python能否通过句柄得到外部程序的路径？

dailx

561759

发布于
2019-11-23

c++通过函数
GetWindowThreadProcessId CreateToolhelp32Snapshot 可以查到exe程序的路径，python如何查到？

c++

python 句柄表路径

阅读 3.6k

2 个回答

得票最新

dailx

561759

发布于
2019-11-23

✓ 已被采纳

def _win32_check_running_pid(self, pid):

    class PROCESSENTRY32(ctypes.Structure):
        _fields_ = [("dwSize", ctypes.c_ulong),
                    ("cntUsage", ctypes.c_ulong),
                    ("th32ProcessID", ctypes.c_ulong),
                    ("th32DefaultHeapID", ctypes.c_ulong),
                    ("th32ModuleID", ctypes.c_ulong),
                    ("cntThreads", ctypes.c_ulong),
                    ("th32ParentProcessID", ctypes.c_ulong),
                    ("pcPriClassBase", ctypes.c_ulong),
                    ("dwFlags", ctypes.c_ulong),
                    ("szExeFile", ctypes.c_char * 260)]# win64，这行代码如何改？
    CreateToolhelp32Snapshot = ctypes.windll.kernel32.CreateToolhelp32Snapshot
    Process32First = ctypes.windll.kernel32.Process32First
    Process32Next = ctypes.windll.kernel32.Process32Next
    CloseHandle = ctypes.windll.kernel32.CloseHandle
    TH32CS_SNAPPROCESS = 0x00000002  # win32 magic number
    hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)
    pe32 = PROCESSENTRY32()
    pe32.dwSize = ctypes.sizeof(PROCESSENTRY32)
    result = False
    if not Process32First(hProcessSnap, ctypes.byref(pe32)):
        _log.debug("Failed getting first process.")
        CloseHandle(hProcessSnap)
        return result
    while True:
        if pe32.th32ProcessID == pid:
            result = True
            break
        if not Process32Next(hProcessSnap, ctypes.byref(pe32)):
            break
    CloseHandle(hProcessSnap)
    return result
 网上找到一段代码，返回是bytes，转换总是乱码，怀疑是32位程序转换在win64出错

huisexiaochou

936369

发布于
2019-11-23

更新于
2019-11-23

#遍历process获取程序名
def win32_get_path(pid):

    class PROCESSENTRY32(ctypes.Structure):
        _fields_ = [("dwSize", ctypes.c_ulong),
                    ("cntUsage", ctypes.c_ulong),
                    ("th32ProcessID", ctypes.c_ulong),
                    ("th32DefaultHeapID", ctypes.c_void_p),
                    ("th32ModuleID", ctypes.c_ulong),
                    ("cntThreads", ctypes.c_ulong),
                    ("th32ParentProcessID", ctypes.c_ulong),
                    ("pcPriClassBase", ctypes.c_ulong),
                    ("dwFlags", ctypes.c_ulong),
                    ("szExeFile", ctypes.c_char * 260)]

    kernel32 = ctypes.windll.kernel32
    hProcessSnap = kernel32.CreateToolhelp32Snapshot(0x00000002, 0)
    pe32 = PROCESSENTRY32()
    pe32.dwSize = ctypes.sizeof(PROCESSENTRY32)
    ret = kernel32.Process32First(hProcessSnap, ctypes.byref(pe32))
    while ret:
        if pe32.th32ProcessID == pid:
            kernel32.CloseHandle(hProcessSnap)
            #如果要获取全路径 还要遍历module 
            return pe32.szExeFile.decode("gbk")

        ret = kernel32.Process32Next(hProcessSnap, ctypes.byref(pe32))

    kernel32.CloseHandle(hProcessSnap)

    ERROR_NO_MORE_FILES = 18
    err = kernel32.GetLastError()
    if err is not ERROR_NO_MORE_FILES:
        print("error %d" % err)

    return None
 
 #通过psapi获取全路径
def win32_get_path2(pid):

    def invalid_handle(handle):
        return handle == 0 or handle == -1

    kernel32 = ctypes.windll.kernel32
    psapi = ctypes.windll.psapi
    h_Process = kernel32.OpenProcess(0x0400, 0, pid)
    if invalid_handle(h_Process):
        print("error %d" % kernel32.GetLastError())
        return None
    path = (ctypes.c_char * 260)()
    psapi.GetModuleFileNameExA(h_Process, 0, path, 260)
    kernel32.CloseHandle(h_Process)
    return path.value.decode("gbk")

撰写回答

你尚未登录，登录后可以

和开发者交流问题的细节
关注并接收问题和回答的更新提醒
参与内容的编辑和改进，让解决方法与时俱进

推荐问题

python能否通过句柄得到外部程序的路径？

你尚未登录，登录后可以

c++模板类链表链接错误？

Qt中布局是否只有5种呢？

c++98环境循环单链表类的私有结构体与引用其的成员函数顺序问题？

这段代码为什么不能获取到数据？

头文件保护为什么报warring?

字节的 trae AI IDE 不支持类似 vscode 的 ssh remote 远程开发怎么办？

请问一下，如何理解reduce函数呢？