Re: NtQuerySystemInformation/Task Manger processes tab with Win32::API (win32 cwd/pwd from pid)


Clear questions and runnable code get the best and fastest answer
	PerlMonks

Re: NtQuerySystemInformation/Task Manger processes tab with Win32::API (win32 cwd/pwd from pid)

by Anonymous Monk

on Dec 15, 2012 at 07:25 UTC ( #1008941=note: print w/ replies, xml )

Need Help??

in reply to NtQuerySystemInformation/Task Manger processes tab with Win32::API

Can you retrieve cwd/pwd from pid?

Maybe using GetCurrentDirectoryFromPid?

There is Win32::EnvProcess but it doesn't quite work for me, and I'm only interested in read only access

volatility looks interesting, but i'd consider GUITest-ing procexp before resorting to python :)

The author of Win32::Process::Info decided to not use Native API Win32::Process::Info::NT leaving only WMI as the alternative according to what I've been told.

Well, Win32::Process::Info::NT "works" but the amount of info is less

Comment on Re: NtQuerySystemInformation/Task Manger processes tab with Win32::API (win32 cwd/pwd from pid)

Re^2: NtQuerySystemInformation/Task Manger processes tab with Win32::API (win32 cwd/pwd from pid)
by bulk88 (Deacon) on Dec 15, 2012 at 12:57 UTC

Win32::Process::Memory

Win32::Process::CommandLine

[reply]

In Section Cool Uses for Perl

Node Status^?

node history
Node Type: note [id://1008941]
help

Chatterbox^?

How do I use this? | Other CB clients

Other Users^?

Others meditating upon the Monastery: (18)

As of 2013-06-20 09:06 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Voting Booth^?

How many continents have you visited?

Results (681 votes), past polls