Tema: Saber si la aplicación fue ejecutada desde Delphi
Ver Mensaje Individual
  #6  
Antiguo 01-11-2008
Avatar de cHackAll
[cHackAll] cHackAll is offline
Baneado?
  
Registrado: oct 2006
Posts: 2.159
Reputación: 20
cHackAll Va por buen camino
Cita:
Empezado por aeff Ver Mensaje
a ver si capté algo, me sugieres que la cosa puede venir por "CreateToolhelp32Snapshot"??
 
Código Delphi [-]
uses TlHelp32;
 
//...
 
function GetParentPID(dwProcessId: Cardinal): Cardinal;
var
 ProcessEntry32: TProcessEntry32;
 hSnapshot: Cardinal;
begin
 Result := 0;
 hSnapshot := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
 if hSnapshot <> INVALID_HANDLE_VALUE then
  begin
   if Process32First(hSnapshot, ProcessEntry32) then
    repeat
     if ProcessEntry32.th32ProcessID = dwProcessId then
      begin
       Result := ProcessEntry32.th32ParentProcessID;
       Break;
      end;
    until not Process32Next(hSnapshot, ProcessEntry32);
   CloseHandle(hSnapshot);
  end;
end;

Aunque ahora que lo pienso un poco mejor:

Código Delphi [-]
//...
 
function NtQueryInformationProcess(ProcessHandle, ProcessInformationClass: Cardinal; ProcessInformation: Pointer; ProcessInformationLength: Cardinal; ReturnLength: PCardinal): Cardinal; stdcall external 'ntdll';
 
function GetParentPID(dwProcessId: Cardinal): Cardinal;
var
 hProcess: Cardinal;
 ProcessBasicInformation: record
  ExitStatus, PebBaseAddress, AffinityMask, BasePriority, UniqueProcessId, InheritedFromUniqueProcessId: Cardinal;
 end;
begin
 Result := 0;
 hProcess := OpenProcess(PROCESS_QUERY_INFORMATION, False, dwProcessId);
 if hProcess <> 0 then
  begin
   if NtQueryInformationProcess(hProcess, 0, @ProcessBasicInformation, SizeOf(ProcessBasicInformation), nil) = 0 then
    Result := ProcessBasicInformation.InheritedFromUniqueProcessId;
   CloseHandle(hProcess);
  end;
end;

Para luego:

Código Delphi [-]
function GetProcessImageFileNameA(hProcess: Cardinal; lpImageFileName: PChar; nSize: Cardinal): Cardinal; stdcall external 'psapi';
 
procedure TForm1.Button1Click(Sender: TObject);
var
 dwProcessId, hProcess: Cardinal;
 FileName: array [1..MAX_PATH] of Char;
begin
 dwProcessId := GetParentPID(666);
 if dwProcessId <> 0 then
  begin
   hProcess := OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_TERMINATE, False, dwProcessId);
   if hProcess <> 0 then
    begin
     GetProcessImageFileNameA(hProcess, @FileName, SizeOf(FileName));
     if LowerCase(ExtractFileName(PChar(@FileName))) = 'delphi32.exe' then
      TerminateProcess(hProcess, 0); // por ejemplo
     CloseHandle(hProcess);
    end;
  end;
end;

end.

Saludos
__________________
RTFM > STFW > Foro > Truco > Post > cHackAll > KeBugCheckEx
Responder Con Cita