OldSchoolHack

Register / Login English

[Driver] pID per Processname auslesen

icon Thread: [Source] [Driver] pID per Processname auslesen

Join Date: Dec 2011

Posts: 97

User-Rating:

2 positive
0 negative
TEXT Code:
  1. #define INVALID_HANDLE_VALUE ((HANDLE)(LONG_PTR)-1)
  2.  
  3. HANDLE GetProcessIdByName(const char* cProcessName)
  4. {
  5. PEPROCESS PeProcess = PsGetCurrentProcess();
  6. HANDLE pID = INVALID_HANDLE_VALUE;
  7. NTSTATUS Status = STATUS_SUCCESS;
  8. PCHAR pProcessName = 0;
  9.  
  10. if (PeProcess != 0)
  11. {
  12. for (ULONG i = 0; i < PAGE_SIZE * 3; i++)
  13. {
  14. Status = PsLookupProcessByProcessId((HANDLE)i, &PeProcess);
  15.  
  16. if (Status != STATUS_SUCCESS)
  17. continue;
  18.  
  19. if (PeProcess <= 0)
  20. continue;
  21.  
  22. pProcessName = PsGetProcessImageFileName(PeProcess);
  23.  
  24. if (pProcessName)
  25. {
  26. if (!strncmp(cProcessName, pProcessName, strlen(cProcessName)))
  27. {
  28. pID = (HANDLE)i;
  29. break;
  30. }
  31. }
  32. }
  33. }
  34.  
  35. return pID;
  36. }


2 positive
0 negative
This post has been rated by:
SilverFire (Tue 19. Aug 2014, 21:54), KN4CK3R (Wed 20. Aug 2014, 20:21)