Enumerates a handles that belong to the specified process
#include <WinAPIProc.au3>
_WinAPI_EnumProcessHandles ( [$iPID = 0 [, $iType = 0]] )
| $iPID | [optional] The PID of the process. Default (0) is the current process. |
| $iType | [optional] The value associated with the type of the objects that should be enumerated. This value depends on the operating system. If this parameter is 0 (Default), all handles of the specified process will be enumerated. |
| Success: | The 2D array containing the following information: [0][0] - Number of rows in array (n) [0][i] - Unused [n][0] - Handle [n][1] - Type (depends on the operating system) [n][2] - Attributes [n][3] - Access |
| Failure: | Sets the @error flag to non-zero, @extended f lag may contain the NTSTATUS error code. |
Search ZwQuerySystemInformation in MSDN Library.
#include <Array.au3>
#include <ProcessConstants.au3>
#include <WinAPIHObj.au3>
#include <WinAPIProc.au3>
Global Const $PID = @AutoItPID
Local $hSource, $hTarget, $hObject
Local $aData = _WinAPI_EnumProcessHandles($PID)
If IsArray($aData) Then
$hTarget = _WinAPI_GetCurrentProcess()
$hSource = _WinAPI_OpenProcess($PROCESS_DUP_HANDLE, 0, $PID)
If $hSource Then
For $i = 1 To $aData[0][0]
$hObject = _WinAPI_DuplicateHandle($hSource, $aData[$i][0], $hTarget, 0, False, $DUPLICATE_SAME_ACCESS)
If Not @error Then
$aData[$i][1] = _WinAPI_GetObjectNameByHandle($hObject)
_WinAPI_CloseHandle($hObject)
EndIf
Next
EndIf
EndIf
_ArrayDisplay($aData, '_WinAPI_EnumProcessHandles', '', Default, Default, 'Handle|Type|Attributes|Access')