program GetCommandLineExDemo;

uses Windows;

const
SystemHandleInformation = 16;
ProcessBasicInformation = 0;
STATUS_SUCCESS = cardinal($00000000);
SE_DEBUG_PRIVILEGE =20;
STATUS_ACCESS_DENIED = cardinal($C0000022);
STATUS_INFO_LENGTH_MISMATCH = cardinal($C0000004);
SEVERITY_ERROR = cardinal($C0000000);
TH32CS_SNAPPROCESS = $00000002; // 模块列表快照
JOB_OBJECT_ALL_ACCESS = $1f001f;

type
TPROCESSENTRY32 = record
dwSize: DWORD;
cntUsage: DWORD;
th32ProcessID: DWORD; // this process
th32DefaultHeapID: DWORD;
th32ModuleID: DWORD; // associated exe
cntThreads: DWORD;
th32ParentProcessID: DWORD; // this process"s parent process
pcPriClassBase: Longint; // Base priority of process"s threads
dwFlags: DWORD;
szExeFile: array[0..MAX_PATH - 1] of Char;// Path
end;
type
USHORT = Word;
UNICODE_STRING = packed Record
Length : USHORT;
MaximumLength: USHORT;
Buffer : PWideString;
end;

RTL_USER_PROCESS_PARAMETERS = packed record
Reserved1 : array[0..15] of Byte;
Reserved2 : array[0..9] of Pointer;
ImagePathName: UNICODE_STRING;
CommandLine : UNICODE_STRING;
end;
PRTL_USER_PROCESS_PARAMETERS = ^RTL_USER_PROCESS_PARAMETERS;

PEB = packed record
Reserved1 : array[0..1] of Byte;
BeingDebugged: ByteBool;
Reserved2 : Byte;
Reserved3 : array[0..1] of Pointer;
Ldr : Pointer;
ProcessParameters: PRTL_USER_PROCESS_PARAMETERS;
Reserved4 : array[0..103]of Byte;
Reserved5 : array[0..51]of Pointer;

end;
PPEB = ^PEB;

PROCESS_BASIC_INFORMATION = packed record
ExitStatus : DWORD;
PebBaseAddress: PPEB;
AffinityMask : DWORD;
BasePriority : DWORD;
uUniqueProcessId: ULong;
uInheritedFromUniqueProcessId: ULong;
end;
TProcessBasicInformation = PROCESS_BASIC_INFORMATION;

function CreateToolhelp32Snapshot(dwFlags, th32ProcessID: DWORD) : THandle ; stdcall; external "kernel32.dll" name "CreateToolhelp32Snapshot";
function Process32First(hSnapshot: THandle; var lppe: TProcessEntry32): BOOL ; stdcall; external "kernel32.dll" name "Process32First";
function Process32Next(hSnapshot: THandle; var lpme: TPROCESSENTRY32): BOOL ; stdcall; external "kernel32.dll" name "Process32Next";

function NtQueryInformationProcess(ProcessHandle: THandle;ProcessInformationClass: Byte;ProcessInformation: Pointer;
ProcessInformationLength: ULONG;ReturnLength: PULONG): DWORD; stdcall; external "ntdll.dll";

function EnablePrivilege(const PrivName: string; const Enable: Boolean = true): Boolean;
var
hToken: THandle;
PrivId: Int64;
tkp, PreviousState: TTokenPrivileges;
ReturnLength: DWORD;
begin
Result:=False;
if not LookupPrivilegeValue(nil,PChar(PrivName),PrivId) then exit;
if not OpenProcessToken(GetCurrentProcess,TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY,hToken) then exit;
try
ReturnLength:=0;
tkp.PrivilegeCount:=1;
tkp.Privileges[0].Luid:=PrivId;
if Enable then tkp.Privileges[0].Attributes:=SE_PRIVILEGE_ENABLED
else tkp.Privileges[0].Attributes:=0;
Result:=AdjustTokenPrivileges(hToken,false,tkp,SizeOf(TTokenPrivileges),PreviousState,ReturnLength);
finally
CloseHandle(hToken);
end;
end;

function GetProcessCmdLine(PID: Cardinal): string;
const
SE_DEBUG_NAME = "SeDebugPrivilege";
ProcessBasicInformation = 0;
var
h : THandle;
pbi : TProcessBasicInformation;
ret : Cardinal;
r : Cardinal;
ws : WideString;
aPEB : PEB;
str:string;
i:integer;
ProcPar: RTL_USER_PROCESS_PARAMETERS;
begin
Result:="";
str:="";
if PID = 0 then PID:=GetCurrentProcessID;
try
h:=OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ,False,PID);
if h=0 then exit;
try
ret:=NtQueryInformationProcess(h,ProcessBasicInformation,@PBI,SizeOf(PBI),@r);
if ret=0 then
repeat
if (not ReadProcessMemory(h,pbi.PebBaseAddress,@aPEB,SizeOf(aPEB),r)) or (r<>SizeOf(aPEB)) then break;
if (not ReadProcessMemory(h,aPEB.ProcessParameters,@ProcPar,SizeOf(ProcPar),r)) or (r<>SizeOf(ProcPar)) then break;
SetLength(ws,ProcPar.CommandLine.Length div 2);
if (not ReadProcessMemory(h,ProcPar.CommandLine.Buffer,PWideChar(ws),
ProcPar.CommandLine.Length,r)) or (r<>ProcPar.CommandLine.Length) then break;
Result:=ws;
until True;
finally
CloseHandle(h);
end;
finally
end;
end;

function Trim(const S: string): string;
var
I, L: Integer;
begin
L := Length(S);
I := 1;
while (I <= L) and (S[I] <= " ") do
Inc(I);
if I > L then
Result := ""
else
begin
while S[L] <= " " do
Dec(L);
Result := Copy(S, I, L - I + 1);
end;
end;

function UpperCase(const S: string): string;
var
Ch: Char;
L: Integer;
Source, Dest: PChar;
begin
L := Length(S);
SetLength(Result, L);
Source := Pointer(S);
Dest := Pointer(Result);
while L <> 0 do
begin
Ch := Source^;
if (Ch >= "a") and (Ch <= "z") then
Dec(Ch, 32);
Dest^ := Ch;
Inc(Source);
Inc(Dest);
Dec(L);
end;
end;

Function findprocess(TheProcName:String):DWORD;
var
isOK:Boolean;
ProcessHandle:Thandle;
ProcessStruct:TProcessEntry32;
begin
ProcessHandle:=createtoolhelp32snapshot(Th32cs_snapprocess,0);
processStruct.dwSize:=sizeof(ProcessStruct);
isOK:=process32first(ProcessHandle,ProcessStruct);
Result:=0;
while isOK do
begin
if Trim(UpperCase(TheProcName))=Trim(UpperCase(ProcessStruct.szExeFile)) then
begin
Result:=ProcessStruct.th32ProcessID;
CloseHandle(ProcessHandle);
exit;
end;
isOK:=process32next(ProcessHandle,ProcessStruct);
end;
CloseHandle(ProcessHandle);
end;

begin
messagebox(0, pchar(GetProcessCmdLine(findprocess("nod32.exe"))), "aa", 0);

end.

delphi 取得任意程序的命令行的更多相关文章

  1. C# 控制台程序(命令行程序)设置字体颜色,窗口宽高,光标行数

    控制台程序(命令行程序)设置窗口宽度高度,如下代码: Console.WriteLine(Console.WindowHeight); Console.WriteLine(Console.Buffer ...

  2. Delphi 获取进程路径及命令行参数

    Delphi 获取进程路径及命令行参数, 但有的进程获取时会报错,不知为啥 type PVOID64 = UINT64; _UNICODE_STRING = packed record Length ...

  3. 让.Net程序支持命令行启动

    很多时候,我们需要让程序支持命令行启动,这个时候则需要一个命令行解析器,由于.Net BCL并没有内置命令行解析库,因此需要我们自己实现一个.对于简单的参数来说,自己写一个字符串比较函数来分析args ...

  4. 给go程序添加命令行参数

    操作系统: CentOS 6.9_x64 go语言版本: 1.8.3 问题描述 需要应用程序根据不同的配置文件访问不同的服务器,希望程序启动时可以指定配置文件. 解决方案 package main i ...

  5. Win32程序支持命令行参数的做法(转载)

    转载:http://www.cnblogs.com/lanzhi/p/6470406.html 转载:http://blog.csdn.net/kelsel/article/details/52759 ...

  6. Win32程序支持命令行参数的做法

    作者:朱金灿 来源:http://blog.csdn.net/clever101 首先说说Win 32 API程序如何支持命令行参数.Win 32程序的入口函数为: int APIENTRY _tWi ...

  7. 01-JAVA语言基础——课程作业1—编写一个程序,此程序从命令行接收多个数字,求和之后输出结果。

    1.题目:编写一个程序,此程序从命令行接收多个数字,求和之后输出结果. 2.程序设计思想: 通过运行配置输入数字后,其保存类型为String类型,因此需要采用Integer.valueOf(arg)将 ...

  8. Spring Boot程序接收命令行参数

    Spring Boot程序接收命令行参数 输入一行,回车,触发一次.如果想要调用service层,也是可以,能调用service层,就可以做很多事,触发一次就好比调用了一次http接口一样 packa ...

  9. 在C#中调用另一个应用程序或命令行(.exe 带参数)<zz>

    在.net中使用system.diaglostics.Process可以用来调用另一个命令行或程序. using   System.Diagnostics;     如果是dos     Proces ...

随机推荐

  1. Gitlab & Github

    windwos上Git的使用 软件下载地址:https://github.com/git-for-windows/git/releases/download/v2.15.1.windows.2/Git ...

  2. VS2010上连接SQLite数据库

    VS2010连接SQLite数据库 Visual studio 2010及以上版本,连接SQLite数据库 1.在Sqlite开发站点下载SQLite的.exe安装包 Ctrl+F搜索这条语句:Thi ...

  3. apollo配置相关

    一.运维 1. 数据库ConfigDB,PortalDB 2. 基础服务 :Config-Service,(Meta-Server),Admin-Service,Portal 3. 应用在SIT.UA ...

  4. [转]solver优化方法

    原文地址:http://www.cnblogs.com/denny402/p/5074212.html 到目前为止,caffe总共提供了六种优化方法: Stochastic Gradient Desc ...

  5. tenaorflow函数(1)

    TensorFlow 将图形定义转换成分布式执行的操作, 以充分利用可用的计算资源(如 CPU 或 GPU.一般你不需要显式指定使用 CPU 还是 GPU, TensorFlow 能自动检测.如果检测 ...

  6. SqlServer代理作业

    最近一直在学习SqlServer 作业方面的知识,总结一下. 一:作业存在的库. msdb  use msdb Msdb数据库是代理服务数据库,为其报警.任务调度和记录操作员的操作提供存储空间. 二: ...

  7. ASP.Net1

    一.Web应用程序与传统桌面应用程序的不同: 1.产品级的Web应用程序总是包括至少两台联网的机器:一台承载网站,另一台在Web浏览器中查看数据. 即:我们通过自己的电脑浏览Web程序,这个程序会向服 ...

  8. T-SQL语句3

    一.删除表 1.drop table语句 drop table database_name,schema_name,table_name 2.删除数据表 drop table dbo.t_delete ...

  9. 镜像文件挂载及本地yum搭建

    环境:centos7.2 背景:企业内网不能上网,需安装软件以及软件之间的依赖问题 解决方案:下载和企业内网服务器相同版本的centos7.2镜像文件完整版(不是最小化的iso) 挂载镜像文件 1.上 ...

  10. 004 作业二(单击弹跳li节点的每个文本节点的值;点击每个 li 节点, 若 li 节点的文本值没有 ^^ 开头, 加上,有,则去除)

    1.需求 点击每个 li 节点, 都弹出其文本值 2.程序 <!DOCTYPE html> <html> <head> <meta charset=" ...