如何显示正在运行的进程的DLL的所有相关API? [英] How to show all the related API's of the DLL's of the running processes?
问题描述
我想创建一个类似于Api Monitoring的系统。我向用户显示了正在运行的进程的所有正在运行的进程,模块和线程。用户可以选择正在运行的进程,并启动该进程的监视,显示与运行模块相关的所有API的列表流程。现在,我仍然坚持我将如何显示正在运行的进程中使用的API列表。任何人都可以告诉我正确的方法。
任何相关网页的链接将不胜感激。提前致谢。
我的尝试:
我有完成后显示运行进程的Dll和线程。我想要的是显示运行进程中使用的DLL的API。
I want to create a system similar to Api Monitoring. I showed all the running processes, modules and threads of the running processes to the user.The user would be enable to select the running process and the monitoring of that process is started which shows the list of all the API's related to the modules of running processes. Now' i am stuck on a point that how i will show the list of API's that is being used in the running process. Can anybody tell me the right way to do this.
Any link to related web page will be appreciated. Thanks in advance.
What I have tried:
I have done showing the Dll's and threads of running processes.What i want is to show the API's of the DLL's used in the running processes.
推荐答案
参见所有文件结构 - Google搜索 [ ^ ]
你必须处理 IMAGE_IMPORT_DESCRIPTOR PE格式(Windows)的code> [ ^ ]。
请注意,这个(也可能是您检测使用过的DLL的实际代码)对于加载了后期绑定的DLL不起作用(使用 LoadLibrary()和 GetProcAddress())和静态链接的DLL。
You have to process theIMAGE_IMPORT_DESCRIPTORs of the PE Format (Windows)[^].
Note that this (and probably also your actual code detecting the used DLLs) will not work for DLLs loaded with late binding (usingLoadLibrary()andGetProcAddress()) and DLLs linked statically.
这篇关于如何显示正在运行的进程的DLL的所有相关API?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
