堆栈内存溢出
  简体   繁体   English

OpenProcess 与 CreateProcess

[英]OpenProcess vs CreateProcess

 原文  2015-06-26 12:06:49       c++/ winapi

问题描述

Can someone please explain to me what is the differance between:有人可以向我解释一下:
OpenProcess and CreatProcess. OpenProcess 和 CreatProcess。

(I am trying to inject a DLL into a program and I dont know which one to use.) (我正在尝试将一个 DLL 注入程序,但我不知道该使用哪个。)

2 个解决方案

解决方案1
 5 已采纳  2015-06-26 12:09:41

  • OpenProcess is passed a process ID for an existing process, and returns a process handle for that process. OpenProcess被传递一个现有进程的进程 ID,并返回该进程的进程句柄。
  • CreateProcess creates a brand new process, returning a handle to that new process (amongst other things). CreateProcess创建一个全新的进程,返回该新进程的句柄(除其他外)。

If you want to inject into a process that is already running, then you will need OpenProcess .如果你想注入一个已经在运行的进程,那么你将需要OpenProcess

解决方案2
 0  2020-07-10 08:38:59

In relation to injecting a .dll into another process,there are a couple of major benefits and differences between OpenProcess and CreateProcess.关于将 .dll 注入另一个进程,OpenProcess 和 CreateProcess 之间有几个主要的好处和区别。

The first is timing.首先是时机。 You can inject the dll before the target process has had a chance to perform any of their own code by creating the process in a suspended state (dwCreationFlags with CREATE_SUSPENDED(0x00000004) set).您可以在目标进程有机会执行任何自己的代码之前注入 dll,方法是创建处于挂起状态的进程(dwCreationFlags 设置了 CREATE_SUSPENDED(0x00000004))。 Don't forget to resume the process once you are ready for it to execute.一旦您准备好执行该过程,请不要忘记恢复该过程。

The second is privilege.二是特权。 The process handle returned by CreateProcess automatically has PROCESS_ALL_ACCESS without the need to set SeDebugPrivilege first. CreateProcess 返回的进程句柄自动具有 PROCESS_ALL_ACCESS,无需先设置 SeDebugPrivilege。 OpenProcess does require your program to gain this privilege before it is allowed to use the PROCESS_ALL_ACCESS flag. OpenProcess 确实要求您的程序在允许使用 PROCESS_ALL_ACCESS 标志之前获得此权限。

Some other minor things to remember: CreateProcess cannot be called on a running process, but you can always call OpenProcess after CreateProcess if you needed to for whatever reason.其他一些需要记住的小事情: CreateProcess 不能在正在运行的进程上调用,但是如果出于任何原因需要,您始终可以在 CreateProcess 之后调用 OpenProcess。

CreateProcess requires you to CloseHandle both the process and thread handles returned in PROCESS_INFORMATION, where OpenProcess only requires you to CloseHandle on it's return value (No thread handle gets opened). CreateProcess 要求您关闭处理在 PROCESS_INFORMATION 中返回的进程和线程句柄,其中 OpenProcess 只需要您关闭它的返回值(没有线程句柄被打开)。

If you need to change the Environment for whatever reason(unlikely), you'll have to use CreateProcess.如果出于某种原因(不太可能)需要更改环境,则必须使用 CreateProcess。

Further reading can be found: CreateProcess OpenProcess process-security-and-access-rights可以找到进一步阅读: CreateProcess OpenProcess process-security-and-access-rights

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 CreateProcess-lpApplicationName与lpCommandLine - CreateProcess - lpApplicationName vs lpCommandLine CreateProcess 与 CreateFile EXE - CreateProcess vs. CreateFile EXE 我可以在VS中的CreateProcess上添加断点 - Can I add breakpoint on CreateProcess in VS OpenProcess的内核模式版本 - kernel mode version of OpenProcess OpenProcess 失败(SeDebugPrivilege?) - OpenProcess Failure (SeDebugPrivilege?) 具有两个 dwDesiredAccess 的 OpenProcess function - OpenProcess function with two dwDesiredAccess OpenProcess句柄对ReadProcessMemory无效 - OpenProcess handle invalid for ReadProcessMemory OpenProcess()成功,但EnumProcessModules()失败 - OpenProcess() succeeds, but EnumProcessModules() fails WinApi OpenProcess错误87 - WinApi OpenProcess error 87 某些用户拒绝进行OpenProcess Access - OpenProcess Access is denied for some users
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM