开发者

Need help interpreting string's characters using perl

开发者 https://www.devze.com 2023-02-02 11:04 出处:网络
What exactly is this output (which char开发者_StackOverflow社区acterset) and how do I convert it to something that makes sense?

What exactly is this output (which char开发者_StackOverflow社区acterset) and how do I convert it to something that makes sense?

Need help interpreting string's characters using perl

use Win32::API;

$EnumProcesses= new Win32::API( 'psapi', 'EnumProcesses','PNP');

$aBuffer = " " x 4096;
$bBuffer = " " x 4096;

$EnumProcesses->Call($aBuffer,4096,$bBuffer);
print $aBuffer,"\n",$bBuffer,"\n";


Have you read the EnumProcesses documentation and the example linked therein? It seems that you're not dealing with character data at all. EnumProcesses fills $abuffer with N 4-byte (or DWORD) records, one for each process. This 4-byte value is just a number, not 4 characters.

If you want to get more information about a particular process, you need to feed this 4-byte number (referred to in the Win API docs as a "process identifier") into a function such as OpenProcess or PrintProcessNameAndID.

Here's code which displays the results as 4-byte little-endian numbers:

use Modern::Perl; # strict, warnings, 5.10 features
use Win32::API;

my $EnumProcesses= new Win32::API( 'psapi', 'EnumProcesses','PNP');

my $process_ids_packed = " " x 4096;
my $num_processes_packed = " " x 4; # you don't need 4096 here.

$EnumProcesses->Call($process_ids_packed,4096,$num_processes_packed);

my ($num_processes) = unpack "V", $num_processes_packed;
my @process_ids = unpack "V$num_processes", $process_ids_packed;

for (@process_ids) {
    say;
}

And here's the results:

C:\Users\pgp\Documents\src\tmp>perl winapi.pl
0
4
252
392
464
472
520
536
544
596
692
748
780
788
912
964
412
456
908
1116
1212
1228
1460
1492
1520
1528
1576
1724
1740
1748
1988
2028
312
2288
2544
2592
2756
3004
3116
3216
3340
3048
2792
1320
2868
3760
2404
4196
2692
4084
1768
538976288
538976288
538976288
538976288
538976288
 [... lots more lines ...]
538976288
538976288
538976288
538976288
538976288
538976288


Here is the final result.

use strict;
use warnings;
use Win32::API; 

my $EnumProcesses = new Win32::API('psapi','EnumProcesses','PNP'); 
my $process_ids_packed = "\0" x 4096; 
my $num_processes_packed = "\0" x 4;  

$EnumProcesses->Call($process_ids_packed,4096,$num_processes_packed); 
my ($num_processes) = unpack "V", $num_processes_packed;

my $buffer = "\0" x $num_processes; #Allocate buffer of proper-size 
$EnumProcesses->Call($buffer,$num_processes,$num_processes_packed); 

print "Number of processes: ",$num_processes/4,"\n";

my @process_ids = unpack "V$num_processes", $buffer; 

for (@process_ids) { 
    print $_,"\n";
} 

Thanks all!

0

精彩评论

暂无评论...
验证码 换一张
取 消