我是靠谱客的博主 文艺丝袜,最近开发中收集的这篇文章主要介绍获取任意进程的命令行参数,觉得挺不错的,现在分享给大家,希望可以做个参考。

概述

来源网络,亲测有效Delphi 2009

unit Unit2;

interface

    function GetProcessCmdLine(PID: Cardinal): string;

implementation

uses Windows;

const
  SystemHandleInformation = 16;
  ProcessBasicInformation = 0;
  STATUS_SUCCESS = cardinal($00000000);
  SE_DEBUG_PRIVILEGE =20;
  STATUS_ACCESS_DENIED = cardinal($C0000022);
  STATUS_INFO_LENGTH_MISMATCH = cardinal($C0000004);
  SEVERITY_ERROR = cardinal($C0000000);
  TH32CS_SNAPPROCESS = $00000002; // 模块列表快照
  JOB_OBJECT_ALL_ACCESS = $1f001f;

type
  TPROCESSENTRY32 = record
  dwSize: DWORD;
  cntUsage: DWORD;
  th32ProcessID: DWORD; // this process
  th32DefaultHeapID: DWORD;
  th32ModuleID: DWORD; // associated exe
  cntThreads: DWORD;
  th32ParentProcessID: DWORD; // this process"s parent process
  pcPriClassBase: Longint; // Base priority of process"s threads
  dwFlags: DWORD;
  szExeFile: array[0..MAX_PATH - 1] of Char;// Path
  end;

type
  USHORT = Word;
  UNICODE_STRING = Record
    Length : USHORT;
    MaximumLength: USHORT;
    Buffer : PWideString;
  end;
  RTL_USER_PROCESS_PARAMETERS = Record
    Reserved1 : array[0..15] of Byte;
    Reserved2 : array[0..9] of Pointer;
    ImagePathName: UNICODE_STRING;
    CommandLine : UNICODE_STRING;
  end;

  PRTL_USER_PROCESS_PARAMETERS = ^RTL_USER_PROCESS_PARAMETERS;


  PEB = record
  Reserved1 : array[0..1] of Byte;
  BeingDebugged: ByteBool;
  Reserved2 : Byte;
  Reserved3 : array[0..1] of Pointer;
  Ldr : Pointer;
  ProcessParameters: PRTL_USER_PROCESS_PARAMETERS;
  Reserved4 : array[0..103]of Byte;
  Reserved5 : array[0..51]of Pointer;
  end;

  PPEB = ^PEB;

  PROCESS_BASIC_INFORMATION = record
  ExitStatus : DWORD;
  PebBaseAddress: PPEB;
  AffinityMask : DWORD;
  BasePriority : DWORD;
  uUniqueProcessId: ULong;
  uInheritedFromUniqueProcessId: ULong;
  end;
  TProcessBasicInformation = PROCESS_BASIC_INFORMATION;


function CreateToolhelp32Snapshot(dwFlags, th32ProcessID: DWORD) : THandle ; stdcall; external 'kernel32.dll' name 'CreateToolhelp32Snapshot';
function Process32First(hSnapshot: THandle; var lppe: TProcessEntry32): BOOL ; stdcall; external 'kernel32.dll' name 'Process32First';
function Process32Next(hSnapshot: THandle; var lpme: TPROCESSENTRY32): BOOL ; stdcall; external 'kernel32.dll' name 'Process32Next';

function NtQueryInformationProcess(ProcessHandle: THandle;ProcessInformationClass: Byte;ProcessInformation: Pointer;
ProcessInformationLength: ULONG;ReturnLength: PULONG): DWORD; stdcall; external 'ntdll.dll';

function EnablePrivilege(const PrivName: string; const Enable: Boolean = true): Boolean;
var
  hToken: THandle;
  PrivId: Int64;
  tkp, PreviousState: TTokenPrivileges;
  ReturnLength: DWORD;
begin
  Result:=False;
  if not LookupPrivilegeValue(nil,PChar(PrivName),PrivId) then exit;
  if not OpenProcessToken(GetCurrentProcess,TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY,hToken) then exit;
  try
    ReturnLength:=0;
    tkp.PrivilegeCount:=1;
    tkp.Privileges[0].Luid:=PrivId;
    if Enable then tkp.Privileges[0].Attributes:=SE_PRIVILEGE_ENABLED
    else tkp.Privileges[0].Attributes:=0;
      Result:=AdjustTokenPrivileges(hToken,false,tkp,SizeOf(TTokenPrivileges),PreviousState,ReturnLength);
  finally
       CloseHandle(hToken);
  end;
end;


function GetProcessCmdLine(PID: Cardinal): string;
const
  SE_DEBUG_NAME = 'SeDebugPrivilege';
  ProcessBasicInformation = 0;
var
  h : THandle;
  pbi : TProcessBasicInformation;
  ret : Cardinal;
  r : Cardinal;
  ws : WideString;
  aPEB : PEB;
  str:string;
  i:integer;
  ProcPar: RTL_USER_PROCESS_PARAMETERS;
begin
    Result:='';
    str:='';
    if PID = 0 then PID:=GetCurrentProcessID;
  try
    h:=OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ,False,PID);
    if h=0 then exit;

    try
      ret:=NtQueryInformationProcess(h,ProcessBasicInformation,@PBI,SizeOf(PBI),@r);
      if ret=0 then
      repeat
          if (not ReadProcessMemory(h,pbi.PebBaseAddress,@aPEB,SizeOf(aPEB),r))
            or (r<>SizeOf(aPEB)) then break;

        if (not ReadProcessMemory(h,aPEB.ProcessParameters,@ProcPar,SizeOf(ProcPar),r))
          or (r<>SizeOf(ProcPar)) then break;

        SetLength(ws,ProcPar.CommandLine.Length div 2);
        if (not ReadProcessMemory(h,ProcPar.CommandLine.Buffer,PWideChar(ws),
          ProcPar.CommandLine.Length,r)) or (r<>ProcPar.CommandLine.Length) then break;

        Result:=ws;
      until True;
    finally
      CloseHandle(h);
    end;
  finally
  end;
end;

function Trim(const S: string): string;
var
    I, L: Integer;
begin
  L := Length(S);
  I := 1;
  while (I <= L) and (S[I] <= ' ') do
      Inc(I);

  if I > L then
    Result := ''
  else
  begin
    while S[L] <= ' ' do
    Dec(L);
    Result := Copy(S, I, L - I + 1);
  end;
end;

function UpperCase(const S: string): string;
var
  Ch: Char;
  L: Integer;
  Source, Dest: PChar;
begin
  L := Length(S);
  SetLength(Result, L);
  Source := Pointer(S);
  Dest := Pointer(Result);
  while L <> 0 do
  begin
    Ch := Source^;
    if (Ch >= 'a') and (Ch <= 'z') then
        Dec(Ch, 32);

    Dest^ := Ch;
    Inc(Source);
    Inc(Dest);
    Dec(L);
  end;
end;

Function findprocess(TheProcName:String):DWORD;
var
  isOK:Boolean;
  ProcessHandle:Thandle;
  ProcessStruct:TProcessEntry32;
begin
  ProcessHandle:=createtoolhelp32snapshot(Th32cs_snapprocess,0);
  processStruct.dwSize:=sizeof(ProcessStruct);
  isOK:=process32first(ProcessHandle,ProcessStruct);
  Result:=0;
  while isOK do
  begin
    if Trim(UpperCase(TheProcName))=Trim(UpperCase(ProcessStruct.szExeFile)) then
    begin
      Result:=ProcessStruct.th32ProcessID;
      CloseHandle(ProcessHandle);
        exit;
    end;
    isOK:=process32next(ProcessHandle,ProcessStruct);
  end;
  CloseHandle(ProcessHandle);
end;

end.

最后

以上就是文艺丝袜为你收集整理的获取任意进程的命令行参数的全部内容,希望文章能够帮你解决获取任意进程的命令行参数所遇到的程序开发问题。

如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。

本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
点赞(35)

评论列表共有 0 条评论