// 03 获取线程上下文.cpp : 定义控制台应用程序的入口点。 // #include "stdafx.h" #include <windows.h> #include <TlHelp32.h> void ListThread(DWORD dwPid) { //创建一个快照 HANDLE hFindThread = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0); THREADENTRY32 te32 = { sizeof(THREADENTRY32) }; CONTEXT ct = {}; if (Thread32First(hFindThread, &te32) != 0) { do { //循环遍历线程,与进程ID做对比 if (te32.th32OwnerProcessID == dwPid) { HANDLE Thread = OpenThread(THREAD_ALL_ACCESS, FALSE, te32.th32ThreadID);//注意要打开的线程ID GetThreadContext(Thread, &ct); SuspendThread(Thread); //获取线程上下文,提升权限后,能获取 GetThreadContext(Thread, &ct); } } while (Thread32Next(hFindThread, &te32)); } } int _tmain(int argc, _TCHAR* argv[]) { ListThread(2116); return 0; }