sanhen Posted September 17, 2008 Share Posted September 17, 2008 (edited) Func Processpath($Name) $strComputer = "." $wbemFlagReturnImmediately = 0x10 $wbemFlagForwardOnly = 0x20 $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2") $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Process WHERE Caption = '"&$Name&"'", "WQL", _ $wbemFlagReturnImmediately + $wbemFlagForwardOnly) For $objItem In $colItems If $objItem.ExecutablePath Then Return $objItem.ExecutablePath Next EndFunc MsgBox(64,"test",Procespath("hh.exe")) [ MsgBox(64,"test",Procespath("csrss.exe")) MsgBox(64,"test",Procespath("wmiprvse.exe")) Why processPath is empty ? Edited September 17, 2008 by sanhen Link to comment Share on other sites More sharing options...
BillLuvsU Posted September 17, 2008 Share Posted September 17, 2008 Community on Patrol where art though? [center][/center]Working on the next big thing.Currently Playing: Halo 4, League of LegendsXBL GT: iRememberYhslaw Link to comment Share on other sites More sharing options...
sanhen Posted September 17, 2008 Author Share Posted September 17, 2008 up Link to comment Share on other sites More sharing options...
Moderators SmOke_N Posted September 17, 2008 Moderators Share Posted September 17, 2008 In order for that to work, it has to be a running process. Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer. Link to comment Share on other sites More sharing options...
sanhen Posted September 17, 2008 Author Share Posted September 17, 2008 "csrss.exe" is running, But the process can not find the path Link to comment Share on other sites More sharing options...
Nahuel Posted September 17, 2008 Share Posted September 17, 2008 I've had that problem too. Some processes return an empty string. Like csrss.exe, alg.exe and some instances of svchost.exe Link to comment Share on other sites More sharing options...
sanhen Posted September 17, 2008 Author Share Posted September 17, 2008 The how to solve it? Link to comment Share on other sites More sharing options...
Moderators SmOke_N Posted September 17, 2008 Moderators Share Posted September 17, 2008 The how to solve it?You have to set your debug privileges when your exe/script runs. Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer. Link to comment Share on other sites More sharing options...
sanhen Posted September 17, 2008 Author Share Posted September 17, 2008 How settings debug privileges ? Link to comment Share on other sites More sharing options...
Moderators SmOke_N Posted September 17, 2008 Moderators Share Posted September 17, 2008 expandcollapse popup#include <winapi.au3> #Include <Security.au3> #include <Constants.au3> SetPrivilege("SeDebugPrivilege") MsgBox(0, 0, Processpath("csrss.exe")) Func Processpath($Name) $strComputer = "." $wbemFlagReturnImmediately = 0x10 $wbemFlagForwardOnly = 0x20 $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2") $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Process WHERE Caption = '"&$Name&"'", "WQL", _ $wbemFlagReturnImmediately + $wbemFlagForwardOnly) For $objItem In $colItems If $objItem.ExecutablePath Then Return $objItem.ExecutablePath Next EndFunc Func __Security__SetPrivilege($hToken, $sPrivilege, $fEnable) Local $pRequired, $tRequired, $iLUID, $iAttributes, $iCurrState, $pCurrState, $tCurrState, $iPrevState, $pPrevState, $tPrevState $iLUID = _Security__LookupPrivilegeValue("", $sPrivilege) If $iLUID = 0 Then Return SetError(-1, 0, False) $tCurrState = DllStructCreate( _tagTOKEN_PRIVILEGES(1) ) $pCurrState = DllStructGetPtr($tCurrState) $iCurrState = DllStructGetSize($tCurrState) $tPrevState = DllStructCreate( _tagTOKEN_PRIVILEGES(1) ) $pPrevState = DllStructGetPtr($tPrevState) $iPrevState = DllStructGetSize($tPrevState) $tRequired = DllStructCreate("int Data") $pRequired = DllStructGetPtr($tRequired) ; Get current privilege setting DllStructSetData($tCurrState, "PrivilegeCount", 1) DllStructSetData($tCurrState, "LowPart0", $iLUID) If Not _Security__AdjustTokenPrivileges($hToken, False, $pCurrState, $iCurrState, $pPrevState, $pRequired) Then Return SetError(-2, @error, False) EndIf ; Set privilege based on prior setting DllStructSetData($tPrevState, "PrivilegeCount", 1) DllStructSetData($tPrevState, "LowPart0", $iLUID) $iAttributes = DllStructGetData($tPrevState, "Attributes0") If $fEnable Then $iAttributes = BitOR($iAttributes, $SE_PRIVILEGE_ENABLED) Else $iAttributes = BitAND($iAttributes, BitNOT($SE_PRIVILEGE_ENABLED)) EndIf DllStructSetData($tPrevState, "Attributes0", $iAttributes) If Not _Security__AdjustTokenPrivileges($hToken, False, $pPrevState, $iPrevState, $pCurrState, $pRequired) Then Return SetError(-3, @error, False) EndIf Return SetError(0, 0, True) EndFunc ;==>_Security__SetPrivilege ; By engine Func SetPrivilege($vPrivilege, $fEnable = True) If IsArray($vPrivilege) Then Local $avPriv = $vPrivilege Else Local $avPriv[1] = [$vPrivilege] EndIf Local $hToken = _Security__OpenProcessToken( _WinAPI_GetCurrentProcess(), BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY) ) For $i = 0 To UBound($avPriv) - 1 __Security__SetPrivilege($hToken, $avPriv[$i], $fEnable) Next _WinAPI_CloseHandle($hToken) EndFunc Func _tagTOKEN_PRIVILEGES($iPrivilegeCount) If Not ( IsInt($iPrivilegeCount) And $iPrivilegeCount > 0 ) Then Return SetError(-1, 0, "") Local $tagTOKEN_PRIVILEGES = "dword PrivilegeCount;" For $i = 0 To $iPrivilegeCount - 1 $tagTOKEN_PRIVILEGES &= "dword LowPart" & $i & ";long HighPart" & $i & ";dword Attributes" & $i & ";" Next Return StringTrimRight($tagTOKEN_PRIVILEGES, 1) EndFunc Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer. Link to comment Share on other sites More sharing options...
PsaltyDS Posted September 17, 2008 Share Posted September 17, 2008 You have to set your debug privileges when your exe/script runs. Ooooh, coolness. MsgBox(64, "CSRSS.exe", "Path = " & Processpath("csrss.exe")) Func Processpath($Name) $strComputer = "." $wbemFlagReturnImmediately = 0x10 $wbemFlagForwardOnly = 0x20 $objWMIService = ObjGet("winmgmts:{authenticationLevel=pktPrivacy, (Debug)}\\" & $strComputer & "\root\CIMV2") $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Process WHERE Caption = '" & $Name & "'", "WQL", _ $wbemFlagReturnImmediately + $wbemFlagForwardOnly) For $objItem In $colItems If $objItem.ExecutablePath Then Return $objItem.ExecutablePath Next EndFunc ;==>Processpath I like that so much, I added it to _ProcessListProperties(). Thanks Smokey! >_< Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law Link to comment Share on other sites More sharing options...
PsaltyDS Posted September 17, 2008 Share Posted September 17, 2008 CODE#include <winapi.au3> #Include <Security.au3> #include <Constants.au3> SetPrivilege("SeDebugPrivilege") MsgBox(0, 0, Processpath("csrss.exe")) Func Processpath($Name) $strComputer = "." $wbemFlagReturnImmediately = 0x10 $wbemFlagForwardOnly = 0x20 $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2") $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Process WHERE Caption = '"&$Name&"'", "WQL", _ $wbemFlagReturnImmediately + $wbemFlagForwardOnly) For $objItem In $colItems If $objItem.ExecutablePath Then Return $objItem.ExecutablePath Next EndFunc Func __Security__SetPrivilege($hToken, $sPrivilege, $fEnable) Local $pRequired, $tRequired, $iLUID, $iAttributes, $iCurrState, $pCurrState, $tCurrState, $iPrevState, $pPrevState, $tPrevState $iLUID = _Security__LookupPrivilegeValue("", $sPrivilege) If $iLUID = 0 Then Return SetError(-1, 0, False) $tCurrState = DllStructCreate( _tagTOKEN_PRIVILEGES(1) ) $pCurrState = DllStructGetPtr($tCurrState) $iCurrState = DllStructGetSize($tCurrState) $tPrevState = DllStructCreate( _tagTOKEN_PRIVILEGES(1) ) $pPrevState = DllStructGetPtr($tPrevState) $iPrevState = DllStructGetSize($tPrevState) $tRequired = DllStructCreate("int Data") $pRequired = DllStructGetPtr($tRequired) ; Get current privilege setting DllStructSetData($tCurrState, "PrivilegeCount", 1) DllStructSetData($tCurrState, "LowPart0", $iLUID) If Not _Security__AdjustTokenPrivileges($hToken, False, $pCurrState, $iCurrState, $pPrevState, $pRequired) Then Return SetError(-2, @error, False) EndIf ; Set privilege based on prior setting DllStructSetData($tPrevState, "PrivilegeCount", 1) DllStructSetData($tPrevState, "LowPart0", $iLUID) $iAttributes = DllStructGetData($tPrevState, "Attributes0") If $fEnable Then $iAttributes = BitOR($iAttributes, $SE_PRIVILEGE_ENABLED) Else $iAttributes = BitAND($iAttributes, BitNOT($SE_PRIVILEGE_ENABLED)) EndIf DllStructSetData($tPrevState, "Attributes0", $iAttributes) If Not _Security__AdjustTokenPrivileges($hToken, False, $pPrevState, $iPrevState, $pCurrState, $pRequired) Then Return SetError(-3, @error, False) EndIf Return SetError(0, 0, True) EndFunc ;==>_Security__SetPrivilege ; By engine Func SetPrivilege($vPrivilege, $fEnable = True) If IsArray($vPrivilege) Then Local $avPriv = $vPrivilege Else Local $avPriv[1] = [$vPrivilege] EndIf Local $hToken = _Security__OpenProcessToken( _WinAPI_GetCurrentProcess(), BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY) ) For $i = 0 To UBound($avPriv) - 1 __Security__SetPrivilege($hToken, $avPriv[$i], $fEnable) Next _WinAPI_CloseHandle($hToken) EndFunc Func _tagTOKEN_PRIVILEGES($iPrivilegeCount) If Not ( IsInt($iPrivilegeCount) And $iPrivilegeCount > 0 ) Then Return SetError(-1, 0, "") Local $tagTOKEN_PRIVILEGES = "dword PrivilegeCount;" For $i = 0 To $iPrivilegeCount - 1 $tagTOKEN_PRIVILEGES &= "dword LowPart" & $i & ";long HighPart" & $i & ";dword Attributes" & $i & ";" Next Return StringTrimRight($tagTOKEN_PRIVILEGES, 1) EndFunc Sure, why use 11 lines of code when 70 or so will do...? Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law Link to comment Share on other sites More sharing options...
Moderators SmOke_N Posted September 17, 2008 Moderators Share Posted September 17, 2008 Sure, why use 11 lines of code when 70 or so will do...? Did you notice the new tag format done by engine? The $tagTOKEN_PRIVELEGES structs are incorrect, I just provided his fix to it. By doing that I had to mod some other things. Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer. Link to comment Share on other sites More sharing options...
PsaltyDS Posted September 17, 2008 Share Posted September 17, 2008 Did you notice the new tag format done by engine? The $tagTOKEN_PRIVELEGES structs are incorrect, I just provided his fix to it. By doing that I had to mod some other things.As usual, I completely missed that 'cause I was busy being a smart-ass. >_< Just declaring (Debug) in the initial WMI call still looks a heck of a lot easier though. Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law Link to comment Share on other sites More sharing options...
Moderators SmOke_N Posted September 17, 2008 Moderators Share Posted September 17, 2008 As usual, I completely missed that 'cause I was busy being a smart-ass. >_< Just declaring (Debug) in the initial WMI call still looks a heck of a lot easier though. I'm not aware of all the uses of WMI ... The "can's" and "can not's". To be honest, I stay away from WMI because it doesn't work for every PC if the permissions aren't preset or WMI isn't existent. Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer. Link to comment Share on other sites More sharing options...
sanhen Posted September 18, 2008 Author Share Posted September 18, 2008 Test success. Thank SmOke_N Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now