ProcessHandleToId() ?

delphi package - getting into other processes
Post Reply
Edix
Posts: 1
Joined: Sat Oct 08, 2005 7:02 am

ProcessHandleToId() ?

Post by Edix »

hi, I need ProcessHandleToId function but I don`t want use madRemote,
can anybody give me a hint how to do this?
iconic
Site Admin
Posts: 1064
Joined: Wed Jun 08, 2005 5:08 am

Post by iconic »

This thread is old, nonetheless....
I posted this on madCodeHook area some time ago, I wrote it so that u would not need madRemote to do such thing and make light-weight replacement without needing to include remote unit, try using search feature next time. It works identical to Kernel32.GetProcessId() found in XP and greater OS's but also works on NT OS's previous to XP so it's better. There's a Thread Handle to Thread ID function there too.

Code: Select all

type 
  PPROCESS_BASIC_INFORMATION = ^PROCESS_BASIC_INFORMATION; 
  PROCESS_BASIC_INFORMATION = packed record 
  ExitStatus:         DWORD; 
  PebBaseAddress:     Pointer; 
  AffinityMask:       DWORD; 
  BasePriority:       DWORD; 
  UniqueProcessId:    DWORD; 
  InheritedUniquePID: DWORD; 
 end; 

 PClientID = ^TClientID; 
 TClientID = packed record 
 UniqueProcess: DWORD; 
 UniqueThread:  DWORD; 
end; 

  PTHREAD_BASIC_INFORMATION = ^THREAD_BASIC_INFORMATION; 
  THREAD_BASIC_INFORMATION = packed record 
  ExitStatus:     DWORD; 
  TebBaseAddress: Pointer;    
  ClientId:       TClientID; 
  AffinityMask:   DWORD; 
  Priority:       DWORD; 
  BasePriority:   DWORD; 
 end; 

 TNtQueryInformationProcess = function(hProcess: THandle; 
                                       ProcessInformationClass: Integer; 
                                       var ProcessInformation; 
                                       ProcessInformationLength: Integer; 
                                       var ReturnLength: Integer): Integer; stdcall; 

  TNtQueryInformationThread = function(hThread: THandle; 
                                       ThreadInformationClass: Integer; 
                                       var ThreadInformation; 
                                       ThreadInformationLength: Integer; 
                                       var ReturnLength: Integer): Integer; stdcall; 


const 
  ProcessBasicInformation   = $00000000; 
  ThreadBasicInformation    = ProcessBasicInformation; 
  PROCESS_QUERY_INFORMATION = $00000400; 
  THREAD_QUERY_INFORMATION  = PROCESS_QUERY_INFORMATION shr 4; 
  NTDLL = 'NTDLL.dll'; 



function PHtoPID(const hProcess: THandle): Integer; stdcall; //ret -1 = fail 
var 
         status: Integer; 
            pbi: PROCESS_BASIC_INFORMATION; 
           hDup: THandle; 
NtQueryInformationProcess: TNtQueryInformationProcess; 
            ret: Integer; 
begin 
   result :=-1; 
    if (not DuplicateHandle(GetCurrentProcess(), 
                           hProcess, 
                           GetCurrentProcess(), 
                           @hDup, 
                           PROCESS_QUERY_INFORMATION, 
                           False, 
                           0)) then Exit; 
   @NtQueryInformationProcess := GetProcAddress(GetModuleHandleW(NTDLL), 'NtQueryInformationProcess'); 
  if @NtQueryInformationProcess = nil then 
  Exit; 
    ZeroMemory(@pbi, sizeof(pbi)); 
    status := NtQueryInformationProcess(hDup, 
                                       ProcessBasicInformation, 
                                       pbi, 
                                       sizeof(pbi), 
                                       ret); 
     CloseHandle(hDup); 
      if (status >= 0) then 
        result := pbi.UniqueProcessId; 
end; 


function THtoTID(const hThread: THandle): Integer; stdcall; //ret -1 = fail 
var 
    status: Integer; 
    tbi: THREAD_BASIC_INFORMATION; 
    hDup: THandle; 
    ret: Integer; 
    NtQueryInformationThread: TNtQueryInformationThread; 
begin 
   result :=-1; 
    if (not DuplicateHandle(GetCurrentProcess(), 
                           hThread, 
                           GetCurrentProcess(), 
                           @hDup, 
                           THREAD_QUERY_INFORMATION, 
                           False, 
                           0)) then Exit; 
     @NtQueryInformationThread := GetProcAddress(GetModuleHandleW(NTDLL), 'NtQueryInformationThread'); 
  if @NtQueryInformationThread  = nil then 
  Exit; 
    ZeroMemory(@tbi, sizeof(tbi)); 
    Status := NtQueryInformationThread(hDup, 
                                      ThreadBasicInformation, 
                                      tbi, 
                                      sizeof(tbi), 
                                      ret); 
    CloseHandle(hDup); 
     if (status >= 0) then 
       result := tbi.ClientId.UniqueThread; 
end; 

//* test it 

initialization 
 if ((GetVersion and $80000000)= 0) then 
 begin 
  Assert((DWORD(GetCurrentThreadId()) = DWORD(THtoTID(GetCurrentThread()))), 'THtoTID() Failure!'); 
 Assert((DWORD(GetCurrentProcessId()) = DWORD(PHtoPID(GetCurrentProcess()))), 'PHtoPID() Failure!'); 
 end; 
--Iconic
Post Reply