Click here to Skip to main content
15,399,959 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
Hello

I have been searching for 5 hours trying to find away to get process info and startup info but failed to find any infomation on it.
C++
LPPROCESS_INFORMATION lpPI, LPSTARTUPINFO lpSI;
HANDLE proc = OpenProcess(PROCESS_ALL_ACCESS, false, GetProcID("cmd.exe"));

What i am trying to do is get a handle to cmd.exe and then get the Process Info and Statup info. I am just trying to learn the Windows API. I know i can get process info and startup info with CreateProcess but i want the info for a running process. because i don't need to start a process

What I have tried:

As stated i have been searching for awhile. and have come up empty handed.
Posted
Updated 5-Jan-22 6:17am
Comments
0x01AA 5-Jan-22 11:04am
   
As far as I know this is not possible.
WOLF 2018 5-Jan-22 11:06am
   
I believe NtQueryInformationProcess can get the first one but i am not sure on the startupinfo

https://docs.microsoft.com/en-us/windows/win32/api/winternl/nf-winternl-ntqueryinformationprocess
Richard MacCutchan 5-Jan-22 11:24am
   
Both functions GetProcessInformation and GetStartupInfo are documented under the link I provided below.
0x01AA 5-Jan-22 11:36am
   
GetProcessInformation: Still not convinced
GetStartupInfo : Can only be called by a process itself, but not from 'my' process to get this information from another process
Richard MacCutchan 5-Jan-22 11:38am
   
Well that sill answers the question.
0x01AA 5-Jan-22 11:39am
   
Nope, the questionis: How MyProcess can get that information from another running process
Richard MacCutchan 5-Jan-22 11:41am
   
So provide a better answer instead of whining about what I offered.
0x01AA 5-Jan-22 11:44am
   
You offered a google search without knowing wheter it works or not. Sorry remove your answer not to confuse people (you remember such a comment?)
WOLF 2018 5-Jan-22 11:42am
   
You see I am using NtCreateProcess to make a process and that does not have an option to get the startup info and process info
Richard MacCutchan 5-Jan-22 11:55am
   
In your question you use OpenProcess which returns a process handle.
WOLF 2018 5-Jan-22 11:57am
   
I use OpenPrcess because I can only get a Process handle from NtCreateProcess as far as i know
Richard MacCutchan 5-Jan-22 12:05pm
   
You should discuss with 0x01AA, he knows everything.
0x01AA 5-Jan-22 12:10pm
   
...better ;P
No sorry, but the link was really not the answer. Thumbs up, that you removed the answer.
Rick York 5-Jan-22 12:11pm
   
You are contradicting yourself. You stated you did not need to start the process and now you have stated you are calling NtCreateProcess. The answer to the question is considerably different depending on this point.

1 solution

There are a few ways you can do this. One is call OpenProcess and it requires a process identifier as an argument so you have to obtain that first. Generally speaking, that's what needs to happen : you first need get a process identifier and there are a few ways to go about that. If you can locate the process' window then you can get a handle to it and get the ID from that as one option. This page lists the functions available for doing this : Process and Thread Functions - Win32 apps | Microsoft Docs[^].
   
Comments
0x01AA 5-Jan-22 12:21pm
   
And now, please explain how to get LPPROCESS_INFORMATION and LPSTARTUPINFO with that handle...

Especally for void GetStartupInfo([out] LPSTARTUPINFOW lpStartupInfo); which seems to be only available for process internal itself.

Your answer is misleading.
Rick York 5-Jan-22 18:15pm
   
One can call GetProcessInformation : https://docs.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-getprocessinformation, with that handle. The startup information, for the most part, is available by calling various functions using the process' window handle, if it has one. STARTUPINFO is described at : https://docs.microsoft.com/en-us/windows/win32/api/processthreadsapi/ns-processthreadsapi-startupinfoa

Exactly what is misleading about that answer?

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900