I only have an hModule handle (from GetModuleHandle) and want to get the ProcessId (OpenProcess) from. Is there a way to do that?
Beste regards,
Nordwind
Beste regards,
Nordwind
did you read remarks section for GetModuleHandle help? hModule is only valid for your process
you want your process handle? use "GetCurrentProcess()" or "GetCurrentProcessId()" for pid
you want your process handle? use "GetCurrentProcess()" or "GetCurrentProcessId()" for pid
Thank you! But I use the API in my injected dll (no virus!!!). Could found another solution.
Best regards,
Nordwind
Best regards,
Nordwind
Hi Nordwind64
calling those functions from the remote dll will give you handles of the process that loaded that dll.
can you be more descriptive about what are you trying to do...
calling those functions from the remote dll will give you handles of the process that loaded that dll.
can you be more descriptive about what are you trying to do...
Hi.
Drizz, you're right. Now I use...
...to get some infos (exepath) about the process.
I'm about to write some little hackertools (which dlls/file are using by a prog, e.g.). A filemon like util. Nothing destructive!
Drizz, you're right. Now I use...
invoke CreateToolhelp32Snapshot,TH32CS_SNAPMODULE,0
push eax
mov hmodul.dwSize, sizeof MODULEENTRY32
invoke Module32First,eax,addr hmodul
pop eax
invoke CloseHandle,eax
...to get some infos (exepath) about the process.
I'm about to write some little hackertools (which dlls/file are using by a prog, e.g.). A filemon like util. Nothing destructive!
You might want to say "process tools" instead of "hacker tools", to avoid confusion. Sounds useful enough though, the sysinternals tools certainly make life easier...