开通博客赚积分
发布资源赚积分
分类

源码开发语言/平台
当前位置:首页 > 源码/资料 > Windows编程 > 钩子与API截获 > 查看源码
DebugProgramDlg.cpp
资源名称:DebugProgram.rar [点击查看]
上传用户:yll456
上传日期:2022-03-08
资源大小:19064k
文件大小:15k
源码类别:

钩子与API截获

开发平台:

Visual C++

DebugProgramDlg.cpp:源码内容
  1. // DebugProgramDlg.cpp : 实现文件
  2. //
  4. #include "stdafx.h"
  5. #include "DebugProgram.h"
  6. #include "DebugProgramDlg.h"
  7. #include "tchar.h"
  8. #include "PSAPI.h"
  9. #include "pe.h"
  11. #pragma comment(lib,"psapi.lib");
  13. CDebugProgramDlg  *tdlg;
  17. #define MAX_MODULE  256
  18. typedef struct _ModuleInfo
  19. {
  20. DWORD dwFileSize;
  21. TCHAR strFilePath[MAX_PATH];
  22. TCHAR strFileTime[32];
  23. } MODULE_INFO;
  25. TCHAR * PrintProcessNameAndID( DWORD processID )
  26. {
  27.     TCHAR szProcessName[MAX_PATH] = TEXT("<unknown>");
  29.     // Get a handle to the process.
  31.     HANDLE hProcess = OpenProcess( PROCESS_QUERY_INFORMATION |
  32.                                    PROCESS_VM_READ,
  33.                                    FALSE, processID );
  34.     // Get the process name.
  36.     if (NULL != hProcess )
  37.     {
  38.         HMODULE hMod;
  39.         DWORD cbNeeded;
  41.         if ( EnumProcessModules( hProcess, &hMod, sizeof(hMod), 
  42.              &cbNeeded) )
  43.         {
  44.             GetModuleBaseName( hProcess, hMod, szProcessName, 
  45.                                sizeof(szProcessName)/sizeof(TCHAR) );
  46.         }
  47.     }
  51.     // Print the process name and identifier.
  53.   //  _tprintf( TEXT("%s  (PID: %u)n"), szProcessName, processID );
  55.     CloseHandle( hProcess );
  56. return szProcessName;
  57. }
  59. #ifdef _DEBUG
  60. #define new DEBUG_NEW
  61. #endif
  63. // 用于应用程序“关于”菜单项的 CAboutDlg 对话框
  65. class CAboutDlg : public CDialog
  66. {
  67. public:
  68. CAboutDlg();
  70. // 对话框数据
  71. enum { IDD = IDD_ABOUTBOX };
  73. protected:
  74. virtual void DoDataExchange(CDataExchange* pDX);    // DDX/DDV 支持
  76. // 实现
  77. protected:
  78. DECLARE_MESSAGE_MAP()
  79. };
  81. CAboutDlg::CAboutDlg() : CDialog(CAboutDlg::IDD)
  82. {
  83. }
  85. void CAboutDlg::DoDataExchange(CDataExchange* pDX)
  86. {
  87. CDialog::DoDataExchange(pDX);
  88. }
  90. BEGIN_MESSAGE_MAP(CAboutDlg, CDialog)
  91. END_MESSAGE_MAP()
  94. // CDebugProgramDlg 对话框
  99. CDebugProgramDlg::CDebugProgramDlg(CWnd* pParent /*=NULL*/)
  100. : CDialog(CDebugProgramDlg::IDD, pParent)
  101. , m_ifChecked(FALSE)
  102. {
  103. m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);
  104. }
  106. void CDebugProgramDlg::DoDataExchange(CDataExchange* pDX)
  107. {
  108. CDialog::DoDataExchange(pDX);
  109. DDX_Control(pDX, IDC_COMBO_PROCESSLIST, m_ProcessList);
  110. DDX_Control(pDX, IDC_OPENFILENAME, m_OpenFileName);
  111. DDX_Control(pDX, IDC_LIST_BREAKPOINT, m_BreakPointList);
  112. DDX_Check(pDX, IDC_IFATTACHPROCESS, m_ifChecked);
  113. DDX_Control(pDX, IDC_IFATTACHPROCESS, m_ctlCheckAttach);
  114. }
  116. BEGIN_MESSAGE_MAP(CDebugProgramDlg, CDialog)
  117. ON_WM_SYSCOMMAND()
  118. ON_WM_PAINT()
  119. ON_WM_QUERYDRAGICON()
  120. //}}AFX_MSG_MAP
  121. //ON_BN_CLICKED(IDC_BUTTON1, &CDebugProgramDlg::OnBnClickedButton1)
  122. // ON_BN_CLICKED(IDC_BUTTON2, &CDebugProgramDlg::OnBnClickedButton2)
  123. ON_BN_CLICKED(IDC_BUTTON3, &CDebugProgramDlg::OnBnClickedButton3)
  124. ON_BN_CLICKED(IDC_SELECTBUTTON, &CDebugProgramDlg::OnBnClickedSelectbutton)
  125. ON_BN_CLICKED(IDC_REFRESHBUTTON, &CDebugProgramDlg::OnBnClickedRefreshbutton)
  126. ON_BN_CLICKED(IDC_IFATTACHPROCESS, &CDebugProgramDlg::OnBnClickedIfattachprocess)
  127. ON_BN_CLICKED(IDC_STARTBUTTON, &CDebugProgramDlg::OnBnClickedStartbutton)
  128. END_MESSAGE_MAP()
  131. // CDebugProgramDlg 消息处理程序
  133. BOOL CDebugProgramDlg::OnInitDialog()
  134. {
  135. CDialog::OnInitDialog();
  137. // 将“关于...”菜单项添加到系统菜单中。
  139. // IDM_ABOUTBOX 必须在系统命令范围内。
  140. ASSERT((IDM_ABOUTBOX & 0xFFF0) == IDM_ABOUTBOX);
  141. ASSERT(IDM_ABOUTBOX < 0xF000);
  143. CMenu* pSysMenu = GetSystemMenu(FALSE);
  144. if (pSysMenu != NULL)
  145. {
  146. CString strAboutMenu;
  147. strAboutMenu.LoadString(IDS_ABOUTBOX);
  148. if (!strAboutMenu.IsEmpty())
  149. {
  150. pSysMenu->AppendMenu(MF_SEPARATOR);
  151. pSysMenu->AppendMenu(MF_STRING, IDM_ABOUTBOX, strAboutMenu);
  152. }
  153. }
  155. // 设置此对话框的图标。当应用程序主窗口不是对话框时,框架将自动
  156. //  执行此操作
  157. SetIcon(m_hIcon, TRUE); // 设置大图标
  158. SetIcon(m_hIcon, FALSE); // 设置小图标
  160. DWORD aProcesses[1024], cbNeeded, cProcesses;
  161. TCHAR *ProcessName=new TCHAR[MAX_PATH];
  162. unsigned int i;
  163. unsigned int j=0;
  165. if ( !EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ) )
  166. return -1;
  168. // Calculate how many process identifiers were returned.
  170. cProcesses = cbNeeded / sizeof(DWORD);
  172. // Print the name and process identifier for each process.
  174. for ( i = 0; i < cProcesses; i++ )
  175. {
  176. if( aProcesses[i] != 0 )
  177. {
  178. _stprintf(ProcessName,"%-32s",PrintProcessNameAndID( aProcesses[i] ) );
  179. if( _tcsstr(ProcessName,_T("<unknown>") ) == NULL )
  180. {
  181.      m_ProcessList.AddString(ProcessName);
  182. }
  183. }
  184. }
  186. m_ProcessList.SetCurSel(0);
  187. // TODO: 在此添加额外的初始化代码
  188.     ObjectExe="";
  190. /////////////////////////////////////////
  192. m_ifChecked=FALSE;
  194.     CWnd *pWnd1=GetDlgItem(IDC_COMBO_PROCESSLIST);
  195. pWnd1->ShowWindow(SW_HIDE);
  197. CWnd *pWnd2=GetDlgItem(IDC_REFRESHBUTTON);
  198. pWnd2->ShowWindow(SW_HIDE);
  201. CWnd *pWnd3=GetDlgItem(IDC_OPENFILENAME);
  202. pWnd3->ShowWindow(SW_SHOW);
  204. CWnd *pWnd4=GetDlgItem(IDC_SELECTBUTTON);
  205. pWnd4->ShowWindow(SW_SHOW);
  207. m_ctlCheckAttach.SetCheck(0);
  208. /////////////////////////////////////////
  209. return TRUE;  // 除非将焦点设置到控件,否则返回 TRUE
  210. }
  212. void CDebugProgramDlg::OnSysCommand(UINT nID, LPARAM lParam)
  213. {
  214. if ((nID & 0xFFF0) == IDM_ABOUTBOX)
  215. {
  216. CAboutDlg dlgAbout;
  217. dlgAbout.DoModal();
  218. }
  219. else
  220. {
  221. CDialog::OnSysCommand(nID, lParam);
  222. }
  223. }
  225. // 如果向对话框添加最小化按钮,则需要下面的代码
  226. //  来绘制该图标。对于使用文档/视图模型的 MFC 应用程序,
  227. //  这将由框架自动完成。
  229. void CDebugProgramDlg::OnPaint()
  230. {
  231. if (IsIconic())
  232. {
  233. CPaintDC dc(this); // 用于绘制的设备上下文
  235. SendMessage(WM_ICONERASEBKGND, reinterpret_cast<WPARAM>(dc.GetSafeHdc()), 0);
  237. // 使图标在工作区矩形中居中
  238. int cxIcon = GetSystemMetrics(SM_CXICON);
  239. int cyIcon = GetSystemMetrics(SM_CYICON);
  240. CRect rect;
  241. GetClientRect(&rect);
  242. int x = (rect.Width() - cxIcon + 1) / 2;
  243. int y = (rect.Height() - cyIcon + 1) / 2;
  245. // 绘制图标
  246. dc.DrawIcon(x, y, m_hIcon);
  247. }
  248. else
  249. {
  250. CDialog::OnPaint();
  251. }
  252. }
  254. //当用户拖动最小化窗口时系统调用此函数取得光标
  255. //显示。
  256. HCURSOR CDebugProgramDlg::OnQueryDragIcon()
  257. {
  258. return static_cast<HCURSOR>(m_hIcon);
  259. }
  262. void CDebugProgramDlg::OnBnClickedButton1()//刷新进程
  263. {
  264. // TODO: 在此添加控件通知处理程序代码
  265. m_ProcessList.ResetContent();
  266. DWORD aProcesses[1024], cbNeeded, cProcesses;
  267. TCHAR *ProcessName=new TCHAR[MAX_PATH];
  268. unsigned int i;
  269. unsigned int j=0;
  271. if ( !EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ) )
  272. return ;
  274. // Calculate how many process identifiers were returned.
  276. cProcesses = cbNeeded / sizeof(DWORD);
  278. // Print the name and process identifier for each process.
  280. for ( i = 0; i < cProcesses; i++ )
  281. {
  282. if( aProcesses[i] != 0 )
  283. {
  284. _stprintf(ProcessName,"%-32s",PrintProcessNameAndID( aProcesses[i] ) );
  285. if( _tcsstr(ProcessName,_T("<unknown>") ) == NULL )
  286. {
  287. m_ProcessList.AddString(ProcessName);
  288. }
  289. }
  290. }
  292. m_ProcessList.SetCurSel(0);
  293. }
  295. void CDebugProgramDlg::OnBnClickedButton2()//选择执行文件
  296. {
  297. // TODO: 在此添加控件通知处理程序代码
  298. char buffer[120480];
  300. CFileDialog OpenFile(TRUE,NULL,NULL,/*OFN_ALLOWMULTISELECT | */OFN_HIDEREADONLY | OFN_OVERWRITEPROMPT);
  301.     
  302. buffer[0]=0;
  303. OpenFile.m_ofn.lpstrFile=buffer;
  304. OpenFile.m_ofn.nMaxFile=120480;
  305. OpenFile.m_ofn.lpstrFilter="可执行文件(*.exe)";/*可执行文件(*.exe)|*/
  306. OpenFile.m_ofn.lpstrDefExt="exe";
  308. if( OpenFile.DoModal() == IDCANCEL) return;
  309. ObjectExe=OpenFile.GetPathName();
  310.     //MessageBox(ObjectExe,0,0);
  311. }
  313. void CDebugProgramDlg::OnBnClickedButton3()//添加自定义断点
  314. {
  315. // TODO: 在此添加控件通知处理程序代码
  316. }
  318. void CDebugProgramDlg::OnBnClickedSelectbutton()
  319. {
  320. // TODO: 在此添加控件通知处理程序代码
  321. char buffer[120480];
  323. CFileDialog OpenFile(TRUE,NULL,NULL,/*OFN_ALLOWMULTISELECT | */OFN_HIDEREADONLY | OFN_OVERWRITEPROMPT);
  324.     
  325. buffer[0]=0;
  326. OpenFile.m_ofn.lpstrFile=buffer;
  327. OpenFile.m_ofn.nMaxFile=120480;
  328. OpenFile.m_ofn.lpstrFilter="可执行文件(*.exe)";/*可执行文件(*.exe)|*/
  329. OpenFile.m_ofn.lpstrDefExt="exe";
  331. if( OpenFile.DoModal() == IDCANCEL) return;
  332. ObjectExe=OpenFile.GetPathName();
  333. m_OpenFileName.SetWindowTextA(ObjectExe);
  334. }
  336. void CDebugProgramDlg::OnBnClickedRefreshbutton()
  337. {
  338. // TODO: 在此添加控件通知处理程序代码
  339. m_ProcessList.ResetContent();
  340. DWORD aProcesses[1024], cbNeeded, cProcesses;
  341. TCHAR *ProcessName=new TCHAR[MAX_PATH];
  342. unsigned int i;
  343. unsigned int j=0;
  345. if ( !EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ) )
  346. return ;
  348. // Calculate how many process identifiers were returned.
  350. cProcesses = cbNeeded / sizeof(DWORD);
  352. // Print the name and process identifier for each process.
  354. for ( i = 0; i < cProcesses; i++ )
  355. {
  356. if( aProcesses[i] != 0 )
  357. {
  358. _stprintf(ProcessName,"%-32s",PrintProcessNameAndID( aProcesses[i] ) );
  359. if( _tcsstr(ProcessName,_T("<unknown>") ) == NULL )
  360. {
  361. m_ProcessList.AddString(ProcessName);
  362. }
  363. }
  364. }
  366. m_ProcessList.SetCurSel(0);
  367. }
  369. void CDebugProgramDlg::OnBnClickedIfattachprocess()
  370. {
  371. // TODO: 在此添加控件通知处理程序代码
  372. //m_ifChecked ^= TRUE;
  373. int CheckStatus=m_ctlCheckAttach.GetCheck();
  374. if(CheckStatus==1)
  375. {
  376. CWnd *pWnd1=GetDlgItem(IDC_COMBO_PROCESSLIST);
  377. pWnd1->ShowWindow(SW_SHOW);
  379. CWnd *pWnd2=GetDlgItem(IDC_REFRESHBUTTON);
  380. pWnd2->ShowWindow(SW_SHOW);
  383. CWnd *pWnd3=GetDlgItem(IDC_OPENFILENAME);
  384. pWnd3->ShowWindow(SW_HIDE);
  386. CWnd *pWnd4=GetDlgItem(IDC_SELECTBUTTON);
  387. pWnd4->ShowWindow(SW_HIDE);
  389. m_ifChecked=FALSE;
  390. }
  391. if(CheckStatus==0)
  392. {
  393. CWnd *pWnd1=GetDlgItem(IDC_COMBO_PROCESSLIST);
  394. pWnd1->ShowWindow(SW_HIDE);
  396. CWnd *pWnd2=GetDlgItem(IDC_REFRESHBUTTON);
  397. pWnd2->ShowWindow(SW_HIDE);
  400. CWnd *pWnd3=GetDlgItem(IDC_OPENFILENAME);
  402. pWnd3->ShowWindow(SW_SHOW);
  404. CWnd *pWnd4=GetDlgItem(IDC_SELECTBUTTON);
  405. pWnd4->ShowWindow(SW_SHOW);
  407. m_ifChecked=TRUE;
  408. }
  409. }
  411. UINT ThreadRun(LPVOID PARAM)
  412. {
  413.     
  414.     unsigned char Index=0;
  415. char strtemp[256];
  416. //char ObjectExe[256];
  417. CString ObjectExe;
  419. tdlg->m_OpenFileName.GetWindowTextA(ObjectExe);
  421. if(ObjectExe.IsEmpty())
  422. {
  424.     tdlg->m_BreakPointList.InsertString(Index++,"请选择目标程序!!!");
  425.     return 0;
  428. sprintf(strtemp,"已经选择文件%s",ObjectExe);
  429. tdlg->m_BreakPointList.InsertString(Index++,strtemp);
  431. MAP_FILE_STRUCT stMapFile;
  432. char FileName[256];
  433. sprintf(FileName,"%s",ObjectExe);
  434. LoadFileR(FileName,&stMapFile);
  435. PIMAGE_OPTIONAL_HEADER  pOH=GetOptionalHeader(stMapFile.ImageBase);
  436. if(!pOH)
  437. {
  438.     tdlg->m_BreakPointList.InsertString(Index++,"Can't get Optional Header !");
  439. return 0;
  440. }
  441. tdlg->m_BreakPointList.InsertString(Index++,"成功获取执行文件Optional Header!!!");
  442. DWORD dwBreakAddr = pOH->ImageBase+pOH->AddressOfEntryPoint;
  443. sprintf(strtemp,"执行文件的入口点地址为%08x",dwBreakAddr);
  444. tdlg->m_BreakPointList.InsertString(Index++,strtemp);
  446. sprintf(strtemp,"设置的断点地址为%08x",dwBreakAddr);
  447. tdlg->m_BreakPointList.InsertString(Index++,strtemp);
  448. STARTUPINFO sif ;
  449. PROCESS_INFORMATION pi  ;
  450. ::ZeroMemory(&sif, sizeof(STARTUPINFO)) ;
  451. ::ZeroMemory(&pi, sizeof(PROCESS_INFORMATION)) ;
  452. sif.cb = sizeof(STARTUPINFO) ;
  453. bool hRes ;
  454. bool STOP ;
  455. hRes = ::CreateProcess (_T(FileName), NULL, NULL, NULL, NULL, DEBUG_PROCESS|DEBUG_ONLY_THIS_PROCESS, 
  456. NULL, NULL, &sif, &pi) ;
  457. if (hRes != TRUE)
  458. {
  459. ::MessageBox(NULL, _T("建立进程出错"), _T("错误"), MB_OK) ;
  460. ::ExitProcess(-1) ;
  461. }
  462. DEBUG_EVENT DBEvent ;
  463. CONTEXT Regs ;
  464. DWORD dwState, dwBpCnt, dwSSCnt, dwAddrProc ;
  465. //static const DWORD dwBreakAddr = 0x401000 ;
  466. unsigned int iTotalCommandNum ;
  467. TCHAR tBuffer[256] ;
  468. dwBpCnt = dwSSCnt = 0 ;
  469. iTotalCommandNum = 0 ;
  470. STOP = false ;
  471. Regs.ContextFlags = CONTEXT_FULL | CONTEXT_DEBUG_REGISTERS ;
  473. do
  474. {
  475. ::WaitForDebugEvent (&DBEvent, INFINITE) ;
  476. dwState = DBG_EXCEPTION_NOT_HANDLED ;
  477. switch (DBEvent.dwDebugEventCode)
  478. {
  479. case EXCEPTION_DEBUG_EVENT:
  480. {
  481. switch (DBEvent.u.Exception.ExceptionRecord.ExceptionCode)
  482. {
  483. case EXCEPTION_BREAKPOINT:
  484. {
  485. ++dwBpCnt ;
  486. if (dwBpCnt == 1)
  487. {
  488. ::GetThreadContext(pi.hThread, &Regs) ;
  489. Regs.Dr0 = (DWORD)(::GetProcAddress(::GetModuleHandle(_T("ntdll.dll")), _T("NtContinue")) );
  490. Regs.Dr7 = 0x101 ;
  491. ::SetThreadContext(pi.hThread, &Regs) ;
  492. dwState = DBG_CONTINUE ;
  493. }
  494. break ;
  495. }
  496. case EXCEPTION_SINGLE_STEP :
  497. {
  498. ++dwSSCnt ;
  499. if (dwSSCnt == 1)
  500. {
  501. ::GetThreadContext(pi.hThread, &Regs) ;
  502. Regs.Dr0 = Regs.Dr7 = 0 ;
  503. ::SetThreadContext(pi.hThread, &Regs) ;
  505. ::ReadProcessMemory(pi.hProcess, (LPCVOID)(Regs.Esp+4), &dwAddrProc, sizeof(DWORD), NULL) ;
  506. ::ReadProcessMemory(pi.hProcess, (LPCVOID)dwAddrProc, &Regs, sizeof(CONTEXT), NULL) ;
  508. Regs.Dr0 = dwBreakAddr ;
  509. Regs.Dr7 = 0x101 ;
  511. ::WriteProcessMemory(pi.hProcess, (LPVOID)dwAddrProc, &Regs, sizeof(CONTEXT), NULL) ;
  513. dwState = DBG_CONTINUE ;
  514. }
  515. else if (dwSSCnt == 2)
  516. {
  517. ::GetThreadContext(pi.hThread, &Regs) ;
  518. char buffer[2600];
  519. sprintf(buffer,"EAX=%08xnEBX=%08xnECX=%08xnEDX=%08xnESP=%08xnEIP=%08xn",Regs.Eax,Regs.Ebx,Regs.Ecx,Regs.Edx,Regs.Esp,Regs.Eip);
  520. MessageBox(NULL,buffer,"ok",MB_OK);
  521. Regs.Dr0 = Regs.Dr7 = 0 ;
  522. Regs.EFlags |= 0x100 ;//此处不屏蔽则会进入下一次单步运算
  523. ::SetThreadContext(pi.hThread, &Regs) ;
  525. ++iTotalCommandNum ;
  526. dwState = DBG_CONTINUE ;
  527. }
  528. else if (dwSSCnt == 3)
  529. {
  530. ::GetThreadContext(pi.hThread, &Regs) ;
  531. char buffer[2600];
  532. sprintf(buffer,"ESP=%08xn",Regs.Esp);
  533. MessageBox(NULL,buffer,"ok",MB_OK);
  535. unsigned char strbuf[256];
  536. unsigned char newstr[256]={"程序已经被成功修改,谢谢欣赏!!!"};
  537. for(int i=31;i<256;i++)
  538. newstr[i]=0;
  540. ::ReadProcessMemory(pi.hProcess, (LPCVOID)(Regs.Esp), &dwAddrProc, sizeof(DWORD), NULL) ;  
  541. ::ReadProcessMemory(pi.hProcess, (LPCVOID)dwAddrProc, &strbuf, 256, NULL) ;
  542. ::WriteProcessMemory(pi.hProcess,(LPVOID)dwAddrProc, &newstr,256,NULL);
  544. Regs.Dr0 = Regs.Dr7 = 0 ;
  545. //Regs.EFlags |= 0x100 ;//此处不屏蔽则会进入下一次单步运算
  546. ::SetThreadContext(pi.hThread, &Regs) ;
  548. ++iTotalCommandNum ;
  549. dwState = DBG_CONTINUE ;
  550. }//*/
  552. break ;
  553. }
  554. }
  555. break ;
  556. }
  557. case EXIT_PROCESS_DEBUG_EVENT :
  558. {
  559. iTotalCommandNum ;
  560. STOP = TRUE ;
  561. ::sprintf(tBuffer, _T("程序总指令数:  %08lX"), iTotalCommandNum) ;
  562. ::MessageBox(NULL, tBuffer, _T("结束"), MB_OK) ;
  563. //::ExitProcess(-1) ;
  564. break ;
  565. }
  566. }
  567. if (!STOP)
  568. {
  569. ::ContinueDebugEvent(pi.dwProcessId, pi.dwThreadId, dwState) ;
  570. }
  571. } while (!STOP) ;
  573. ::CloseHandle(pi.hProcess) ;
  574. ::CloseHandle(pi.hThread)  ;
  575. //::ExitProcess(0) ;//*/
  576. return 0;
  577. }
  579. void CDebugProgramDlg::OnBnClickedStartbutton()
  580. {
  581. // TODO: 在此添加控件通知处理程序代码
  582. void *psa=NULL;
  583. unsigned cbStackSize=0;
  584. //_ptiddata ptd;
  585. unsigned dwCreateFlags=0;
  586. unsigned *pdwThreadID=new unsigned[5];
  587.     tdlg=this;
  588. //HANDLE hThread=CreateThread((LPSECURITY_ATTRIBUTES)psa,cbStackSize,(LPTHREAD_START_ROUTINE)ThreadRun,NULL,dwCreateFlags,(LPDWORD)pdwThreadID);
  589.     HANDLE hThread=AfxBeginThread(ThreadRun,NULL);
  590. WaitForSingleObject(hThread,INFINITE);
  592. }