读另一个进程的命令行参数(Win32的C code) [英] Reading Command Line Arguments of Another Process (Win32 C code)
问题描述
我需要能够列出命令行参数(如果有的话)传递给其他正在运行的进程。我的PID已经在系统上正在运行的进程,所以基本上我需要确定通过给定PID的 XXX 的处理的参数。
I need to be able to list the command line arguments (if any) passed to other running processes. I have the PIDs already of the running processes on the system, so basically I need to determine the arguments passed to process with given PID XXX.
我工作的一个核心一块 Python模块的管理流程的。在code写成一个Python扩展C和由更高级别的Python库包裹。这个项目的目的是为了避免第三方库的依赖,如pywin32扩展,或丑陋的黑客就像说'PS'或使用taskkill命令行上,所以我在寻找一种方法在C $ C到这样做$ C。
I'm working on a core piece of a Python module for managing processes. The code is written as a Python extension in C and will be wrapped by a higher level Python library. The goal of this project is to avoid dependency on third party libs such as the pywin32 extensions, or on ugly hacks like calling 'ps' or taskkill on the command line, so I'm looking for a way to do this in C code.
我用Google搜索周围的这个发现使用远程线程的一些简要的建议( )对自己注入到其他进程,然后运行 GetCommandLine() 但我希望有人可能有一些工作code样品和/或更好的建议。
I've Googled this around and found some brief suggestions of using CreateRemoteThread() to inject myself into the other process, then run GetCommandLine() but I was hoping someone might have some working code samples and/or better suggestions.
更新:我已经找到完整的工作演示code和$ C $的CProject使用NtQueryProcessInformation一个解决方案:<一href=\"http://www.$c$cproject.com/KB/threads/GetNtProcessInfo.aspx\">http://www.$c$cproject.com/KB/threads/GetNtProcessInfo.aspx - 它,因为它是不支持直接从NTDLL结构宰杀的资料,但我会接受它的效果并不理想。感谢所有的建议。
UPDATE: I've found full working demo code and a solution using NtQueryProcessInformation on CodeProject: http://www.codeproject.com/KB/threads/GetNtProcessInfo.aspx - It's not ideal since it's "unsupported" to cull the information directly from the NTDLL structures but I'll live with it. Thanks to all for the suggestions.
更新2 :我通过更多的谷歌搜索设法挖掘不使用C ++ code A C版本,是一个小更直接的/简洁朝这个问题指出。见<一href=\"http://wj32.word$p$pss.com/2009/01/24/howto-get-the-command-line-of-processes/\">http://wj32.word$p$pss.com/2009/01/24/howto-get-the-command-line-of-processes/了解详情。
UPDATE 2: I managed through more Googling to dig up a C version that does not use C++ code, and is a little more direct/concisely pointed toward this problem. See http://wj32.wordpress.com/2009/01/24/howto-get-the-command-line-of-processes/ for details.
谢谢!
推荐答案
要回答我的问题,我终于找到了一个$ C $的CProject的解决方案,不正是我要找的:
To answer my own question, I finally found a CodeProject solution that does exactly what I'm looking for:
HTTP://www.$c$cproject.com/KB/线程/ GetNtProcessInfo.aspx
由于@Reuben已经指出的那样,你可以使用 NtQueryProcessInformation 检索这些信息。 Unfortuantely它不是一个推荐的方法,但由于唯一的解决方案似乎是承担一个WMI查询的开销,我想我们会采取这种做法现在。
As @Reuben already pointed out, you can use NtQueryProcessInformation to retrieve this information. Unfortuantely it's not a recommended approach, but given the only other solution seems to be to incur the overhead of a WMI query, I think we'll take this approach for now.
请注意,这好象如果使用code,从32位的Windows上的64位Windows操作系统编译到不行,而是因为我们的模块从源上的目标,应该是我们的目的确定编制。我宁愿用这个现有的code,它应该在Windows 7或以后的日子打破,我们可以使用WMI再看看。感谢您的答复!
Note that this seems to not work if using code compiled from 32bit Windows on a 64bit Windows OS, but since our modules are compiled from source on the target that should be OK for our purposes. I'd rather use this existing code and should it break in Windows 7 or a later date, we can look again at using WMI. Thanks for the responses!
更新:一个更简洁,仅C(相对于C ++)相同的技术版本在这里说明:
UPDATE: A more concise and C only (as opposed to C++) version of the same technique is illustrated here:
的http://wj32.word$p$pss.com/2009/01/24/howto-get-the-command-line-of-processes/
这篇关于读另一个进程的命令行参数(Win32的C code)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
