1、定义一个函数getWindowsBit,传入布尔值:
bool getWindowsBit(bool &isWindows64bit)
{
预编译语句,判断32位成立,那么就把isWindows64bit置为true
#if _WIN64
isWindows64bit = true
return true
预编译语句,判断32位成立,那么念枝枯就把isWow64置为false
#elif _WIN32
BOOL isWow64 = FALSE
//IsWow64Process is not available on all supported versions of Windows.
//Use GetModuleHandle to get a handle to the DLL that contains the function
//and GetProcAddress to get a pointer to the function if available.
LPFN_ISWOW64PROCESS fnIsWow64Process = (LPFN_ISWOW64PROCESS)
GetProcAddress(GetModuleHandle(TEXT("kernel32")),"IsWow64Process")
2、实际的判断逻辑,根仔洞据处理器函数GetCurrentProcess来判断
if(fnIsWow64Process)
{
if (!fnIsWow64Process(GetCurrentProcess(), &isWow64))
return false
if(isWow64)
isWindows64bit = true
else
isWindows64bit = false
return true
}
else
return false
#else
assert(0)
return false
#endif
}
这个有很多办法,我先给你列举最简单的:
typedef void (WINAPI *PGNSI)(LPSYSTEM_INFO)void TestFunc()
{
PGNSI pGNSI
SYSTEM_INFO si
ZeroMemory(&si, sizeof(SYSTEM_INFO))
hMoudle = LoadLibrary("ntdll.dll")
//pGNSI的值就是指乎函数的地址
pGNSI = (PGNSI)GetProcAddress(hModule,"ZwQueryInformationProcess")
}
还有从唯敏悉内拿配存中载入,PE分析,对比输出表中的函数等,稍微复杂一些!楼主感兴趣可以自己去查
typedef void (WINAPI *PGNSI)(LPSYSTEM_INFO)pGNSI = (PGNSI)GetProcAddress(GetModuleHandle(_T("kernel32.dll")), "GetNativeSystemInfo")if (NULL != pGNSI) { pGNSI(&si)} else { GetSystemInfo(&si)}通过粗野判改困断 si.wProcessorArchitecture
如果核凳念是 PROCESSOR_ARCHITECTURE_AMD64 // 64 bits如果是 PROCESSOR_ARCHITECTURE_INTEL// 32 bits
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)