只适用于XP的端口-进程关联程序
2008-04-09 04:00:10来源:互联网 阅读 ()
Author: Refdom (refdom@263.net)
HomePage: www.opengram.com
前段时间以及再前一段时间大家都在搞这个端口-进程关联。呵呵,我搞了这个来玩玩。
在WINXP中已经提供了进程和端口关联的,用netstat -noa就知道了。改进了嘛,这样的话,来写这个关联就太简单了,
所以只能是玩玩而已,为世界杯热热身。
用到几个未公开的API,然后模拟出netstat -noa命令。其实在2000里面也提供了这样 的
AllocateAndGetTcpTableFromStack,不过这个东西没有个进程关联,所以,XP就是pAllocateAndGetTcpExTableFromStack,
有了EX就是扩展了。
很简单,不多说了。
////////////////////////////////////////////////////////////////////////////////
//
// Port <-> Process (Netstat -noa)
//
// File : RFPortXP.cpp
// Comment : Only For XP
//
// Create at : 2002.5.31
// Create by : Refdom
// Email : refdom@263.net
// Home Page : www.opengram.com
//
// If you modify the code, or add more functions, please email me a copy.
//
////////////////////////////////////////////////////////////////////////////////
#include <stdio.h>
#include <windows.h>
#include <iprtrmib.h>
#include <tlhelp32.h>
#include <iphlpapi.h>
#pragma comment(lib, "ws2_32.lib")
// Maximum string lengths for ASCII ip address and port names
//
#define HOSTNAMELEN 256
#define PORTNAMELEN 256
#define ADDRESSLEN HOSTNAMELEN PORTNAMELEN
//
// Our option flags
//
#define FLAG_ALL_ENDPOINTS 1
#define FLAG_SHOW_NUMBERS 2
//
// Undocumented extended information structures available
// only on XP and higher
//
typedef struct tagMIB_TCPEXROW{
DWORD dwState; // state of the connection
DWORD dwLocalAddr; // address on local computer
DWORD dwLocalPort; // port number on local computer
DWORD dwRemoteAddr; // address on remote computer
DWORD dwRemotePort; // port number on remote computer
DWORD dwProcessId;
} MIB_TCPEXROW, *PMIB_TCPEXROW;
typedef struct tagMIB_TCPEXTABLE{
DWORD dwNumEntries;
MIB_TCPEXROW table[ANY_SIZE];
} MIB_TCPEXTABLE, *PMIB_TCPEXTABLE;
typedef struct tagMIB_UDPEXROW{
DWORD dwLocalAddr; // address on local computer
DWORD dwLocalPort; // port number on local computer
DWORD dwProcessId;
} MIB_UDPEXROW, *PMIB_UDPEXROW;
typedef struct tagMIB_UDPEXTABLE{
DWORD dwNumEntries;
MIB_UDPEXROW table[ANY_SIZE];
} MIB_UDPEXTABLE, *PMIB_UDPEXTABLE;
typedef DWORD (WINAPI *PALLOCATE_AND_GET_TCPEXTABLE_FROM_STACK)(
PMIB_TCPEXTABLE *pTcpTable, // buffer for the connection table
BOOL bOrder, // sort the table?
HANDLE heap,
DWORD zero,
DWORD flags
);
typedef DWORD (WINAPI *PALLOCATE_AND_GET_UDPEXTABLE_FROM_STACK)(
PMIB_UDPEXTABLE *pUdpTable, // buffer for the connection table
BOOL bOrder, // sort the table?
HANDLE heap,
DWORD zero,
DWORD flags
);
typedef HANDLE (WINAPI *PCREATE_TOOL_HELP32_SNAPSHOT)(
DWORD dwFlags,
DWORD th32ProcessID
);
typedef BOOL (WINAPI *PPROCESS32_FIRST)(
HANDLE hSnapshot,
LPPROCESSENTRY32 lppe
);
typedef BOOL (WINAPI *PPROCESS32_NEXT)(
HANDLE hSnapshot,
LPPROCESSENTRY32 lppe
);
static PALLOCATE_AND_GET_TCPEXTABLE_FROM_STACK pAllocateAndGetTcpExTableFromStack = NULL;
static PALLOCATE_AND_GET_UDPEXTABLE_FROM_STACK pAllocateAndGetUdpExTableFromStack = NULL;
static PCREATE_TOOL_HELP32_SNAPSHOT pCreateToolhelp32Snapshot = NULL;
static PPROCESS32_FIRST pProcess32First = NULL;
static PPROCESS32_NEXT pProcess32Next = NULL;
//
// Possible TCP endpoint states
//
static char TcpState[][32] = {
"???",
"CLOSED",
"LISTENING",
"SYN_SENT",
"SYN_RCVD",
"ESTABLISHED",
"FIN_WAIT1",
"FIN_WAIT2",
"CLOSE_WAIT",
"CLOSING",
"LAST_ACK",
"TIME_WAIT",
"DELETE_TCB"
};
///////////////////////////////////////////////////////////
PCHAR GetPort(unsigned int port, char* pPort)
{
sprintf(pPort, "%d", htons( (WORD) port));
return pPort;
}
PCHAR GetIp(unsigned int ipaddr, char* pIP)
{
unsigned int nipaddr;
nipaddr = htonl(ipaddr);
sprintf(pIP, "%d.%d.%d.%d",
(nipaddr >> 24) & 0xFF,
(nipaddr >> 16) & 0xFF,
(nipaddr >> 8) & 0xFF,
(nipaddr) & 0xFF);
return pIP;
}
PCHAR ProcessPidToName( HANDLE hProcessSnap,
DWORD ProcessId,
PCHAR ProcessName)
{
PROCESSENTRY32 processEntry;
strcpy( ProcessName, "???" );
if( !pProcess32First( hProcessSnap, &processEntry )) {
return ProcessName;
}
do {
if( processEntry.th32ProcessID == ProcessId )
{
strcpy( ProcessName, processEntry.szExeFile );
return ProcessName;
}
} while( pProcess32Next( hProcessSnap, &processEntry ));
标签:
版权申明:本站文章部分自网络,如有侵权,请联系:west999com@outlook.com
特别注意:本站所有转载文章言论不代表本站观点,本站所提供的摄影照片,插画,设计作品,如需使用,请与原作者联系,版权归原作者所有
IDC资讯: 主机资讯 注册资讯 托管资讯 vps资讯 网站建设
网站运营: 建站经验 策划盈利 搜索优化 网站推广 免费资源
网络编程: Asp.Net编程 Asp编程 Php编程 Xml编程 Access Mssql Mysql 其它
服务器技术: Web服务器 Ftp服务器 Mail服务器 Dns服务器 安全防护
软件技巧: 其它软件 Word Excel Powerpoint Ghost Vista QQ空间 QQ FlashGet 迅雷
网页制作: FrontPages Dreamweaver Javascript css photoshop fireworks Flash