-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdemo4.py
More file actions
61 lines (51 loc) · 2.01 KB
/
demo4.py
File metadata and controls
61 lines (51 loc) · 2.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
import ctypes
import sys
TH32CS_SNAPPROCESS = 0x00000002
class PROCESSENTRY32(ctypes.Structure):
_fields_ = [("dwSize", ctypes.c_ulong),
("cntUsage", ctypes.c_ulong),
("th32ProcessID", ctypes.c_ulong),
("th32DefaultHeapID", ctypes.c_ulong),
("th32ModuleID", ctypes.c_ulong),
("cntThreads", ctypes.c_ulong),
("th32ParentProcessID", ctypes.c_ulong),
("pcPriClassBase", ctypes.c_ulong),
("dwFlags", ctypes.c_ulong),
("szExeFile", ctypes.c_char * 260)]
def getProcList():
CreateToolhelp32Snapshot = ctypes.windll.kernel32.CreateToolhelp32Snapshot
Process32First = ctypes.windll.kernel32.Process32First
Process32Next = ctypes.windll.kernel32.Process32Next
CloseHandle = ctypes.windll.kernel32.CloseHandle
hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)
pe32 = PROCESSENTRY32()
pe32.dwSize = ctypes.sizeof(PROCESSENTRY32)
if Process32First(hProcessSnap,ctypes.byref(pe32)) == False:
print >> sys.stderr, "Failed getting first process."
return
while True:
yield pe32
if Process32Next(hProcessSnap,ctypes.byref(pe32)) == False:
break
CloseHandle(hProcessSnap)
def getChildPid(pid):
procList = getProcList()
for proc in procList:
if proc.th32ParentProcessID == pid:
yield proc.th32ProcessID
def killPid(pid):
childList = getChildPid(pid)
for childPid in childList:
killPid(childPid)
handle = ctypes.windll.kernel32.OpenProcess(1, False, pid)
ctypes.windll.kernel32.TerminateProcess(handle,0)
if __name__ =='__main__':
args = sys.argv
if len(args) >1 :
pid = int(args[1])
killPid(pid)
else:
procList = getProcList()
for proc in procList:
print proc.szExeFile+' '+str(proc.th32ParentProcessID) + ' '+str(proc.th32ProcessID)
killPid(3200)