''' Holds basic information about a process, used by NtQueryInformationProcess function Public Shared Function NtQueryInformationProcess( ByVal handle As IntPtr, ByVal processinformationclass As UInteger, ByRef ProcessInformation As Process_Basic_Information, ByVal ProcessInformationLength As Integer, ByRef ReturnLength As UInteger) As Integer ''' OUTPUT The amount of data that was written to the object passed in to the ProcessInformation parameter ''' The size of the ProcessInformation parameter ''' OUTPUT An instance of the Basic_Process_Information class that will be populated with information ''' The level of information to retrieve, 0 = basic ''' A handle to the process to get information for ''' Retrieves information about a specific process, returns 0 if operation was successful So here are the definitions for the APIs that this method makes use of and some constants I’ve declared.
Keep an eye on this blog for more details over the next couple of weeks. NET methods will be included in a class library (imaginatively named Cjwdev.WindowsAPI) that I will be releasing soon. Third thing to point out is that this method along with loads of others that wrap native Windows API functionality in easy to use. Second thing I should point out is that this method makes use of my NativeMemoryReader class, which you can get the source code for here: If you want to get the command line for a process not running under your own user account then you must be an administrator and on Windows 7 (and presumably Vista) you must do Run As Administrator.
My code has been tested on Windows XP 32 bit and Windows 7 64 bit.
I’m still working on parsing the PEB for the 64 bit versions of Windows but hopefully will have a 64 bit version up and running soon. The first thing I should point out is that this only works on either a 32 bit system or on a 64 bit system where your process and the process that you want to get the command line for are both 32 bit processes (running in WOW64 mode).
This gets the full command line that was used to start the process so it includes the path to the executable and any command line arguments / parameters specified. Basically this VB.NET code will get the command line for an external process, even if your application did not start that process (which is the limitation you have if you try using Process.StartInfo). String pathToExecutable = Environment.GetCommandLineArgs().Replace(".dll", ".I’ve been working on this for a few days and have finally got it doing what it is supposed to do, so thought I would post it here in case it helps someone else out. But after you publish it, you'll get the exe. Before you package the app as a single file bundle, you will get the dll. String basedir = AppContext.BaseDirectory Best I got now is: // This will give you the directory but not the assembly None of the above work if using net5.0 or net6.0 and publishing app as single-file bundle. Uri.UnescapeDataString((New System.UriBuilder(.CodeBase).Path)) Path.GetDirectoryName(Uri.UnescapeDataString((New System.UriBuilder(.CodeBase).Path))) The code for each is below the image using fully qualified names.
Unfortunately I can't figure out how to create a table here, so it's an image. This is the first post on google so I thought I'd post different ways that are available and how they compare.