是否有可能劫持标准输出 [英] Is it possible to hijack standard out
问题描述
我正在尝试使用 C# 重定向 Windows XP 上已运行进程的标准输出.我知道如果我自己生成进程,我可以做到这一点,但对于这个应用程序,我更喜欢一个侦听器",我可以附加到另一个进程.
I am trying to redirect the stdout of an already running process on Windows XP using C#. I am aware that I can do this if I spawn the process myself, but for this application I would prefer a "listener" i could just attach to another process.
这在纯 .Net 中是否可行,如果不可以,在 Win32 中是否可行?
Is this possible in pure .Net and if not is it even possible with Win32?
谢谢
更新:我试图监控多个进程,它们都由看门人"进程启动,如果这些进程崩溃,这些进程将重新启动.这让我很难预先进行任何重定向.
UPDATE: There are multiple processes I am trying to monitor that are all started by a "gate keeper" process that will restart these processes if they crash. This makes it difficult for me to do any redirecting up front.
推荐答案
使用 Detours 库.您将查看对 WriteFile 的所有调用,并检查它们是否会进入标准输出.您可能还想查看控制台输出函数(例如 WriteConsoleOutput),但它们很少使用,以至于您可能不需要为使用大多数程序而烦恼.
It would be fairly easy to do this in Win32 using the Detours Library. You'd look at all calls to WriteFile, and check whether they were going to standard output. You might also want to look at the console output functions (e.g. WriteConsoleOutput) but they're used rarely enough that you probably don't need to bother for use with most programs.
随便我不记得 detours 是否直接支持使用 .NET 语言.如果没有,我想你仍然可以通过 P/Invoke 使用它,但我认为它根本不漂亮......
Offhand I don't remember whether detours directly supports use from .NET languages or not. If it doesn't, I suppose you could still use it via P/Invoke, but I don't think it would be pretty at all...
周围有各种类似(免费)的库.例如,Jeffrey Richter 的书Advanced Windows 曾经包含一个应该为此目的工作的书.快速浏览一下,他当前的Windows via C/C++ 仍然包含有关DLL 注入和 API 挂钩"的部分.这可能包括(和更新版本)相同的代码,这对于此类工作应该足够了.
There are various similar (free) libraries around. For one example, Jeffrey Richter's book Advanced Windows used to include one that should work for this purpose. A quick look indicates that his current Windows via C/C++ still includes a section on "DLL injection and API hooking." That probably includes (and updated version of) the same code, which should be adequate for this kind of job.
这篇关于是否有可能劫持标准输出的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
