How to Get a Process Handle in C by its Name?

Searching for a Process by Name and Retrieving Its Handle in C

In many cases, knowing the process name and retrieving its handle is essential for controlling and interacting with specific running applications. This becomes more important when dealing with processes that lack a graphical interface and cannot be located using window-based techniques. In such scenarios, the ability to retrieve a process handle by its name allows for direct manipulation and control of these applications.

To accomplish this in C , you can employ the following solution:

#include <cstdio>
#include <windows.h>
#include <tlhelp32.h>

int main(int, char *[])
{
    PROCESSENTRY32 entry;
    entry.dwSize = sizeof(PROCESSENTRY32);

    HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);

    if (Process32First(snapshot, &entry) == TRUE)
    {
        while (Process32Next(snapshot, &entry) == TRUE)
        {
            if (stricmp(entry.szExeFile, "target.exe") == 0)
            {
                HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, entry.th32ProcessID);

                // Do stuff...

                CloseHandle(hProcess);
            }
        }
    }

    CloseHandle(snapshot);

    return 0;
}

This code retrieves the handle of a process given its executable filename. It leverages the CreateToolhelp32Snapshot and Process32Next functions from the tlhelp32 library to enumerate and search through running processes. Upon locating the target process by comparing its executable name, it uses OpenProcess to obtain the process handle.

However, if you require access to the process using PROCESS_ALL_ACCESS, you might encounter access denied issues. To resolve this, you'll need to enable the SeDebugPrivilege privilege, which can be done through the AdjustTokenPrivileges API call. Here's a modified code that incorporates the necessary steps:

#include <cstdio>
#include <windows.h>
#include <tlhelp32.h>

void EnableDebugPriv()
{
    HANDLE hToken;
    LUID luid;
    TOKEN_PRIVILEGES tkp;

    OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken);

    LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid);

    tkp.PrivilegeCount = 1;
    tkp.Privileges[0].Luid = luid;
    tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

    AdjustTokenPrivileges(hToken, false, &tkp, sizeof(tkp), NULL, NULL);

    CloseHandle(hToken);
}

int main(int, char *[])
{
    EnableDebugPriv();

    PROCESSENTRY32 entry;
    entry.dwSize = sizeof(PROCESSENTRY32);

    HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);

    if (Process32First(snapshot, &entry) == TRUE)
    {
        while (Process32Next(snapshot, &entry) == TRUE)
        {
            if (stricmp(entry.szExeFile, "target.exe") == 0)
            {
                HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, entry.th32ProcessID);

                // Do stuff...

                CloseHandle(hProcess);
            }
        }
    }

    CloseHandle(snapshot);

    return 0;
}

By incorporating these approaches, you can effectively retrieve a process handle by its name and manipulate processes even without a graphical interface.

The above is the detailed content of How to Get a Process Handle in C by its Name?. For more information, please follow other related articles on the PHP Chinese website!