本文整理汇总了C#中ProcessHandle.GetPebString方法的典型用法代码示例。如果您正苦于以下问题:C# ProcessHandle.GetPebString方法的具体用法?C# ProcessHandle.GetPebString怎么用?C# ProcessHandle.GetPebString使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类ProcessHandle
的用法示例。
在下文中一共展示了ProcessHandle.GetPebString方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: restartProcessMenuItem_Click
private void restartProcessMenuItem_Click(object sender, EventArgs e)
{
if (PhUtils.ShowConfirmMessage(
"restart",
"the selected process",
"The process will be restarted with the same command line and " +
"working directory, but if it is running under a different user it " +
"will be restarted under the current user.",
true
))
{
try
{
using (var phandle = new ProcessHandle(processSelectedPid,
Program.MinProcessQueryRights | Program.MinProcessReadMemoryRights))
{
string currentDirectory = phandle.GetPebString(PebOffset.CurrentDirectoryPath);
string cmdLine = phandle.GetPebString(PebOffset.CommandLine);
try
{
using (var phandle2 = new ProcessHandle(processSelectedPid, ProcessAccess.Terminate))
phandle2.Terminate();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to terminate the process", ex);
return;
}
try
{
var startupInfo = new StartupInfo();
var procInfo = new ProcessInformation();
startupInfo.Size = Marshal.SizeOf(startupInfo);
if (!Win32.CreateProcess(null, cmdLine, IntPtr.Zero, IntPtr.Zero, false, 0, IntPtr.Zero, currentDirectory,
ref startupInfo, out procInfo))
Win32.ThrowLastError();
Win32.CloseHandle(procInfo.ProcessHandle);
Win32.CloseHandle(procInfo.ThreadHandle);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to start the command '" + cmdLine + "'", ex);
}
}
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to restart the process", ex);
}
}
}
示例2: GetProcessDetailsText
private static string GetProcessDetailsText(int pid)
{
// This function returns a string containing details about a process.
// The string builder which will contain the result.
StringBuilder sb = new StringBuilder();
sb.AppendLine("Process PID " + pid.ToString() + ":");
sb.AppendLine();
try
{
using (var phandle = new ProcessHandle(pid, ProcessAccess.QueryLimitedInformation))
{
var fileName = phandle.GetImageFileName();
sb.AppendLine("Native file name: " + fileName);
fileName = FileUtils.GetFileName(fileName);
sb.AppendLine("DOS file name: " + fileName);
try
{
var fileInfo = FileVersionInfo.GetVersionInfo(fileName);
sb.AppendLine("Description: " + fileInfo.FileDescription);
sb.AppendLine("Company: " + fileInfo.CompanyName);
sb.AppendLine("Version: " + fileInfo.FileVersion);
}
catch (Exception ex2)
{
sb.AppendLine("Version info section failed! " + ex2.Message);
}
sb.AppendLine("Started: " + phandle.GetCreateTime().ToString());
var memoryInfo = phandle.GetMemoryStatistics();
sb.AppendLine("WS: " + Utils.FormatSize(memoryInfo.WorkingSetSize));
sb.AppendLine("Pagefile usage: " + Utils.FormatSize(memoryInfo.PagefileUsage));
}
}
catch (Exception ex)
{
sb.AppendLine("Basic info section failed! " + ex.Message);
}
try
{
using (var phandle = new ProcessHandle(pid, ProcessAccess.QueryLimitedInformation | ProcessAccess.VmRead))
{
var commandLine = phandle.GetCommandLine();
var currentDirectory = phandle.GetPebString(PebOffset.CurrentDirectoryPath);
sb.AppendLine("Command line: " + commandLine);
sb.AppendLine("Current directory: " + currentDirectory);
}
}
catch (Exception ex)
{
sb.AppendLine("PEB info section failed! " + ex.Message);
}
sb.AppendLine();
sb.AppendLine("Modules:");
sb.AppendLine();
try
{
using (var phandle = new ProcessHandle(pid, ProcessAccess.QueryLimitedInformation | ProcessAccess.VmRead))
{
foreach (var module in phandle.GetModules())
{
sb.AppendLine(module.FileName);
sb.Append(" [0x" + module.BaseAddress.ToInt32().ToString("x") + ", ");
sb.AppendLine(Utils.FormatSize(module.Size) + "] ");
sb.AppendLine(" Flags: " + module.Flags.ToString());
try
{
var fileInfo = FileVersionInfo.GetVersionInfo(module.FileName);
sb.AppendLine(" Description: " + fileInfo.FileDescription);
sb.AppendLine(" Company: " + fileInfo.CompanyName);
sb.AppendLine(" Version: " + fileInfo.FileVersion);
}
catch (Exception ex2)
{
sb.AppendLine(" Version info failed! " + ex2.Message);
}
sb.AppendLine();
}
}
}
catch (Exception ex)
{
sb.AppendLine("Modules section failed! " + ex.Message);
}
sb.AppendLine("Token:");
//.........这里部分代码省略.........
示例3: restartProcessMenuItem_Click
private void restartProcessMenuItem_Click(object sender, EventArgs e)
{
if (PhUtils.ShowConfirmMessage(
"restart",
"the selected process",
"The process will be restarted with the same command line and " +
"working directory, but if it is running under a different user it " +
"will be restarted under the current user.",
true
))
{
try
{
using (var phandle = new ProcessHandle(processSelectedPid,
Program.MinProcessQueryRights | Program.MinProcessReadMemoryRights))
{
string currentDirectory = phandle.GetPebString(PebOffset.CurrentDirectoryPath);
string cmdLine = phandle.GetPebString(PebOffset.CommandLine);
try
{
using (var phandle2 = new ProcessHandle(processSelectedPid, ProcessAccess.Terminate))
phandle2.Terminate();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to terminate the process", ex);
return;
}
try
{
ClientId cid;
ThreadHandle thandle;
ProcessHandle.CreateWin32(
null,
cmdLine,
false,
0,
EnvironmentBlock.Zero,
currentDirectory,
new StartupInfo(),
out cid,
out thandle
).Dispose();
thandle.Dispose();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to start the command '" + cmdLine + "'", ex);
}
}
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to restart the process", ex);
}
}
}
示例4: UpdateProcessProperties
//.........这里部分代码省略.........
{
labelProcessTypeValue.Text = phandle.IsWow64 ? "32-bit" : "64-bit";
}
}
catch (Exception ex)
{
labelProcessTypeValue.Text = "(" + ex.Message + ")";
}
}
if (_pid <= 0)
return;
if (_processItem.CmdLine != null)
textCmdLine.Text = _processItem.CmdLine.Replace("\0", string.Empty);
try
{
DateTime startTime = DateTime.FromFileTime(_processItem.Process.CreateTime);
textStartTime.Text = Utils.FormatRelativeDateTime(startTime) +
" (" + startTime.ToString() + ")";
}
catch (Exception ex)
{
textStartTime.Text = "(" + ex.Message + ")";
}
// The System process doesn't have a current directory or PEB address.
if (_pid > 4)
{
try
{
using (ProcessHandle phandle
= new ProcessHandle(_pid, Program.MinProcessQueryRights | Program.MinProcessReadMemoryRights))
{
fileCurrentDirectory.Text =
phandle.GetPebString(PebOffset.CurrentDirectoryPath);
}
fileCurrentDirectory.Enabled = true;
}
catch (Exception ex)
{
fileCurrentDirectory.Text = "(" + ex.Message + ")";
fileCurrentDirectory.Enabled = false;
}
try
{
using (ProcessHandle phandle = new ProcessHandle(_pid, Program.MinProcessQueryRights))
{
textPEBAddress.Text = Utils.FormatAddress(phandle.GetBasicInformation().PebBaseAddress);
}
}
catch (Exception ex)
{
textPEBAddress.Text = "(" + ex.Message + ")";
buttonInspectPEB.Enabled = false;
}
}
else
{
fileCurrentDirectory.Enabled = false;
buttonInspectPEB.Enabled = false;
}
if (_processItem.HasParent)
{
if (Program.ProcessProvider.Dictionary.ContainsKey(_processItem.ParentPid))
{
textParent.Text =
Program.ProcessProvider.Dictionary[_processItem.ParentPid].Name +
" (" + _processItem.ParentPid.ToString() + ")";
}
else
{
textParent.Text = "Non-existent Process (" + _processItem.ParentPid.ToString() + ")";
buttonInspectParent.Enabled = false;
}
}
else if (_processItem.ParentPid == -1)
{
// this process doesn't actually have a parent
textParent.Text = "No Parent Process";
buttonInspectParent.Enabled = false;
}
else
{
// This process had a parent and it's dead, but
// another running process has the same PID as
// its parent. We checked their creation times
// back in ProcessSystemProvider.cs.
textParent.Text = "Non-existent Process (" + _processItem.ParentPid.ToString() + ")";
buttonInspectParent.Enabled = false;
}
this.UpdateProtected();
this.UpdateDepStatus();
}
示例5: UpdateProcessProperties
//.........这里部分代码省略.........
try
{
using (ProcessHandle phandle = new ProcessHandle(_pid, Program.MinProcessQueryRights))
{
labelProcessTypeValue.Text = phandle.IsWow64() ? "32-bit" : "64-bit";
}
}
catch (Exception ex)
{
labelProcessTypeValue.Text = "(" + ex.Message + ")";
}
}
if (_pid <= 0)
return;
if (_processItem.CmdLine != null)
textCmdLine.Text = _processItem.CmdLine.Replace("\0", "");
try
{
DateTime startTime = DateTime.FromFileTime(_processItem.Process.CreateTime);
textStartTime.Text = Utils.FormatRelativeDateTime(startTime) +
" (" + startTime.ToString() + ")";
}
catch (Exception ex)
{
textStartTime.Text = "(" + ex.Message + ")";
}
if (_pid > 4)
{
try
{
using (ProcessHandle phandle
= new ProcessHandle(_pid, Program.MinProcessQueryRights | Program.MinProcessReadMemoryRights))
{
fileCurrentDirectory.Text =
phandle.GetPebString(PebOffset.CurrentDirectoryPath);
}
fileCurrentDirectory.Enabled = true;
}
catch (Exception ex)
{
fileCurrentDirectory.Text = "(" + ex.Message + ")";
fileCurrentDirectory.Enabled = false;
}
try
{
using (ProcessHandle phandle = new ProcessHandle(_pid, Program.MinProcessQueryRights))
{
textPEBAddress.Text = Utils.FormatAddress(phandle.GetBasicInformation().PebBaseAddress);
}
}
catch (Exception ex)
{
textPEBAddress.Text = "(" + ex.Message + ")";
buttonInspectPEB.Enabled = false;
}
}
else
{
fileCurrentDirectory.Enabled = false;
buttonInspectPEB.Enabled = false;
}
if (_processItem.HasParent)
{
if (Program.ProcessProvider.Dictionary.ContainsKey(_processItem.ParentPid))
{
textParent.Text =
Program.ProcessProvider.Dictionary[_processItem.ParentPid].Name +
" (" + _processItem.ParentPid.ToString() + ")";
}
else
{
textParent.Text = "Non-existent Process (" + _processItem.ParentPid.ToString() + ")";
buttonInspectParent.Enabled = false;
}
}
else if (_processItem.ParentPid == -1)
{
textParent.Text = "No Parent Process";
buttonInspectParent.Enabled = false;
}
else
{
textParent.Text = "Non-existent Process (" + _processItem.ParentPid.ToString() + ")";
buttonInspectParent.Enabled = false;
}
this.UpdateProtected();
this.UpdateDepStatus();
}