Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

Re^2: NtQuerySystemInformation/Task Manger processes tab with Win32::API (win32 cwd/pwd from pid)

by bulk88 (Priest)
on Dec 15, 2012 at 12:57 UTC ( #1008979=note: print w/ replies, xml ) Need Help??


in reply to Re: NtQuerySystemInformation/Task Manger processes tab with Win32::API (win32 cwd/pwd from pid)
in thread NtQuerySystemInformation/Task Manger processes tab with Win32::API

tlist tool will list the starting command line and cwd for a process, or use ReadProcessMemory and PEB traversal, tlist and process explorer both do ReadProcessMemory and PEB traversal. I suggest writing some XS code, since doing ReadProcessMemory and PEB stuff with Win32::API is possible, but painful to parse all the structs, and remain 32 and 64 bit compliant.

edit: google says there is Win32::Process::Memory, dont know if it works, parsing the structs is the hardest job, not looking in another processes memory, also there is Win32::Process::CommandLine.


Comment on Re^2: NtQuerySystemInformation/Task Manger processes tab with Win32::API (win32 cwd/pwd from pid)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1008979]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others lurking in the Monastery: (4)
As of 2014-09-17 02:52 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (56 votes), past polls