ 0 .. 100 ]的DWORD;
I，J，Count：红衣主教;
pList：DWORD的 array ;
hProcess：红衣主教;
PathFileName： array [ 0 .. 255 char ; ;
开始
结果：= 0 ;
EnumProcesses（@hProcesss，SizeOf（hProcesss），Count）;
SetLength（pList，Count div SizeOf（DWORD））;
Move（hProcesss，pList [ 0 ]，Count）;

for I：= low（pList） to High（pList）< span class =code-keyword> do
begin
if （pList [I] = 0）或（pList [I] = 4）然后
begin
结果：= 0 ;
继续;
end ;
hProcess：= OpenProcess（PROCESS_QUERY_INFORMATION或PROCESS_VM_READ，False，pList [I]）;
GetModuleFileNameEx（hProcess， 0 ，PathFileName，255）;
CloseHandle（hProcess）;
J：= Pos（LowerCase（ProcessName），LowerCase（PathFileName））;
如果 J< = 0 则
继续;
结果：= pList [I];
退出;
end ;
end ;

过程CreateProcessOnParentProcess（ExeName：string）;
var
pi：TProcessInformation;
si：STARTUPINFOEX;
cbAListSize：红衣主教;
pAList：PPROC_THREAD_ATTRIBUTE_LIST;
hParent：红衣主教;
开始

EnableDebugPrivilege（SE_SECURITY_NAME，True）;


FillChar（si，SizeOf（si），0）;
si.StartupInfo.cb：= SizeOf（si）;
si.StartupInfo.dwFlags：= STARTF_USESHOWWINDOW;
si.StartupInfo.wShowWindow：= SW_SHOWDEFAULT;
FillChar（pi，SizeOf（pi），0）;

cbAListSize：= 0 ;
InitializeProcThreadAttributeList（nil， 1 ， 0 ，cbAListSize）;
pAList：= HeapAlloc（GetProcessHeap（）， 0 ，cbAListSize）;
InitializeProcThreadAttributeList（pAList， 1 ， 0 ，cbAListSize）;
hParent：= OpenProcess（PROCESS_ALL_ACCESS，False，GetProcessIDFromProcessName（' explorer.exe'）） ;
UpdateProcThreadAttribute（pAList， 0 ，PROC_THREAD_ATTRIBUTE_PARENT_PROCESS，hParent， 4 ， nil ，nil）;
si.lpAttributeList：= pAList;


如果 CreateProcess（PWideChar（ExeName）， nil ， nil ， nil ，False，EXTENDED_STARTUPINFO_PRESENT， nil ， nil ，si.StartupInfo，pi）然后
开始
CloseHandle（pi.hProcess）;
CloseHandle（pi.hThread）;
end ;

DeleteProcThreadAttributeList（pAList）;
HeapFree（GetProcessHeap（）， 0 ，pAList）;
结束;

00080000; type PPROC_THREAD_ATTRIBUTE_LIST = Pointer; STARTUPINFOEX = packed record StartupInfo: TStartupInfo; lpAttributeList: PPROC_THREAD_ATTRIBUTE_LIST; end; { WinVista API } function InitializeProcThreadAttributeList(lpAttributeList: PPROC_THREAD_ATTRIBUTE_LIST; dwAttributeCount, dwFlags: DWORD; var lpSize: Cardinal): Boolean; stdcall; external 'kernel32.dll'; procedure UpdateProcThreadAttribute(lpAttributeList: PPROC_THREAD_ATTRIBUTE_LIST; dwFlags, Attribute: DWORD; var pValue: DWORD; cbSize: Cardinal; pPreviousValue: Pointer; pReturnSize: PCardinal); stdcall; external 'kernel32.dll'; procedure DeleteProcThreadAttributeList(lpAttributeList: PPROC_THREAD_ATTRIBUTE_LIST); stdcall; external 'Kernel32.dll'; function EnableDebugPrivilege(PrivName: string; CanDebug: Boolean): Boolean; var TP : Windows.TOKEN_PRIVILEGES; Dummy : Cardinal; hToken: THandle; begin OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES, hToken); TP.PrivilegeCount := 1; LookupPrivilegeValue(nil, pchar(PrivName), TP.Privileges[0].Luid); if CanDebug then TP.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED else TP.Privileges[0].Attributes := 0; Result := AdjustTokenPrivileges(hToken, False, TP, SizeOf(TP), nil, Dummy); hToken := 0; end; function GetProcessIDFromProcessName(const ProcessName: WideString): DWORD; var hProcesss : array [0 .. 100] of DWORD; I, J, Count : Cardinal; pList : array of DWORD; hProcess : Cardinal; PathFileName: array [0 .. 255] of char; begin Result := 0; EnumProcesses(@hProcesss, SizeOf(hProcesss), Count); SetLength(pList, Count div SizeOf(DWORD)); Move(hProcesss, pList[0], Count); for I := low(pList) to High(pList) do begin if (pList[I] = 0) or (pList[I] = 4) then begin Result := 0; Continue; end; hProcess := OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, False, pList[I]); GetModuleFileNameEx(hProcess, 0, PathFileName, 255); CloseHandle(hProcess); J := Pos(LowerCase(ProcessName), LowerCase(PathFileName)); if J <= 0 then Continue; Result := pList[I]; Exit; end; end; procedure CreateProcessOnParentProcess(ExeName: string); var pi : TProcessInformation; si : STARTUPINFOEX; cbAListSize: Cardinal; pAList : PPROC_THREAD_ATTRIBUTE_LIST; hParent : Cardinal; begin EnableDebugPrivilege(SE_SECURITY_NAME, True); FillChar(si, SizeOf(si), 0); si.StartupInfo.cb := SizeOf(si); si.StartupInfo.dwFlags := STARTF_USESHOWWINDOW; si.StartupInfo.wShowWindow := SW_SHOWDEFAULT; FillChar(pi, SizeOf(pi), 0); cbAListSize := 0; InitializeProcThreadAttributeList(nil, 1, 0, cbAListSize); pAList := HeapAlloc(GetProcessHeap(), 0, cbAListSize); InitializeProcThreadAttributeList(pAList, 1, 0, cbAListSize); hParent := OpenProcess(PROCESS_ALL_ACCESS, False, GetProcessIDFromProcessName('explorer.exe')); UpdateProcThreadAttribute(pAList, 0, PROC_THREAD_ATTRIBUTE_PARENT_PROCESS, hParent, 4, nil, nil); si.lpAttributeList := pAList; if CreateProcess(PWideChar(ExeName), nil, nil, nil, False, EXTENDED_STARTUPINFO_PRESENT, nil, nil, si.StartupInfo, pi) then begin CloseHandle(pi.hProcess); CloseHandle(pi.hThread); end; DeleteProcThreadAttributeList(pAList); HeapFree(GetProcessHeap(), 0, pAList); end;

这篇关于如何在Delphi中自动附加进程的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！