forked from vic4key/Vutils
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathSample.Process.h
More file actions
61 lines (51 loc) · 2 KB
/
Sample.Process.h
File metadata and controls
61 lines (51 loc) · 2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
#pragma once
#include "Sample.h"
DEF_SAMPLE(Process)
{
#ifdef _WIN64
#define PROCESS_NAME _T("x64dbg.exe")
#else // _WIN32
#define PROCESS_NAME _T("x32dbg.exe")
#endif // _WIN64
auto PIDs = vu::NameToPID(PROCESS_NAME);
assert(!PIDs.empty());
vu::CProcess process;
process.Attach(PIDs.back());
assert(process.Ready());
auto cpu = process.GetCPUInformation();
auto mem = process.GetMemoryInformation();
auto time = process.GetTimeInformation();
auto io = process.GetIOInformation();
std::tcout << _T("CPU : ") << cpu.Usage << std::endl;
std::tcout << _T("WS : ") << vu::FormatBytes(mem.WorkingSetSize) << std::endl;
for (const auto& thread : process.GetThreads())
{
static int idx = 0;
std::tcout << ++idx << ". TID = " << thread.th32ThreadID << std::endl;
std::tcout << _T("\tPID = ") << thread.th32OwnerProcessID << std::endl;
std::tcout << _T("\tUsage = ") << thread.cntUsage << std::endl;
std::tcout << _T("\tBase Priority = ") << thread.tpBasePri << std::endl;
std::tcout << _T("\tDelta Priority = ") << thread.tpDeltaPri << std::endl;
std::tcout << std::endl;
}
for (const auto& module : process.GetModules())
{
static int idx = 0;
std::cout << ++idx << ". MID = " << LPVOID(module.hModule) << std::endl;
std::cout << "\tBase Address = " << LPVOID(module.modBaseAddr) << std::endl;
std::cout << "\tBase Size = " << vu::FormatBytesA(module.modBaseSize) << std::endl;
std::cout << "\tModule = " << module.szModule << std::endl;
std::cout << std::endl;
}
for (const auto& e : process.GetMemories())
{
static int i = 0;
std::cout << std::dec << ++i << ". ";
std::cout << std::hex << e.BaseAddress << " - " << vu::FormatBytesA(e.RegionSize) << std::endl;
std::cout << std::hex << "\tProtect = " << e.Protect << std::endl;
std::cout << std::hex << "\tState = " << e.State << std::endl;
std::cout << std::hex << "\tType = " << e.Type << std::endl;
std::cout << std::endl;
}
return vu::VU_OK;
}