Process Listing Utility

spinny

2.63/5 (6 votes)

3 Nov 2010CPOL

339

A small utility to display some info on a running process

Download source files - 3 Kb

Introduction

This is a small utility for listing processes and show information about them. There are only two valid arguments:

-h - show help
-v - increase verbose level.
Available levels:
- 1 - PID and process name
- 2 - PID, process name and modules
- 3 - PID, process name, modules, base addresses, entry points and image sizes

The utility can be used as a reference for the following functions:

EnumProcesses()
OpenProcess()
EnumprocessModules()
GetModuleBaseName()
GetModuleInformation()

Only the source code is included in the download. This was developed using Devcpp, but it should compile fine with most any Windows C/C++ compiler. To create the utility, it must be linked against psapi.lib.

The source code is as follows:

C++

#include <stdio.h>
#include <windows.h>
#include <psapi.h>

#define PROCMAXCOUNT 4096

void ShowHelp(unsigned char *pname, int exitcode);

int main(int argc, char **argv)
{
    int aa,bb,mode=0;
    DWORD pIDs[PROCMAXCOUNT],pIDssz,pIDscount,Modssz,Modscount;
    HANDLE proch;
    HMODULE Mods[4096];
    unsigned char mbasename[MAX_PATH];
    MODULEINFO minfo;
    
    /* parse arguments: only valid -h for help -v for verbose. can be repeted 2x */
    for (aa=1;aa<argc;aa++) {
        if (!strcmp(argv[aa],"-v")) {
            mode++;
            if (mode>2) {
                ShowHelp(argv[0],1);}}
        else {
            if (strcmp(argv[aa],"-h")) {
                ShowHelp(argv[0],2);}
            else {
                ShowHelp(argv[0],3);}}}

    /* enumerate processes */
    if (EnumProcesses(pIDs,sizeof(pIDs),&pIDssz)==FALSE) {
        fprintf(stderr,"error enumerating processes\n");
        return 1;}

    /* show processes info */
    pIDscount=pIDssz/sizeof(DWORD);
    for (aa=0;aa<pIDscount;aa++) {

        /* open process */
        if (!(proch=OpenProcess(PROCESS_QUERY_INFORMATION|PROCESS_VM_READ,FALSE,pIDs[aa])))
            continue;
            
        /* enumerate modules */
        if (!EnumProcessModules(proch,Mods,sizeof(HMODULE)*4096,&Modssz)) {
            continue;}
        Modscount=Modssz/sizeof(DWORD);
        if ((mode>0)&&aa) {
            fprintf(stdout,"\n");}
            
        /* first module representes own process */
        if (!mode) {
            Modscount=1;}
        for (bb=0;bb<Modscount;bb++) {
            GetModuleBaseName(proch,Mods[bb],mbasename,MAX_PATH/sizeof(unsigned char));
            if (!bb) {
                fprintf(stdout,"%i - ",pIDs[aa]);}
            if (mode==2) {
                /* extract module information */
                if (!GetModuleInformation(proch,Mods[bb],&minfo,sizeof(MODULEINFO))) {
                    continue;}}
            fprintf(stdout,"%s%s%s",!bb?"":"\t",mbasename,mode==2?"\t":"\n");
            if (mode==2) {
                fprintf(stdout,"(Base: 0x%x, Entry: 0x%x, Size: %i)\n",
                        minfo.lpBaseOfDll,minfo.EntryPoint,minfo.SizeOfImage);}}}
    
    return 0;
}

/* show help andexit with exitcode */
void ShowHelp(unsigned char *pname,int exitcode)
{
    unsigned char *basename;
    
    /* figure out exe basename */
    basename=strrchr(pname,'\\');
    if (basename) {
        basename++;}
    else {
        basename=pname;}
        
    /* show help */
    fprintf(stderr,"usage:\n\
\t%s -h     - Show this\n\
\t%s -v     - Increase verbose level (0 to 2)\n\n\n\
verbose 1: PID + process name\n\
        2: PID + process name + modules names\n\
        3: PID + process name + modules names +\n\
           base address + entry point + image size\n",basename,basename);

    exit(exitcode);
}

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)