| // silent.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
int main(int argc, char* argv[])
{
STARTUPINFO si;
PROCESS_INFORMATION pi;
char temp[100];
ZeroMemory(temp,100);
ZeroMemory( &si, sizeof(si) );
si.cb = sizeof(si);
ZeroMemory( &pi, sizeof(pi) );
if (argc<2)
return 1;
for ( int i=1;i);
strcat(temp," ");
}
printf("argv is %s\n",temp);
CreateProcess(NULL,temp,NULL,NULL,FALSE,0,NULL,NULL,&si,&pi);
DWORD x=GetLastError();
DEBUG_EVENT DebugEv; // debugging event information
DWORD dwContinueStatus = DBG_CONTINUE; // exception continuation
// WaitForSingleObject(pi.hProcess,INFINITE);
Sleep(5000);
DebugActiveProcess(pi.dwProcessId);
#if 1
for(;;)
{
// Wait for a debugging event to occur. The second parameter indicates
// that the function does not return until a debugging event occurs.
WaitForDebugEvent(&DebugEv, INFINITE);
dwContinueStatus = DBG_CONTINUE;
// Process the debugging event code.
switch (DebugEv.dwDebugEventCode)
{
case EXCEPTION_DEBUG_EVENT:
// Process the exception code. When handling
// exceptions, remember to set the continuation
// status parameter (dwContinueStatus). This value
// is used by the ContinueDebugEvent function.
switch (DebugEv.u.Exception.ExceptionRecord.ExceptionCode)
{
case EXCEPTION_ACCESS_VIOLATION:
// First chance: Pass this on to the system.
// Last chance: Display an appropriate error.
// printf("%d 0x%x Access Violation!\n",DebugEv.u.Exception.ExceptionRecord.ExceptionInformation[0],DebugEv.u.Exception.ExceptionRecord.ExceptionInformation[1]);
//这里行为????????
dwContinueStatus=DBG_EXCEPTION_NOT_HANDLED;
if(DebugEv.u.Exception.dwFirstChance==0 )
{
printf("%d 0x%x Access Violation!\n",DebugEv.u.Exception.ExceptionRecord.ExceptionInformation[0],DebugEv.u.Exception.ExceptionRecord.ExceptionInformation[1]);
exit(0);
}
break;
case EXCEPTION_BREAKPOINT:
// First chance: Display the current
// instruction and register values.
break;
case EXCEPTION_DATATYPE_MISALIGNMENT:
// First chance: Pass this on to the system.
// Last chance: Display an appropriate error.
break;
case EXCEPTION_SINGLE_STEP:
// First chance: Update the display of the
// current instruction and register values.
break;
case DBG_CONTROL_C:
// First chance: Pass this on to the system.
// Last chance: Display an appropriate error.
break;
default:
// Handle other exceptions.
break;
}
case CREATE_THREAD_DEBUG_EVENT:
// As needed, examine or change the thread';s registers
// with the GetThreadContext and SetThreadContext functions;
// and suspend and resume thread execution with the
// SuspendThread and ResumeThread functions.
break;
case CREATE_PROCESS_DEBUG_EVENT:
// As needed, examine or change the registers of the
// process';s initial thread with the GetThreadContext and
// SetThreadContext functions; read from and write to the
// process';s virtual memory with the ReadProcessMemory and
// WriteProcessMemory functions; and suspend and resume
// thread execution with the SuspendThread and ResumeThread
// functions. Be sure to close the handle to the process image
// file with CloseHandle.
break;
case EXIT_THREAD_DEBUG_EVENT:
// Display the thread';s exit code.
break;
case EXIT_PROCESS_DEBUG_EVENT:
// Display the process';s exit code.
exit(0);
break;
case LOAD_DLL_DEBUG_EVENT:
// Read the debugging information included in the newly
// loaded DLL. Be sure to close the handle to the loaded DLL
// with CloseHandle.
break;
case UNLOAD_DLL_DEBUG_EVENT:
// Display a message that the DLL has been unloaded.
break;
case OUTPUT_DEBUG_STRING_EVENT:
// Display the output debugging string.
break;
}
// Resume executing the thread that reported the debugging event.
ContinueDebugEvent(DebugEv.dwProcessId, DebugEv.dwThreadId, dwContinueStatus);
}
#endif
return 0;
}
|
