概述
来源网络,亲测有效Delphi 2009
unit Unit2;
interface
function GetProcessCmdLine(PID: Cardinal): string;
implementation
uses Windows;
const
SystemHandleInformation = 16;
ProcessBasicInformation = 0;
STATUS_SUCCESS = cardinal($00000000);
SE_DEBUG_PRIVILEGE =20;
STATUS_ACCESS_DENIED = cardinal($C0000022);
STATUS_INFO_LENGTH_MISMATCH = cardinal($C0000004);
SEVERITY_ERROR = cardinal($C0000000);
TH32CS_SNAPPROCESS = $00000002; // 模块列表快照
JOB_OBJECT_ALL_ACCESS = $1f001f;
type
TPROCESSENTRY32 = record
dwSize: DWORD;
cntUsage: DWORD;
th32ProcessID: DWORD; // this process
th32DefaultHeapID: DWORD;
th32ModuleID: DWORD; // associated exe
cntThreads: DWORD;
th32ParentProcessID: DWORD; // this process"s parent process
pcPriClassBase: Longint; // Base priority of process"s threads
dwFlags: DWORD;
szExeFile: array[0..MAX_PATH - 1] of Char;// Path
end;
type
USHORT = Word;
UNICODE_STRING = Record
Length : USHORT;
MaximumLength: USHORT;
Buffer : PWideString;
end;
RTL_USER_PROCESS_PARAMETERS = Record
Reserved1 : array[0..15] of Byte;
Reserved2 : array[0..9] of Pointer;
ImagePathName: UNICODE_STRING;
CommandLine : UNICODE_STRING;
end;
PRTL_USER_PROCESS_PARAMETERS = ^RTL_USER_PROCESS_PARAMETERS;
PEB = record
Reserved1 : array[0..1] of Byte;
BeingDebugged: ByteBool;
Reserved2 : Byte;
Reserved3 : array[0..1] of Pointer;
Ldr : Pointer;
ProcessParameters: PRTL_USER_PROCESS_PARAMETERS;
Reserved4 : array[0..103]of Byte;
Reserved5 : array[0..51]of Pointer;
end;
PPEB = ^PEB;
PROCESS_BASIC_INFORMATION = record
ExitStatus : DWORD;
PebBaseAddress: PPEB;
AffinityMask : DWORD;
BasePriority : DWORD;
uUniqueProcessId: ULong;
uInheritedFromUniqueProcessId: ULong;
end;
TProcessBasicInformation = PROCESS_BASIC_INFORMATION;
function CreateToolhelp32Snapshot(dwFlags, th32ProcessID: DWORD) : THandle ; stdcall; external 'kernel32.dll' name 'CreateToolhelp32Snapshot';
function Process32First(hSnapshot: THandle; var lppe: TProcessEntry32): BOOL ; stdcall; external 'kernel32.dll' name 'Process32First';
function Process32Next(hSnapshot: THandle; var lpme: TPROCESSENTRY32): BOOL ; stdcall; external 'kernel32.dll' name 'Process32Next';
function NtQueryInformationProcess(ProcessHandle: THandle;ProcessInformationClass: Byte;ProcessInformation: Pointer;
ProcessInformationLength: ULONG;ReturnLength: PULONG): DWORD; stdcall; external 'ntdll.dll';
function EnablePrivilege(const PrivName: string; const Enable: Boolean = true): Boolean;
var
hToken: THandle;
PrivId: Int64;
tkp, PreviousState: TTokenPrivileges;
ReturnLength: DWORD;
begin
Result:=False;
if not LookupPrivilegeValue(nil,PChar(PrivName),PrivId) then exit;
if not OpenProcessToken(GetCurrentProcess,TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY,hToken) then exit;
try
ReturnLength:=0;
tkp.PrivilegeCount:=1;
tkp.Privileges[0].Luid:=PrivId;
if Enable then tkp.Privileges[0].Attributes:=SE_PRIVILEGE_ENABLED
else tkp.Privileges[0].Attributes:=0;
Result:=AdjustTokenPrivileges(hToken,false,tkp,SizeOf(TTokenPrivileges),PreviousState,ReturnLength);
finally
CloseHandle(hToken);
end;
end;
function GetProcessCmdLine(PID: Cardinal): string;
const
SE_DEBUG_NAME = 'SeDebugPrivilege';
ProcessBasicInformation = 0;
var
h : THandle;
pbi : TProcessBasicInformation;
ret : Cardinal;
r : Cardinal;
ws : WideString;
aPEB : PEB;
str:string;
i:integer;
ProcPar: RTL_USER_PROCESS_PARAMETERS;
begin
Result:='';
str:='';
if PID = 0 then PID:=GetCurrentProcessID;
try
h:=OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ,False,PID);
if h=0 then exit;
try
ret:=NtQueryInformationProcess(h,ProcessBasicInformation,@PBI,SizeOf(PBI),@r);
if ret=0 then
repeat
if (not ReadProcessMemory(h,pbi.PebBaseAddress,@aPEB,SizeOf(aPEB),r))
or (r<>SizeOf(aPEB)) then break;
if (not ReadProcessMemory(h,aPEB.ProcessParameters,@ProcPar,SizeOf(ProcPar),r))
or (r<>SizeOf(ProcPar)) then break;
SetLength(ws,ProcPar.CommandLine.Length div 2);
if (not ReadProcessMemory(h,ProcPar.CommandLine.Buffer,PWideChar(ws),
ProcPar.CommandLine.Length,r)) or (r<>ProcPar.CommandLine.Length) then break;
Result:=ws;
until True;
finally
CloseHandle(h);
end;
finally
end;
end;
function Trim(const S: string): string;
var
I, L: Integer;
begin
L := Length(S);
I := 1;
while (I <= L) and (S[I] <= ' ') do
Inc(I);
if I > L then
Result := ''
else
begin
while S[L] <= ' ' do
Dec(L);
Result := Copy(S, I, L - I + 1);
end;
end;
function UpperCase(const S: string): string;
var
Ch: Char;
L: Integer;
Source, Dest: PChar;
begin
L := Length(S);
SetLength(Result, L);
Source := Pointer(S);
Dest := Pointer(Result);
while L <> 0 do
begin
Ch := Source^;
if (Ch >= 'a') and (Ch <= 'z') then
Dec(Ch, 32);
Dest^ := Ch;
Inc(Source);
Inc(Dest);
Dec(L);
end;
end;
Function findprocess(TheProcName:String):DWORD;
var
isOK:Boolean;
ProcessHandle:Thandle;
ProcessStruct:TProcessEntry32;
begin
ProcessHandle:=createtoolhelp32snapshot(Th32cs_snapprocess,0);
processStruct.dwSize:=sizeof(ProcessStruct);
isOK:=process32first(ProcessHandle,ProcessStruct);
Result:=0;
while isOK do
begin
if Trim(UpperCase(TheProcName))=Trim(UpperCase(ProcessStruct.szExeFile)) then
begin
Result:=ProcessStruct.th32ProcessID;
CloseHandle(ProcessHandle);
exit;
end;
isOK:=process32next(ProcessHandle,ProcessStruct);
end;
CloseHandle(ProcessHandle);
end;
end.
最后
以上就是文艺丝袜为你收集整理的获取任意进程的命令行参数的全部内容,希望文章能够帮你解决获取任意进程的命令行参数所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
发表评论 取消回复