获取线程上下文

// 03 获取线程上下文.cpp : 定义控制台应用程序的入口点。
//

#include "stdafx.h"

#include <windows.h>
#include <TlHelp32.h>

void ListThread(DWORD  dwPid)
{
    //创建一个快照
    HANDLE hFindThread =
        CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
    THREADENTRY32   te32 = { sizeof(THREADENTRY32) };
    CONTEXT  ct = {};
    if (Thread32First(hFindThread, &te32) != 0)
    {
        do
        {
            //循环遍历线程，与进程ID做对比

            if (te32.th32OwnerProcessID == dwPid)
            {
                HANDLE Thread =
                    OpenThread(THREAD_ALL_ACCESS,
                    FALSE, te32.th32ThreadID);//注意要打开的线程ID

                GetThreadContext(Thread, &ct);
                SuspendThread(Thread);
                //获取线程上下文，提升权限后，能获取
                GetThreadContext(Thread, &ct);
            }
        } while (Thread32Next(hFindThread, &te32));
    }
}




int _tmain(int argc, _TCHAR* argv[])
{
    ListThread(2116);
    return 0;
}