我在做一个像app的taskmanager。对于windows,我可以得到所有的系统进程,现在我想获得进程的用户名。我得到的代码从网。
i am making a taskmanager like app. for windows,i can get all the system processes,now i want to get process's username.I got the code from net.
void enableDebugPrivileges() { HANDLE hcurrent=GetCurrentProcess(); HANDLE hToken; BOOL bret=OpenProcessToken(hcurrent,40,&hToken); LUID luid; bret=LookupPrivilegeValue(NULL,SE_LOAD_DRIVER_NAME, &luid); TOKEN_PRIVILEGES NewState,PreviousState; DWORD ReturnLength; NewState.PrivilegeCount =1; NewState.Privileges[0].Luid =luid; NewState.Privileges[0].Attributes=2; AdjustTokenPrivileges(hToken,FALSE,&NewState,28,&PreviousState,&ReturnLength); } char *GetProcessUsername(HANDLE *phProcess, BOOL bIncDomain) { static char sname[300]; HANDLE tok = 0; HANDLE hProcess; TOKEN_USER *ptu; DWORD nlen, dlen; char name[300], dom[300], tubuf[300], *pret = 0; int iUse; //if phProcess is NULL we get process handle of this //process. hProcess = phProcess?*phProcess:GetCurrentProcess(); //open the processes token if (!OpenProcessToken(hProcess,TOKEN_QUERY,&tok)) goto ert; //get the SID of the token ptu = (TOKEN_USER*)tubuf; if (!GetTokenInformation(tok,(TOKEN_INFORMATION_CLASS)1,ptu,300,&nlen)) goto ert; //get the account/domain name of the SID dlen = 300; nlen = 300; if (!LookupAccountSidA(0, ptu->User.Sid, name, &nlen, dom, &dlen, (PSID_NAME_USE)&iUse)) goto ert; //copy info to our static buffer if (dlen && bIncDomain) { strcpy(sname,dom); strcat(sname,""); strcat(sname,name); } else { strcpy(sname,name); } //set our return variable pret = sname; ert: if (tok) CloseHandle(tok); return pret; } int main(){ enableDebugPrivileges(); DWORD dwPID=3436; HANDLE hProcess_i = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwPID); printf("%s",GetProcessUsername(&hProcess_i,0)); }它适用于系统和curr。用户进程,但不是为网络服务和本地服务,我得到null string.please告诉我如何获得这些进程的用户名。 感谢。
Its working well for system and curr. user processes but not for NETWORK SERVICE and LOCAL SERVICES and i got null string.please tell how can i get usernames of these processes too. thanks.
推荐答案IIRC有一个单独的伪帐户叫LocalService,但它不在正常的安全系统你得到一个空字符串)。还有一个NetworkService帐户。
IIRC there's a separate pseudo account called LocalService, but its not in the normal security system (hence you get a null string). There's also a NetworkService account.
更多推荐
获取进程用户名c ++
发布评论