Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

Re^2: NtQuerySystemInformation/Task Manger processes tab with Win32::API (win32 cwd/pwd from pid)

by bulk88 (Priest)
on Dec 15, 2012 at 12:57 UTC ( #1008979=note: print w/replies, xml ) Need Help??


in reply to Re: NtQuerySystemInformation/Task Manger processes tab with Win32::API (win32 cwd/pwd from pid)
in thread NtQuerySystemInformation/Task Manger processes tab with Win32::API

tlist tool will list the starting command line and cwd for a process, or use ReadProcessMemory and PEB traversal, tlist and process explorer both do ReadProcessMemory and PEB traversal. I suggest writing some XS code, since doing ReadProcessMemory and PEB stuff with Win32::API is possible, but painful to parse all the structs, and remain 32 and 64 bit compliant.

edit: google says there is Win32::Process::Memory, dont know if it works, parsing the structs is the hardest job, not looking in another processes memory, also there is Win32::Process::CommandLine.
  • Comment on Re^2: NtQuerySystemInformation/Task Manger processes tab with Win32::API (win32 cwd/pwd from pid)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1008979]
help
Chatterbox?
[Corion]: LanX: Broken links in what sense?
[Discipulus]: neurocent goes always up with the same curve of population raise
[marto]: believe in derp coin
[Corion]: Oh - I see ...
[LanX]: like http://cb60. datenzoo.de/:// perlmonks.org/ index.pl?node_id= 1215217
[Discipulus]: username links i bet
[Corion]: (also, let me recommend https://mini-cb60. datenzoo.de/ over that, as it has https :)
[LanX]: all links
[Corion]: I guess I should make the certificate valid for both hostnames
[LanX]: and broken links ;p

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (8)
As of 2018-05-25 15:58 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Notices?