Win32 API 打开另一个进程

Win32 API 打开另一个进程，这是一些黑客编程技术中的一个步骤，当然也可以用来做好事；

首先要包含Tlhelp32.h；
在OpenProcessByProcessNmae函数中通过快照枚举进程，比较进程名获得进程id；
printf打开是否成功的信息；
如果打开成功了，进一步可以做些事情；

代码有2份，一份是cmd的，一份是窗口的；

出现 ' ' differs in levels of indirection from ' ' 错误，是因为 原因极有可能为函数或者变量的使用在定义之前；
出现 illegal use of this type as an expression 错误，新定义的变量要放到这个函数的第一行；

正确写法:
HANDLE OpenProcessByProcessNmae(const char *name)
{
    PROCESSENTRY32 pe32;
    DWORD id = 0;
......

如下；
HANDLE OpenProcessByProcessNmae(const char *name)
{
......
......
    PROCESSENTRY32 pe32;
    DWORD id = 0;
    pe32.dwSize = sizeof(PROCESSENTRY32);
......
......
将报，
    illegal use of this type as an expression

#include <Windows.h>
#include <Tlhelp32.h>

HANDLE OpenProcessByID(const DWORD id)
{
    return OpenProcess(PROCESS_ALL_ACCESS,FALSE,id);
}

HANDLE OpenProcessByProcessNmae(const char *name)
{
	PROCESSENTRY32 pe32;
	DWORD id = 0;

    HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); 
    if (hSnapshot == INVALID_HANDLE_VALUE)
    {
        CloseHandle(hSnapshot);
        return INVALID_HANDLE_VALUE;
    }
   
    pe32.dwSize = sizeof(PROCESSENTRY32);
    if ( !Process32First(hSnapshot,&pe32) )
    {
        CloseHandle(hSnapshot);
        return INVALID_HANDLE_VALUE;
    }

    while ( 1 )
    {
        pe32.dwSize = sizeof(PROCESSENTRY32);
        if (Process32Next(hSnapshot,&pe32) == FALSE)
            break;

        if ( strcmp(pe32.szExeFile,name)==0 )
        {
            return OpenProcessByID(pe32.th32ProcessID);
        }
    }

    CloseHandle(hSnapshot);

    return INVALID_HANDLE_VALUE;
}


int main(void)
{
    HANDLE hProcess = OpenProcessByProcessNmae("notepad.exe");
    
    if (hProcess == INVALID_HANDLE_VALUE)
    {
        printf("error open process %d\n",GetLastError());
        return 1;
    }
	else
	{
		printf("success open process %d\n",GetLastError());
	}    

    //HANDLE hThread = CreateRemoteThread(hProcess,NULL,0,(LPTHREAD_START_ROUTINE)RemoteExe,RemoteParam,0,NULL);
    //WaitForSingleObject(hThread,INFINITE);
	return 0;
}

/*------------------------------------------------------------
   by bobo , 2018-09-10
  ------------------------------------------------------------*/

#include <windows.h>
#include <Tlhelp32.h>

LRESULT CALLBACK WndProc (HWND, UINT, WPARAM, LPARAM) ;

HANDLE OpenProcessByID(const DWORD id)
{
    return OpenProcess(PROCESS_ALL_ACCESS,FALSE,id);
}

HANDLE OpenProcessByProcessNmae(const char *name)
{
	PROCESSENTRY32 pe32;
	DWORD id = 0;

    HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); 
    if (hSnapshot == INVALID_HANDLE_VALUE)
    {
        CloseHandle(hSnapshot);
        return INVALID_HANDLE_VALUE;
    }
   
    pe32.dwSize = sizeof(PROCESSENTRY32);
    if ( !Process32First(hSnapshot,&pe32) )
    {
        CloseHandle(hSnapshot);
        return INVALID_HANDLE_VALUE;
    }

    while ( 1 )
    {
        pe32.dwSize = sizeof(PROCESSENTRY32);
        if (Process32Next(hSnapshot,&pe32) == FALSE)
            break;

        if ( strcmp(pe32.szExeFile,name)==0 )
        {
            return OpenProcessByID(pe32.th32ProcessID);
        }
    }

    CloseHandle(hSnapshot);

    return INVALID_HANDLE_VALUE;
}

HANDLE hProcess;

int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, PSTR szCmdLine, int iCmdShow)
{
     static TCHAR szAppName[] = TEXT ("HelloWin") ;
     HWND         hwnd ;
     MSG          msg ;
     WNDCLASS     wndclass ;

     wndclass.style         = CS_HREDRAW | CS_VREDRAW ;
     wndclass.lpfnWndProc   = WndProc ;
     wndclass.cbClsExtra    = 0 ;
     wndclass.cbWndExtra    = 0 ;
     wndclass.hInstance     = hInstance ;
     wndclass.hIcon         = LoadIcon (NULL, IDI_APPLICATION) ;
     wndclass.hCursor       = LoadCursor (NULL, IDC_ARROW) ;
     wndclass.hbrBackground = (HBRUSH) GetStockObject (WHITE_BRUSH) ;
     wndclass.lpszMenuName  = NULL ;
     wndclass.lpszClassName = szAppName ;

     if (!RegisterClass (&wndclass))
     {
          MessageBox (NULL, TEXT ("This program requires Windows NT!"), 
                      szAppName, MB_ICONERROR) ;
          return 0 ;
     }
     
     hwnd = CreateWindow (szAppName,                  // window class name
                          TEXT ("The Hello Program"), // window caption
                          WS_OVERLAPPEDWINDOW,        // window style
                          CW_USEDEFAULT,              // initial x position
                          CW_USEDEFAULT,              // initial y position
                          300,              // initial x size
                          120,              // initial y size
                          NULL,                       // parent window handle
                          NULL,                       // window menu handle
                          hInstance,                  // program instance handle
                          NULL) ;                     // creation parameters
     
     ShowWindow (hwnd, iCmdShow) ;
     UpdateWindow (hwnd) ;
     
     while (GetMessage (&msg, NULL, 0, 0))
     {
          TranslateMessage (&msg) ;
          DispatchMessage (&msg) ;
     }
     return msg.wParam ;
}

LRESULT CALLBACK WndProc (HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam)
{
     HDC         hdc ;
     PAINTSTRUCT ps ;
     RECT        rect ;
     
     switch (message)
     {
     case WM_CREATE:
		  hProcess = OpenProcessByProcessNmae("notepadddd.exe");
          return 0 ;
          
     case WM_PAINT:
          hdc = BeginPaint (hwnd, &ps) ;          
          GetClientRect (hwnd, &rect) ;
          
		  if (hProcess == INVALID_HANDLE_VALUE)
		  {
			 DrawText (hdc, TEXT ("error open process"), -1, &rect, DT_SINGLELINE | DT_CENTER | DT_VCENTER) ;
		  }
		  else
		  {
			 DrawText (hdc, TEXT ("success open process"), -1, &rect, DT_SINGLELINE | DT_CENTER | DT_VCENTER) ;
		  }
          
          EndPaint (hwnd, &ps) ;
          return 0 ;
          
     case WM_DESTROY:
          PostQuitMessage (0) ;
          return 0 ;
     }
     return DefWindowProc (hwnd, message, wParam, lParam) ;
}

如果给一个不存在的进程名，将输出 error;  

截图如下；