Getting a processhandle

**Eddie Dean** · 04-12-2006

I made a code to get the processhandle of an application, but it won't work. It always outputs 0x30, no matter what application I'm checking the handle for.

I'll paste the code below:

Code:

    PROCESSENTRY32 ProcessStruct;
    ProcessStruct.dwSize = sizeof(PROCESSENTRY32);
    //Making a snapshot and checking for error
    HANDLE hProcessSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0);
    if(hProcessSnapshot == INVALID_HANDLE_VALUE)
    {
                        cout << "error1 at making snapshot";
// Something went wrong at making a snapshot
// todo: Making some code if error
         return 0;
    }       
    Process32First(hProcessSnapshot, &ProcessStruct);
    

	if(Process32First(hProcessSnapshot, &ProcessStruct) == false)
	{
                                        cout << "error2 at making snapshot";
// Error,
// Todo: error handling
	}
	if(strcmp(ProcessStruct.szExeFile,"filename.exe") != 0)
	{
		while(true)
		{
		if(Process32Next(hProcessSnapshot, &ProcessStruct) == false)
		{
                                           cout << "error3 while looking for handle";
// Error handling
// todo!
			return 0;
		}
		if(strcmp(ProcessStruct.szExeFile, "filename.exe") == 0)
		{
            hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, ProcessStruct.th32ProcessID);
			break;
			return 0;
      }
	}   
}

This code will put the handle of a process in hProcess (I declared hProcess as HANDLE at the beginning of the program)

Of course you have to change filename.exe to the app you want the handle off.

That app has to be running, or it will give error3 while looking for handle.

I hope anyone can find my mistake, becouse I've been staring at this code for several days now without finding the problem

Thanks in advance
Eddie

**BobS0327** · 04-12-2006

Code:

#include <windows.h>
#include <tlhelp32.h>
#include <stdio.h>

BOOL ListAllModules(DWORD dwProcessID);

int main(int argc, char **argv )
{
    DWORD dwPriorityClass;
    HANDLE hProcess;
    PROCESSENTRY32 ProcessStruct;
    ProcessStruct.dwSize = sizeof(PROCESSENTRY32);
    //Making a snapshot and checking for error
    HANDLE hProcessSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0);
    if(hProcessSnapshot == INVALID_HANDLE_VALUE)
    {
        //  cout << "error1 at making snapshot";
        // Something went wrong at making a snapshot
        // todo: Making some code if error
        return 1;
    }
    // Set the size of the structure before using it.
    ProcessStruct.dwSize = sizeof( PROCESSENTRY32 );
    //Process32First(hProcessSnapshot, &ProcessStruct);
    if(Process32First(hProcessSnapshot, &ProcessStruct) == false)
    {
        // cout << "error2 at making snapshot";
        // Error,
        // Todo: error handling
        return 1;
    }
    // Now walk the snapshot of processes
    do
    {
        if(strcmp(ProcessStruct.szExeFile,argv[1]) != 0)
            continue;
        //while(true)
        //{
        //  if(Process32Next(hProcessSnapshot, &ProcessStruct) == false)
        //  {
        //      cout << "error3 while looking for handle";
        // Error handling
        // todo!
        //      return 0;
        //  }
        //  if(strcmp(ProcessStruct.szExeFile, "filename.exe") == 0)
        //  {
        hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, ProcessStruct.th32ProcessID);
        if( hProcess == NULL )
            printf( "OpenProcess failed\n" );
        else
        {
            dwPriorityClass = GetPriorityClass( hProcess );
            if( !dwPriorityClass )
            {
                printf( "GetPriorityClass failed\n" );
                CloseHandle( hProcess );
            }
            else
                printf( "Priority Class = %d\n", dwPriorityClass );   
            printf( "process ID = 0x%08X\n", ProcessStruct.th32ProcessID );
            printf( "thread count = %d\n",   ProcessStruct.cntThreads );
            printf( "parent process ID = 0x%08X\n", ProcessStruct.th32ParentProcessID );
            printf( "Priority Base = %d\n", ProcessStruct.pcPriClassBase );

        }
        ListAllModules( ProcessStruct.th32ProcessID );
    } while( Process32Next( hProcessSnapshot, &ProcessStruct ) );
    CloseHandle( hProcessSnapshot );          
    //      break;
    return 0;
}


BOOL ListAllModules(DWORD dwProcessID)
{
    HANDLE hModule = INVALID_HANDLE_VALUE;
    MODULEENTRY32 ModuleEntry;

    // Take a snapshot of all modules in the specified process.
    hModule = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwProcessID );
    if( hModule == INVALID_HANDLE_VALUE )
    {
        printf( "CreateToolhelp32Snapshot of modules failed\n" );
        return( FALSE );
    }
    ModuleEntry.dwSize = sizeof( MODULEENTRY32 );
    if( !Module32First( hModule, &ModuleEntry ) )
    {
        printf( "Module32First failed\n" );  
        CloseHandle( hModule );     
        return( FALSE );
    }
    // Walk the list of the process,
    do
    {
        printf( "\n\nName: %s\n", ModuleEntry.szModule );
        printf( "executable = %s\n", ModuleEntry.szExePath );
        printf( "process ID  = 0x%08X\n", ModuleEntry.th32ProcessID );
        printf( "base address = 0x%08X\n", (DWORD) ModuleEntry.modBaseAddr );
        printf( "base size = %d\n", ModuleEntry.modBaseSize );

    } while( Module32Next( hModule, &ModuleEntry ) );

    CloseHandle( hModule );
    return( TRUE );
}

**Eddie Dean** · 04-12-2006

Thanks a lot!

If I compile this code I keep getting the windows error. "There has been an error while running Handle.exe. Tell microsoft about this problem blah blahblah"

Eddie

**BobS0327** · 04-13-2006

Unfortunately, there is very little error checking/correcting in the example. The example requires that the name of the executable module be entered on the command line. The error you are generating may be due to nothing entered on the command line.

For instance:

HANDLE.EXE test.exe

where HANDLE.EXE is the name of your compiled binary and test.exe is the name of the binary that you want to get process info for.

You'll have to add a lot of error checking/correcting code. Especially verifying that a module name has been entered on the command line.

**Eddie Dean** · 04-13-2006

Well... Thanks alot for helping me with this problem, but your answer wasn't really what I was looking for. I only want the handle of the process I specify within my code. My code will be like:

Code:

char ProcessName[20];
int GetHandle(char);

int main()
{
cout << "What program do you want the ProcessHandle off? (type in the *.exe file).";
cin >> ProcessName;
GetHandle(ProcessName);
cout << hProcess;
return 0;
}

GetHandle(char ProcessName)
{
// getting the processhandle of specified program and putting it into hProcess
return 0;
}

So, in other words, the code has to be lots simpler. All other program information is not needed. Just the handle.

PS: I just typed the code above without testing it and everything. Please don't correct errors in the above code, it was just meant to illustrate what I want.

Thanks in advance
Greetz, Eddy

**Eddie Dean** · 04-13-2006

Code:

#include <iostream>
#include <Tlhelp32.h>

using namespace std;

int main()
{
    HANDLE hSnap;
    HANDLE hProcess;    
    PROCESSENTRY32 ProcessStruct;
    ProcessStruct.dwSize = sizeof(PROCESSENTRY32);    
    hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);    
    Process32First(hSnap, &ProcessStruct);    
    if(strcmp(ProcessStruct.szExeFile, "iexplore.exe")!=0)
    {
         while(true)
         {
                    Process32Next(hSnap, &ProcessStruct);
                    if(strcmp(ProcessStruct.szExeFile, "iexplore.exe")==0)
                    {
                            hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, ProcessStruct.th32ProcessID);
                            CloseHandle(hProcess);
                            break;
                    }
          }
    }
    cout << hProcess << " Is de processhandle van iexplore.exe.";
    cin.get();
}

Is what I've got so far, but this code ALWAYS outputs 0x30, no matter what application I choose.

anyone knows what's the problem?

As you can see this code is much smaller as the code I started with, but the error remains the same

Thanks in advance,
Eddy

**SMurf** · 04-13-2006

Might have something to do with privileges, i.e. you don't have the right to get PROCESS_ALL_ACCESS. You would need to use AdjustTokenPrivileges in some way then.

**BobS0327** · 04-13-2006

Code:

#include <iostream>
#include <windows.h>
#include <stdio.h>
#include <Tlhelp32.h>

using namespace std;

int main(void)
{
    HANDLE hSnap = INVALID_HANDLE_VALUE;
    HANDLE hProcess = INVALID_HANDLE_VALUE;    
    PROCESSENTRY32 ProcessStruct;
    ProcessStruct.dwSize = sizeof(PROCESSENTRY32);    
    hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);    
    if(hSnap == INVALID_HANDLE_VALUE)
        return 1;
    if(Process32First(hSnap, &ProcessStruct) == FALSE)
        return 1;
    do
    {
        if(strcmp(strupr(ProcessStruct.szExeFile), "IEXPLORE.EXE")==0)
        {
            hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, ProcessStruct.th32ProcessID);
            cout << hProcess << " Is de processhandle van iexplore.exe.";
            cin.get();
            CloseHandle( hProcess );
            break;
        }
    } 
    while( Process32Next( hSnap, &ProcessStruct ) );
    CloseHandle( hSnap );  
    return 0;
}

**anonytmouse** · 04-13-2006

Is what I've got so far, but this code ALWAYS outputs 0x30, no matter what application I choose.

That doesn't mean it's wrong. The handle returned by OpenProcess is private to your application. That means, that when you call OpenProcess, you may get the first available handle value. The value of a handle has no meaning to applications, so should generally not be examined. If you want a global identifying value for a process, use the process id.

Thread: Getting a processhandle

Thread Tools

Search Thread

Display

Getting a processhandle