-
Notifications
You must be signed in to change notification settings - Fork 24
/
Sample.Process.h
67 lines (56 loc) · 2.15 KB
/
Sample.Process.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#pragma once
#include "Sample.h"
DEF_SAMPLE(Process)
{
#ifdef _WIN64
#define PROCESS_NAME ts("x64dbg.exe")
#else // _WIN32
#define PROCESS_NAME ts("x32dbg.exe")
#endif // _WIN64
auto pids = vu::name_to_pid(PROCESS_NAME);
if (pids.empty())
{
std::cout << "Not found the target process for Process Testing ..." << std::endl;
return vu::VU_OK;
}
auto pid = pids.back();
vu::Process process;
process.attach(pid);
assert(process.ready());
auto cpu = process.get_cpu_information();
auto mem = process.get_memory_information();
// auto time = process.get_time_information();
// auto io = process.get_io_information();
std::tcout << ts("CPU : ") << cpu.Usage << std::endl;
std::tcout << ts("WS : ") << vu::format_bytes(mem.WorkingSetSize) << std::endl;
for (const auto& thread : process.get_threads())
{
static int idx = 0;
std::tcout << ++idx << ". TID = " << thread.th32ThreadID << std::endl;
std::tcout << ts("\tPID = ") << thread.th32OwnerProcessID << std::endl;
std::tcout << ts("\tUsage = ") << thread.cntUsage << std::endl;
std::tcout << ts("\tBase Priority = ") << thread.tpBasePri << std::endl;
std::tcout << ts("\tDelta Priority = ") << thread.tpDeltaPri << std::endl;
std::tcout << std::endl;
}
for (const auto& module : process.get_modules())
{
static int idx = 0;
std::cout << ++idx << ". MID = " << LPVOID(module.hModule) << std::endl;
std::cout << "\tBase Address = " << LPVOID(module.modBaseAddr) << std::endl;
std::cout << "\tBase Size = " << vu::format_bytes_A(module.modBaseSize) << std::endl;
std::cout << "\tModule = " << module.szModule << std::endl;
std::cout << std::endl;
}
for (const auto& e : process.get_memories())
{
static int i = 0;
std::cout << std::dec << ++i << ". ";
std::cout << std::hex << e.BaseAddress << " - " << vu::format_bytes_A(e.RegionSize) << std::endl;
std::cout << std::hex << "\tProtect = " << e.Protect << std::endl;
std::cout << std::hex << "\tState = " << e.State << std::endl;
std::cout << std::hex << "\tType = " << e.Type << std::endl;
std::cout << std::endl;
}
return vu::VU_OK;
}