Page 1 of 1

ProcessHandleToId() ?

PostPosted: Sat Oct 08, 2005 7:04 am
by Edix
hi, I need ProcessHandleToId function but I don`t want use madRemote,
can anybody give me a hint how to do this?

PostPosted: Sun Feb 25, 2007 11:20 pm
by iconic
This thread is old, nonetheless....
I posted this on madCodeHook area some time ago, I wrote it so that u would not need madRemote to do such thing and make light-weight replacement without needing to include remote unit, try using search feature next time. It works identical to Kernel32.GetProcessId() found in XP and greater OS's but also works on NT OS's previous to XP so it's better. There's a Thread Handle to Thread ID function there too.

Code: Select all
type
  PPROCESS_BASIC_INFORMATION = ^PROCESS_BASIC_INFORMATION;
  PROCESS_BASIC_INFORMATION = packed record
  ExitStatus:         DWORD;
  PebBaseAddress:     Pointer;
  AffinityMask:       DWORD;
  BasePriority:       DWORD;
  UniqueProcessId:    DWORD;
  InheritedUniquePID: DWORD;
 end;

 PClientID = ^TClientID;
 TClientID = packed record
 UniqueProcess: DWORD;
 UniqueThread:  DWORD;
end;

  PTHREAD_BASIC_INFORMATION = ^THREAD_BASIC_INFORMATION;
  THREAD_BASIC_INFORMATION = packed record
  ExitStatus:     DWORD;
  TebBaseAddress: Pointer;   
  ClientId:       TClientID;
  AffinityMask:   DWORD;
  Priority:       DWORD;
  BasePriority:   DWORD;
 end;

 TNtQueryInformationProcess = function(hProcess: THandle;
                                       ProcessInformationClass: Integer;
                                       var ProcessInformation;
                                       ProcessInformationLength: Integer;
                                       var ReturnLength: Integer): Integer; stdcall;

  TNtQueryInformationThread = function(hThread: THandle;
                                       ThreadInformationClass: Integer;
                                       var ThreadInformation;
                                       ThreadInformationLength: Integer;
                                       var ReturnLength: Integer): Integer; stdcall;


const
  ProcessBasicInformation   = $00000000;
  ThreadBasicInformation    = ProcessBasicInformation;
  PROCESS_QUERY_INFORMATION = $00000400;
  THREAD_QUERY_INFORMATION  = PROCESS_QUERY_INFORMATION shr 4;
  NTDLL = 'NTDLL.dll';



function PHtoPID(const hProcess: THandle): Integer; stdcall; //ret -1 = fail
var
         status: Integer;
            pbi: PROCESS_BASIC_INFORMATION;
           hDup: THandle;
NtQueryInformationProcess: TNtQueryInformationProcess;
            ret: Integer;
begin
   result :=-1;
    if (not DuplicateHandle(GetCurrentProcess(),
                           hProcess,
                           GetCurrentProcess(),
                           @hDup,
                           PROCESS_QUERY_INFORMATION,
                           False,
                           0)) then Exit;
   @NtQueryInformationProcess := GetProcAddress(GetModuleHandleW(NTDLL), 'NtQueryInformationProcess');
  if @NtQueryInformationProcess = nil then
  Exit;
    ZeroMemory(@pbi, sizeof(pbi));
    status := NtQueryInformationProcess(hDup,
                                       ProcessBasicInformation,
                                       pbi,
                                       sizeof(pbi),
                                       ret);
     CloseHandle(hDup);
      if (status >= 0) then
        result := pbi.UniqueProcessId;
end;


function THtoTID(const hThread: THandle): Integer; stdcall; //ret -1 = fail
var
    status: Integer;
    tbi: THREAD_BASIC_INFORMATION;
    hDup: THandle;
    ret: Integer;
    NtQueryInformationThread: TNtQueryInformationThread;
begin
   result :=-1;
    if (not DuplicateHandle(GetCurrentProcess(),
                           hThread,
                           GetCurrentProcess(),
                           @hDup,
                           THREAD_QUERY_INFORMATION,
                           False,
                           0)) then Exit;
     @NtQueryInformationThread := GetProcAddress(GetModuleHandleW(NTDLL), 'NtQueryInformationThread');
  if @NtQueryInformationThread  = nil then
  Exit;
    ZeroMemory(@tbi, sizeof(tbi));
    Status := NtQueryInformationThread(hDup,
                                      ThreadBasicInformation,
                                      tbi,
                                      sizeof(tbi),
                                      ret);
    CloseHandle(hDup);
     if (status >= 0) then
       result := tbi.ClientId.UniqueThread;
end;

//* test it

initialization
 if ((GetVersion and $80000000)= 0) then
 begin
  Assert((DWORD(GetCurrentThreadId()) = DWORD(THtoTID(GetCurrentThread()))), 'THtoTID() Failure!');
 Assert((DWORD(GetCurrentProcessId()) = DWORD(PHtoPID(GetCurrentProcess()))), 'PHtoPID() Failure!');
 end;


--Iconic