CODEWITHSUNDEEP
c++winapi
a7md0
a7md0

Reputation: 447

How to know the executable name that launches an application?

How can you determine the executable that launches an application with C++?

For example: my application name is (a.exe) and there is another application named (b.exe). How can I know when a.exe has been launched with b.exe or not?

Upvotes: 0

Views: 412

Answers (1)

a7md0
a7md0

Reputation: 447

I found a way to do this, thanks Wimmel.

To get the Process Id you can use GetParentProcessId(). And you will need this function:

ULONG_PTR GetParentProcessId() // By Napalm @ NetCore2K
{
    ULONG_PTR pbi[6];
    ULONG ulSize = 0;
    LONG (WINAPI *NtQueryInformationProcess)(HANDLE ProcessHandle, ULONG ProcessInformationClass,
    PVOID ProcessInformation, ULONG ProcessInformationLength, PULONG ReturnLength); 
    *(FARPROC *)&NtQueryInformationProcess = 
    GetProcAddress(LoadLibraryA("NTDLL.DLL"), "NtQueryInformationProcess");
    if(NtQueryInformationProcess){
        if(NtQueryInformationProcess(GetCurrentProcess(), 0, &pbi, sizeof(pbi), &ulSize) >= 0 && ulSize == sizeof(pbi))
            return pbi[5];
    }
    return (ULONG_PTR)-1;
}

to get the Process Name from Process Id ProcessName(GetParentProcessId()).

And then you will need this function:

char* ProcessName(int ProcessId){
    HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
    if(hSnapshot) {
        PROCESSENTRY32 pe32;
        pe32.dwSize = sizeof(PROCESSENTRY32);
        if(Process32First(hSnapshot,&pe32)) {
            do {
                int th32ProcessID = pe32.th32ProcessID;
                if (th32ProcessID == ProcessId)
                    return pe32.szExeFile;
            } while(Process32Next(hSnapshot,&pe32));
         }
         CloseHandle(hSnapshot);
    }
    return 0;
}

Upvotes: 1

Related Questions