Alternatives to NtQueryInformationProcess to get commandline
https://stackoverflow.com/questions/10929745
-
13-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Hello I am using NtQueryInformationProcess() to retrieve the command line of current process (via the RTL_USER_PROCESS_PARAMETERS in the PEB returned by NtQueryInformationProcess()) on Windows 7.
But the problem is this The NtQueryInformationProcess function and the structures that it returns are internal to the operating system and subject to change from one release of Windows to another
So Please suggest some alternatives for the same to maintain the compatibility of application
Solution
For current process it is easy (in user mode), just use GetCommandLine. For a different process, you have to go outside the Win32 API:
WMI: Win32_Process.CommandLine
See also: The Old New Thing
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
