Jump to content

_ProcessGetOwner - Not Working Anymore..??

cypher175
 Share

Recommended Posts

cypher175 Universalist

cypher175

Posted
Posted

I used this code some time ago and it seemed to work ok, but now when i try to use it in a script it gives me these errors:

ERROR: _WinAPI_OpenProcess(): undefined function.

ERROR: _WinAPI_CloseHandle(): undefined function.

So I included

#Include <WinAPI.au3>

But now nothing even happens when I test this script..

What can you guys determine to be the problem that's preventing this script from working now..??

#include <Security.au3>
#include <Constants.au3>
#Include <WinAPI.au3>

 ConsoleWrite("Process explorer.exe is running under user: " & _ProcessGetOwner("explorer.exe") & @LF)
 
 
 Func _ProcessGetOwner($ivPID)
     $ivPID = ProcessExists($ivPID)
     If Not $ivPID Then Return(SetError(1, 0, 0))
     Local Const $TOKEN_READ = 0x00020000+0x0008; STANDARD_RIGHTS_READ+TOKEN_QUERY
     Local $hvProcess = _WinAPI_OpenProcess($PROCESS_QUERY_INFORMATION, False, $ivPID, False)
     Local $hvToken = _Security__OpenProcessToken($hvProcess, $TOKEN_READ)
     Local $bvSID = _Security__GetTokenInformation($hvToken, $TOKENOWNER)
     Local $avRet = DllStructCreate("ulong", DllStructGetPtr($bvSID))
     $avRet = _Security__SidToStringSid(DllStructGetData($avRet, 1))
     $avRet = _Security__LookupAccountSid($avRet)
     _WinAPI_CloseHandle($hvProcess)
     _WinAPI_CloseHandle($hvToken)
     If Not IsArray($avRet) Then Return(SetError(1, 0, ""))
     Return(SetError(0, $avRet[2], $avRet[0]))
 EndFunc
bo8ster Universalist

bo8ster

Posted
Posted

I checked the help file and it is documented correctly, I would check the release history.

I didn't look too hard at your issue as I am not familiar with all the functions but I did add #AutoIt3Wrapper_run_debug_mode=Y at the top and got the following output. I assuming $avRet is not an array. 

Line: @error-@extended: Line syntax
0001: 0-0: #include <Security.au3>
0002: 0-0: #include <Constants.au3>
0003: 0-0: #Include <WinAPI.au3>
0005: 0-0:  #AutoIt3Wrapper_run_debug_mode=Y
0007: 0-0:  ConsoleWrite("Process explorer.exe is running under user: " & _ProcessGetOwner("explorer.exe") & @LF)
0011: 0-0:      $ivPID = ProcessExists($ivPID)
0012: 0-0:      If Not $ivPID Then Return(SetError(1, 0, 0))
0013: 0-0:      Local Const $TOKEN_READ = 0x00020000+0x0008; STANDARD_RIGHTS_READ+TOKEN_QUERY
0014: 0-0:      Local $hvProcess = _WinAPI_OpenProcess($PROCESS_QUERY_INFORMATION, False, $ivPID, False)
0015: 0-0:      Local $hvToken = _Security__OpenProcessToken($hvProcess, $TOKEN_READ)
0016: 0-0:      Local $bvSID = _Security__GetTokenInformation($hvToken, $TOKENOWNER)
0017: 0-0:      Local $avRet = DllStructCreate("ulong", DllStructGetPtr($bvSID))
0018: 3-0:      $avRet = _Security__SidToStringSid(DllStructGetData($avRet, 1))
0019: -1-0:      $avRet = _Security__LookupAccountSid($avRet)
0020: -1-0:      _WinAPI_CloseHandle($hvProcess)
0021: 0-0:      _WinAPI_CloseHandle($hvToken)
0022: 0-0:      If Not IsArray($avRet) Then Return(SetError(1, 0, ""))
Process explorer.exe is running under user: 
0010: 0-0:  Func _ProcessGetOwner($ivPID)

Post your code because code says more then your words can. SciTe Debug mode - it's magic: #AutoIt3Wrapper_run_debug_mode=Y. Use Opt("MustDeclareVars", 1)[topic="84960"]Brett F's Learning To Script with AutoIt V3[/topic][topic="21048"]Valuater's AutoIt 1-2-3, Class... is now in Session[/topic]Contribution: [topic="87994"]Get SVN Rev Number[/topic], [topic="93527"]Control Handle under mouse[/topic], [topic="91966"]A Presentation using AutoIt[/topic], [topic="112756"]Log ConsoleWrite output in Scite[/topic]

Manko Prodigy

Manko

Posted
Posted

...or you could try mine...

_WinAPI_ProcessListOWNER_WTS()

You could easily change it to look for a process and only return that too...

...look in sig...

/Manko

Yes i rush things! (I sorta do small bursts inbetween doing nothing.) Things I have rushed and reRushed:* ProDLLer - Process manager - Unload viri modules (dll) and moore...* _WinAPI_ProcessListOWNER_WTS() - Get Processes owner list...* _WinAPI_GetCommandLineFromPID() - Get commandline of target process...* _WinAPI_ThreadsnProcesses() Much info if expanded - optional Indented "Parent/Child"-style Processlist. Moore to come... eventually...
cypher175 Universalist

cypher175

Posted
  • Author
Posted

So whats the difference between your code and the one that I provided Manko..??

Do you see where the problem is at all in the code that I provided.??

How would I modify your code Manko to only get the ProcessOwner of a single PID or process name..??

ProgAndy Universalist

ProgAndy

Posted
Posted

There's a problem in the Security.au3. I posted a bug report #1560

*GERMAN* [note: you are not allowed to remove author / modified info from my UDFs]My UDFs:[_SetImageBinaryToCtrl] [_TaskDialog] [AutoItObject] [Animated GIF (GDI+)] [ClipPut for Image] [FreeImage] [GDI32 UDFs] [GDIPlus Progressbar] [Hotkey-Selector] [Multiline Inputbox] [MySQL without ODBC] [RichEdit UDFs] [SpeechAPI Example] [WinHTTP]UDFs included in AutoIt: FTP_Ex (as FTPEx), _WinAPI_SetLayeredWindowAttributes

cypher175 Universalist

cypher175

Posted
  • Author
Posted

So is there anything that I can edit inside the Security.au3 to get the previously mentioned code to work properly..??

Or is there any other easier/simpler method/code to get a Processes Owner without using WMI..??

ProgAndy Universalist

ProgAndy

Posted
Posted

You could use the corrected funtions I posted in the bug report :( If you don't want to modify Security.au3, rename them and add them to your script.

*GERMAN* [note: you are not allowed to remove author / modified info from my UDFs]My UDFs:[_SetImageBinaryToCtrl] [_TaskDialog] [AutoItObject] [Animated GIF (GDI+)] [ClipPut for Image] [FreeImage] [GDI32 UDFs] [GDIPlus Progressbar] [Hotkey-Selector] [Multiline Inputbox] [MySQL without ODBC] [RichEdit UDFs] [SpeechAPI Example] [WinHTTP]UDFs included in AutoIt: FTP_Ex (as FTPEx), _WinAPI_SetLayeredWindowAttributes

Manko Prodigy

Manko

Posted
Posted

So whats the difference between your code and the one that I provided Manko..??

Do you see where the problem is at all in the code that I provided.??

How would I modify your code Manko to only get the ProcessOwner of a single PID or process name..??

I did the mods. Look in my thread...

Difference... It can give you info on all processes without admin rights...

/Manko

Yes i rush things! (I sorta do small bursts inbetween doing nothing.) Things I have rushed and reRushed:* ProDLLer - Process manager - Unload viri modules (dll) and moore...* _WinAPI_ProcessListOWNER_WTS() - Get Processes owner list...* _WinAPI_GetCommandLineFromPID() - Get commandline of target process...* _WinAPI_ThreadsnProcesses() Much info if expanded - optional Indented "Parent/Child"-style Processlist. Moore to come... eventually...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...