Function Reference


_WinAPI_GetProcessCommandLine

Retrieves the command-line string for the specified process

#include <WinAPIProc.au3>
_WinAPI_GetProcessCommandLine ( [$iPID = 0] )

Parameters

$iPID [optional] The PID of the process. Default (0) is the current process.

Return Value

Success: The command-line string.
Failure: Empty string and sets the @error flag to non-zero.

Remarks

This function uses undocumented API functions and may stop working properly in future versions of Windows.

Using this function for some processes may require full access rights. Use _WinAPI_AdjustTokenPrivileges()
function to enable $SE_DEBUG_NAME privilege before calling this function.

Related

_WinAPI_AdjustTokenPrivileges

Example

#RequireAdmin

#include <Array.au3>
#include <WinAPIHObj.au3>
#include <WinAPIProc.au3>

Local $aAdjust, $aList = 0

; Enable "SeDebugPrivilege" privilege for obtain full access rights to another processes
Local $hToken = _WinAPI_OpenProcessToken(BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY))

_WinAPI_AdjustTokenPrivileges($hToken, $SE_DEBUG_NAME, $SE_PRIVILEGE_ENABLED, $aAdjust)

; Retrieve command-line arguments for all processes the system
If Not (@error Or @extended) Then
    $aList = ProcessList()
    For $i = 1 To $aList[0][0]
        $aList[$i][1] = _WinAPI_GetProcessCommandLine($aList[$i][1])
    Next
EndIf

; Enable SeDebugPrivilege privilege by default
_WinAPI_AdjustTokenPrivileges($hToken, $aAdjust, 0, $aAdjust)
_WinAPI_CloseHandle($hToken)

_ArrayDisplay($aList, '_WinAPI_GetProcessCommandLine')