rcmaehl Posted June 20, 2023 Posted June 20, 2023 Hi all, I'm attempting to use _WinAPI_GetProcessCommandLine() on msedge.exe and it seems to no longer work. The code is as follows #RequireAdmin #include <Array.au3> #include <WinAPIProc.au3> Local $aArray Local $aAdjust Local $iSIHost = ProcessExists("msedge.exe") Local $sCommandline ; Enable "SeDebugPrivilege" privilege for obtain full access rights to another processes Local $hToken = _WinAPI_OpenProcessToken(BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY)) _WinAPI_AdjustTokenPrivileges($hToken, $SE_DEBUG_NAME, $SE_PRIVILEGE_ENABLED, $aAdjust) While True $aArray = _WinAPI_EnumChildProcess($iSIHost) If @error Then ContinueLoop For $iLoop = 0 To $aArray[0][0] $sCommandline = _WinAPI_GetProcessCommandLine($aArray[$iLoop][0]) MsgBox(0, $aArray[$iLoop][0], $sCommandline) Next _ArrayDisplay($aArray) ;MsgBox(0, "CMD", $sCommandline) _WinAPI_AdjustTokenPrivileges($hToken, $aAdjust, 0, $aAdjust) _WinAPI_CloseHandle($hToken) Exit 0 WEnd How to reproduce: Have Microsoft Edge Open Run the code Expected Results: Obtains Process Commandline Actual Results: Empty Variables Additional Information: I know for a fact that these processes do have a command line as tracked by Process Explorer. It just seems as if _WinAPI_GetProcessCommandLine is unable to obtain them. Oddly enough, the code works fine for other processes (e.g. Discord.exe). My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.My Projects WhyNotWin11Cisco Finesse, Github, IRC UDF, WindowEx UDF
Solution KaFu Posted June 20, 2023 Solution Posted June 20, 2023 (edited) Most likely related to x64, try #AutoIt3Wrapper_UseX64=y. Edit: RequireAdmin and Token stuff only required for system processes, normal non-Admin process and be accessed without it (as msedge.exe). expandcollapse popup#RequireAdmin #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_UseX64=y #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** #include <Array.au3> #include <WinAPIHObj.au3> #include <WinAPIProc.au3> Local $aAdjust, $aList = 0 ; Enable "SeDebugPrivilege" privilege for obtain full access rights to another processes Local $hToken = _WinAPI_OpenProcessToken(BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY)) _WinAPI_AdjustTokenPrivileges($hToken, $SE_DEBUG_NAME, $SE_PRIVILEGE_ENABLED, $aAdjust) ; Retrieve command-line arguments for all processes the system Local $iEnum = 0 If Not (@error Or @extended) Then $aList = ProcessList() Local $aList_CMD[$aList[0][0] + 1][3] $aList_CMD[0][0] = $aList[0][0] For $i = 1 To $aList[0][0] $aList_CMD[$i][0] = $aList[$i][0] $aList_CMD[$i][1] = $aList[$i][1] $aList_CMD[$i][2] = _WinAPI_GetProcessCommandLine($aList[$i][1]) If $aList_CMD[$i][2] Then $iEnum += 1 Next EndIf ; Enable SeDebugPrivilege privilege by default _WinAPI_AdjustTokenPrivileges($hToken, $aAdjust, 0, $aAdjust) _WinAPI_CloseHandle($hToken) _ArrayDisplay($aList_CMD, '_WinAPI_GetProcessCommandLine - ' & $iEnum) vs. #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_UseX64=y #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** #include <Array.au3> #include <WinAPIProc.au3> Local $iEnum = 0 Local $aList = ProcessList("msedge.exe") Local $aList_CMD[$aList[0][0] + 1][3] $aList_CMD[0][0] = $aList[0][0] For $i = 1 To $aList[0][0] $aList_CMD[$i][0] = $aList[$i][0] $aList_CMD[$i][1] = $aList[$i][1] $aList_CMD[$i][2] = _WinAPI_GetProcessCommandLine($aList[$i][1]) If $aList_CMD[$i][2] Then $iEnum += 1 Next _ArrayDisplay($aList_CMD, '_WinAPI_GetProcessCommandLine - ' & $iEnum) Edited June 20, 2023 by KaFu rcmaehl 1 OS: Win10-22H2 - 64bit - German, AutoIt Version: 3.3.16.1, AutoIt Editor: SciTE, Website: https://funk.eu AMT - Auto-Movie-Thumbnailer (2024-Oct-13) BIC - Batch-Image-Cropper (2023-Apr-01) COP - Color Picker (2009-May-21) DCS - Dynamic Cursor Selector (2024-Oct-13) HMW - Hide my Windows (2024-Oct-19) HRC - HotKey Resolution Changer (2012-May-16) ICU - Icon Configuration Utility (2018-Sep-16) SMF - Search my Files (2024-Oct-20) - THE file info and duplicates search tool SSD - Set Sound Device (2017-Sep-16)
rcmaehl Posted June 20, 2023 Author Posted June 20, 2023 6 hours ago, KaFu said: Most likely related to x64, try #AutoIt3Wrapper_UseX64=y. You're probably right. I'm not in front of my code currently to check but I remember that being an issue elsewhere. My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.My Projects WhyNotWin11Cisco Finesse, Github, IRC UDF, WindowEx UDF
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now