current process's exe name?

Posted on 1999-07-26
Medium Priority
Last Modified: 2013-12-03
I use hook to inject into other process space. When I'm in somebody's process space, how can I know current process's exe name?

At first, I use GetModuleFileName(NULL), but when the current process is 16 bits, I get "kernel32.dll" or other
values. Then I use toolhelp to enum all running processes, compare each process id with the return value of GetCurrentProcessID(), I get correct exe name. But this way is too slow, I need a faster way.

So, my question is:
1. Why GetModuleFileName(NULL) return a crazy value?
2. How can I get a faster way to do it?
Question by:fengtao2000
  • 2
  • 2
LVL 86

Expert Comment

ID: 1403670
Simply call 'GetCommandLine()', which will return the command line of the process in which your hook is executed. The first token in the command line will be the process' .exe name, followed by a blank (Note that if this name contains spaces, it's embraced in double quotes)

Author Comment

ID: 1403671
Your way is worked, but my question is in two parts. Please give me the answer of first question, and I'll give you points.
LVL 86

Accepted Solution

jkr earned 1200 total points
ID: 1403672
Ooops, sorry...

The problem is that 16bit processes simply are no Win32 modules (unless they're started using 'CREATE_SEPARATE_WOW_VDM'), thus all module handle related APIs return 'rubbish' - and when calling 'GetModuleFileName()' with a NULL argument, it calls 'GetModuleHandle()' internally, which returns an invalid module handle...

On NT, this is even a security hole, see http://www.ntshop.net/scripts/load.asp?iD=/security/screensaver1.htm

Author Comment

ID: 1403673
Ok, you are right. Thanks!

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

zlib is a free compression library (a DLL) on which the popular gzip utility is built.  In this article, we'll see how to use the zlib functions to compress and decompress data in memory; that is, without needing to use a temporary file.  We'll be c…
What my article will show is if you ever had to do processing to a listbox without being able to just select all the items in it. My software Visual Studio 2008 crystal report v11 My issue was I wanted to add crystal report to a form and show…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
Watch the video to know how one can repair corrupt Exchange OST file effortlessly and convert OST emails to MS Outlook PST file format by using Kernel for OST to PST converter tool. It can convert OST to MSG, MBOX, EML to access them. It can migrate…

600 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question