How do I get LPPROCESS_INFORMATION, LPSTARTUPINFO from running process

Question

0.00/5 (No votes)

See more:

Hello

I have been searching for 5 hours trying to find away to get process info and startup info but failed to find any infomation on it.

C++

LPPROCESS_INFORMATION lpPI, LPSTARTUPINFO lpSI;
HANDLE proc = OpenProcess(PROCESS_ALL_ACCESS, false, GetProcID("cmd.exe"));

What i am trying to do is get a handle to cmd.exe and then get the Process Info and Statup info. I am just trying to learn the Windows API. I know i can get process info and startup info with CreateProcess but i want the info for a running process. because i don't need to start a process

What I have tried:

As stated i have been searching for awhile. and have come up empty handed.

Posted 5-Jan-22 4:36am

WOLF 2018

Updated 5-Jan-22 6:17am

Add a Solution

Comments

0x01AA 5-Jan-22 11:04am

As far as I know this is not possible.

WOLF 2018 5-Jan-22 11:06am

I believe NtQueryInformationProcess can get the first one but i am not sure on the startupinfo

https://docs.microsoft.com/en-us/windows/win32/api/winternl/nf-winternl-ntqueryinformationprocess

Richard MacCutchan 5-Jan-22 11:24am

Both functions GetProcessInformation and GetStartupInfo are documented under the link I provided below.

0x01AA 5-Jan-22 11:36am

GetProcessInformation: Still not convinced
GetStartupInfo : Can only be called by a process itself, but not from 'my' process to get this information from another process

Richard MacCutchan 5-Jan-22 11:38am

Well that sill answers the question.

0x01AA 5-Jan-22 11:39am

Nope, the questionis: How MyProcess can get that information from another running process

Richard MacCutchan 5-Jan-22 11:41am

So provide a better answer instead of whining about what I offered.

0x01AA 5-Jan-22 11:44am

You offered a google search without knowing wheter it works or not. Sorry remove your answer not to confuse people (you remember such a comment?)

WOLF 2018 5-Jan-22 11:42am

You see I am using NtCreateProcess to make a process and that does not have an option to get the startup info and process info

Richard MacCutchan 5-Jan-22 11:55am

In your question you use OpenProcess which returns a process handle.

WOLF 2018 5-Jan-22 11:57am

I use OpenPrcess because I can only get a Process handle from NtCreateProcess as far as i know

Richard MacCutchan 5-Jan-22 12:05pm

You should discuss with 0x01AA, he knows everything.

0x01AA 5-Jan-22 12:10pm

...better ;P
No sorry, but the link was really not the answer. Thumbs up, that you removed the answer.

Rick York 5-Jan-22 12:11pm

You are contradicting yourself. You stated you did not need to start the process and now you have stated you are calling NtCreateProcess. The answer to the question is considerably different depending on this point.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Rick York · Accepted Answer · 2022-01-05T06:17:00

Solution 2

There are a few ways you can do this. One is call OpenProcess and it requires a process identifier as an argument so you have to obtain that first. Generally speaking, that's what needs to happen : you first need get a process identifier and there are a few ways to go about that. If you can locate the process' window then you can get a handle to it and get the ID from that as one option. This page lists the functions available for doing this : Process and Thread Functions - Win32 apps | Microsoft Docs[^].

Posted 5-Jan-22 6:17am

Rick York

Comments

0x01AA 5-Jan-22 12:21pm

And now, please explain how to get LPPROCESS_INFORMATION and LPSTARTUPINFO with that handle...

Especally for void GetStartupInfo([out] LPSTARTUPINFOW lpStartupInfo); which seems to be only available for process internal itself.

Your answer is misleading.

Rick York 5-Jan-22 18:15pm

One can call GetProcessInformation : https://docs.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-getprocessinformation, with that handle. The startup information, for the most part, is available by calling various functions using the process' window handle, if it has one. STARTUPINFO is described at : https://docs.microsoft.com/en-us/windows/win32/api/processthreadsapi/ns-processthreadsapi-startupinfoa

Exactly what is misleading about that answer?