|
|
|
|
#5
23.06.2010, 17:05
|
|||
|
|||
Решение найдено в интернете ) мало ли кому пригодится
Код:
{$APPTYPE CONSOLE}
program getcommline; uses windows;
// ported C program to Delphi. Returns exact command-line used in calling program, including command-line parms.
type
TUnicodeString = record
Length: ShortInt;
MaxLength: ShortInt;
Buffer: PWideChar;
end;
TProcessBasicInformation = record
ExitStatus: DWord;
PEBBaseAddress: Pointer;
AffinityMask: DWord;
BasePriority: DWord;
UniqueProcessID: Word;
ParentProcessID: DWord;
end;
function GetPEBAddress(inhandle: THandle): pointer;
type
NTQIP = procedure(ProcessHandle: THandle;
ProcessInformationClass: DWord;
ProcessInformation: Pointer;
ProcessInformationLength: DWord;
ReturnLength: Pointer); stdcall;
var
pbi: TProcessBasicInformation;
MyHandle: THandle;
myFunc: NTQIP;
begin
MyHandle := LoadLibrary('NTDLL.DLL');
if MyHandle <> 0 then
begin
myfunc := GetProcAddress(myHandle, 'NtQueryInformationProcess');
if @myfunc <> nil then
MyFunc(inhandle, 0, @pbi, sizeof(pbi), nil);
end;
FreeLibrary(Myhandle);
Result := pbi.PEBBaseAddress;
end;
function getcommandline(inproc: THandle): string;
var
myproc: THandle;
rtlUserProcAddress: Pointer;
PMBAddress: Pointer;
command_line: TUnicodeString;
command_line_contents: WideString;
outr: DWord;
begin
myproc := OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ,
false, inproc);
PMBAddress := GetPEBAddress(myproc);
ReadProcessMemory(myproc, Pointer(Longint(PMBAddress) + $10),
@rtlUserProcAddress, sizeof(Pointer), outr);
ReadProcessMemory(myproc, Pointer(Longint(rtlUserProcAddress) + $40),
@command_line, sizeof(command_line), outr);
SetLength(Command_Line_Contents, command_line.length);
ReadProcessMemory(myproc, command_Line.Buffer, @command_Line_contents[1],
command_line.length, outr);
CloseHandle(myproc);
Result := WideCharLenToString(PWideChar(command_Line_Contents),
command_line.length div 2);
end;
begin
writeln('This process invoked with: ');
writeln(GetCommandLine(GetCurrentProcessID));
readln;
end. |
Древовидный вид