Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Re^2: NtQuerySystemInformation/Task Manger processes tab with Win32::API (win32 cwd/pwd from pid)

by bulk88 (Priest)
on Dec 15, 2012 at 12:57 UTC ( #1008979=note: print w/ replies, xml ) Need Help??


in reply to Re: NtQuerySystemInformation/Task Manger processes tab with Win32::API (win32 cwd/pwd from pid)
in thread NtQuerySystemInformation/Task Manger processes tab with Win32::API

tlist tool will list the starting command line and cwd for a process, or use ReadProcessMemory and PEB traversal, tlist and process explorer both do ReadProcessMemory and PEB traversal. I suggest writing some XS code, since doing ReadProcessMemory and PEB stuff with Win32::API is possible, but painful to parse all the structs, and remain 32 and 64 bit compliant.

edit: google says there is Win32::Process::Memory, dont know if it works, parsing the structs is the hardest job, not looking in another processes memory, also there is Win32::Process::CommandLine.


Comment on Re^2: NtQuerySystemInformation/Task Manger processes tab with Win32::API (win32 cwd/pwd from pid)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1008979]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (6)
As of 2015-07-08 06:23 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (94 votes), past polls