您的位置: 首页  >  技术问答  >  通过PID查找进程名称

通过PID查找进程名称

分类: 技术问答 2022-09-14 11:10:26
问题描述:

我使用ctypes模块和WinAPI通过PID查找进程名称。 我一直在寻找this用C/C++编写的例子,它的工作原理除了我的szExeFile的大小对于每个进程都是0。我在使用这个API时错过了什么?为PROCESSENTRY32通过PID查找进程名称

def find_pid_with_name(process_name: str): 
    entry = PROCESSENTRY32() 
    entry.dwSize = sizeof(PROCESSENTRY32) 

    snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, None) 

    if Process32First(snapshot, byref(entry)) == TRUE: 
     while Process32Next(snapshot, byref(entry)) == TRUE: 
      print(libc.wcslen(entry.szExeFile)) 

    CloseHandle(snapshot)

我的结构定义:

MAX_PATH = 260 
class PROCESSENTRY32(Structure): 
    _fields_ = [ 
     ("dwSize", c_ulong), 
     ("cntUsage", c_ulong), 
     ("th32ProcessID", c_ulong), 
     ("th32DefaultHeapID", POINTER(c_ulong)), 
     ("th32ModuleId", c_ulong), 
     ("cntThreads", c_ulong), 
     ("th32ParentProcessID", c_ulong), 
     ("dwFlags", c_ulong), 
     ("szExeFile", c_wchar * MAX_PATH) 
    ]

而我的函数的定义:

CreateToolhelp32Snapshot = windll.kernel32.CreateToolhelp32Snapshot 
CreateToolhelp32Snapshot.argtypes = [c_ulong, POINTER(c_ulong)] 
CreateToolhelp32Snapshot.restype = c_ulong 

libc = CDLL("msvcrt") 
libc.wcslen.argtypes = [c_wchar_p] 

Process32First = windll.kernel32.Process32First 
Process32First.argtypes = [c_ulong, POINTER(PROCESSENTRY32)] 
Process32First.restype = c_ubyte 

Process32Next = windll.kernel32.Process32Next 
Process32Next.argtypes = [c_ulong, POINTER(PROCESSENTRY32)] 
Process32Next.restype = c_ubyte

见定义PROCESSENTRY32W

你的是缺少pcPriClassBase

("dwSize", c_ulong), 
("cntUsage", c_ulong), 
("th32ProcessID", c_ulong), 
("th32DefaultHeapID", POINTER(c_ulong)), 
("th32ModuleId", c_ulong), 
("cntThreads", c_ulong), 
("th32ParentProcessID", c_ulong), 
("pcPriClassBase" , c_long),<======= 
("dwFlags", c_ulong), 
("szExeFile", c_wchar * MAX_PATH)

也可以尝试FO返回类型和Arg型

Process32First.argtypes = [ c_void_p , POINTER(PROCESSENTRY32) ] 
Process32First.rettype = c_int 

Process32Next.argtypes = [ c_void_p , POINTER(PROCESSENTRY32) ] 
Process32Next.rettype = c_int

注意,在WinAPI的BOOLint宏,HANDLE以下是void*

C++源代码,你是一个宏使用缺少第一个条目。它应该使用一个do-while循环。你可以稍后处理。例如:

HANDLE handle = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); 
if (handle) 
{ 
    PROCESSENTRY32 process; 
    process.dwSize = sizeof(PROCESSENTRY32); 
    Process32First(handle, &process); 
    do 
    { 
     std::wcout << process.szExeFile << "\n"; 
    } while (Process32Next(handle, &process)); 
    CloseHandle(handle); 
}
+0

非常感谢你;并感谢您指出使用do-while循环。 – jacob

相关推荐