BuilderSpec
Programmer
Hi
I am using C+ Builder 6 .
I am trying to get the username of a running process. I have my code below , essentially a Form , a timer and 2 buttons then this code you see below.
I have got as far as getting the process , Google says I need to call GetOwner method from the class Win32_Process . In C++ i am calling the GetMethod and then ExecMethod.
Look for the "// **************** Next line fails *********************" line and the line after is the one that is failing, i think to an incorrect parameter.
The preceding GetMethod I think is right , if I change the Method to one that I know doesn't exist then it fails which is a good sign. I think I have got my call ready to go , just need to call ExecMethod but I am tearing my hair with the parameters .
Can someone please have a look and see what I am doing wrong please ? I know the line after might not be right to actually get the name , I haven't got that far yet.
Cheers
Graham
//---------------------------------------------------------------------------
//#define _WIN32_WINNT 0x0400
#include <vcl.h>
#define _WIN32_DCOM
#include <windows.h>
#include <malloc.h>
#include <objbase.h>
#include <WbemCli.h>
#pragma hdrstop
#include "Unit1.h"
//---------------------------------------------------------------------------
#pragma package(smart_init)
#pragma resource "*.dfm"
TForm1 *Form1;
//---------------------------------------------------------------------------
__fastcall TForm1::TForm1(TComponent* Owner)
: TForm(Owner)
{
}
#define VT_NAME 0
#define VT_EXEPATH 1
#define VT_START 2
#define VT_ID 3
void __fastcall TForm1::Button1Click(TObject *Sender)
{
Memo1->Clear() ;
CoUninitialize();
HRESULT hr,hr2,hr3,hr4;
hr = CoInitializeEx(0, COINIT_MULTITHREADED);
if (FAILED(hr))
{
Memo1->Lines->Add("Failed to initialise COM library");
return;
}
hr=CoInitializeSecurity(NULL,
-1,
NULL,
NULL,
RPC_C_AUTHN_LEVEL_DEFAULT,
RPC_C_IMP_LEVEL_IMPERSONATE,
NULL,
EOAC_NONE,
NULL);
if (FAILED(hr))
{
Memo1->Lines->Add("Failed to initialise security");
CoUninitialize();
return;
}
IWbemLocator *pLoc =0;
hr=CoCreateInstance(CLSID_WbemLocator,0,CLSCTX_INPROC_SERVER,IID_IWbemLocator,(LPVOID *) &pLoc);
if (FAILED(hr))
{
Memo1->Lines->Add("Failed to create IWbemLocator object");
CoUninitialize();
return;
}
IWbemServices *pSvc = 0;
hr=pLoc->ConnectServer(BSTR(L"ROOT\\CIMV2"),
NULL,
NULL,
0,
NULL,
0,
0,
&pSvc);
if (FAILED(hr))
{
Memo1->Lines->Add("Failed to connect");
CoUninitialize();
return;
}
hr=CoSetProxyBlanket(pSvc,
RPC_C_AUTHN_WINNT,
RPC_C_AUTHZ_NONE,
NULL,
RPC_C_AUTHN_LEVEL_CALL,
RPC_C_IMP_LEVEL_IMPERSONATE,
NULL,
EOAC_NONE);
if (FAILED(hr))
{
Memo1->Lines->Add("Failed to set proxy blanket");
CoUninitialize();
return;
}
IEnumWbemClassObject * pEnum = NULL;
BSTR Language = SysAllocString(L"WQL");
BSTR Query = SysAllocString(L"select * from Win32_Process where ExecutablePath is not null");
hr=pSvc->ExecQuery(Language ,Query,
WBEM_FLAG_FORWARD_ONLY ,
NULL,&pEnum);
SysFreeString(Query);
SysFreeString(Language);
if (FAILED(hr))
{
Memo1->Lines->Add("Failed to query");
CoUninitialize();
return;
}
int pcs_found = 0;
//Sleep(1000);
//int i0;
TStringList *pl = new TStringList();
pl->Clear() ;
pl->Add("excel.exe");
pl->Add("bcb.exe");
pl->Add("outlook");
pl->Add("winword.exe");
while ( 1 )
{
IWbemClassObject * pclsObj = 0;
ULONG uReturn=0;
hr=pEnum->Next(0,1,&pclsObj,&uReturn);
if (uReturn == 0)
break;
pcs_found++;
char Owner[255];
VARIANT vt1[4];
hr=pclsObj->Get(L"ExecutablePath",0,&vt1[VT_EXEPATH],0,0);
hr2=pclsObj->Get(L"Name",0,&vt1[VT_NAME],0,0);
hr3=pclsObj->Get(L"CreationDate",0,&vt1[VT_START],0,0);
hr4=pclsObj->Get(L"Handle",0,&vt1[VT_ID],0,0);
IWbemClassObject* pOutParams = NULL;
IWbemClassObject* pInParams = NULL;
IWbemClassObject* pClass = NULL;
BSTR MethodName = SysAllocString(L"GetOwner");
BSTR ClassPath = SysAllocString(L"Win32_Process");
VARIANT userField;
userField.vt = VT_BSTR;
userField.bstrVal = L"";
// IWbemClassObject* pClassInstance = NULL;
// hr = pOutParams->SpawnInstance(0, &pClassInstance);
// hr = pClassInstance->Put(L"UserName", 0,&userField, 0);
hr = pSvc->GetObject(ClassPath , 0, NULL, &pClass, NULL);
hr = pClass->GetMethod(MethodName,0,NULL, &pOutParams);
// hr = pclsObj->GetMethod(MethodName,0,NULL,&pOutParams);
// if ( hr == WBEM_S_NO_ERROR ) ;
// if ( hr == WBEM_E_NOT_FOUND ) ShowMessage ( "Method not found");
// **************** Next line fails *********************
hr = pSvc->ExecMethod(ClassPath, MethodName, 0, NULL,
NULL, &pOutParams, NULL);
hr = pOutParams->Get(L"ReturnValue",0,&userField , NULL , 0 );
if (FAILED(hr)||FAILED(hr2)||FAILED(hr3)||FAILED(hr4))
{
break;
}
else
{
try
{
// AnsiString cl = vt1[VT_EXEPATH].bstrVal ;
// Memo2->Lines->Add ( cl );
AnsiString FullInfo = "";
FullInfo = "Process " + (AnsiString)vt1[VT_ID].bstrVal + " " + (AnsiString)vt1[VT_NAME].bstrVal;
try
{
FullInfo = FullInfo + " Exepath " + (AnsiString)vt1[VT_EXEPATH].bstrVal ;
}
catch(...)
{
FullInfo = FullInfo + "Exepath Unknown ";
}
try
{
FullInfo = FullInfo + " Started at " + vt1[VT_START].bstrVal ;
}
catch(...)
{
FullInfo = FullInfo + " Started Unknown ";
}
int i = 0;
while ( i < pl->Count )
{
if ( FullInfo.UpperCase().Pos(ChangeFileExt(pl->Strings.UpperCase(),".EXE") ) > 0 )
{
Memo1->Lines->Add ( DateTimeToStr(Now()) + " " + FullInfo );
}
i++;
}
}
catch(...)
{
}
}
pclsObj->Release() ;
}
pEnum->Release() ;
delete pl;
pLoc->Release() ;
pSvc->Release() ;
}
//---------------------------------------------------------------------------
//---------------------------------------------------------------------------
void __fastcall TForm1::Timer1Timer(TObject *Sender)
{
static long t = 0;
Timer1->Enabled = false;
Button1->Click() ;
t++;
Label1->Caption = IntToStr(t);
Application->ProcessMessages() ;
Timer1->Enabled = true;
}
//---------------------------------------------------------------------------
void __fastcall TForm1::Button2Click(TObject *Sender)
{
Timer1->Enabled = true;
}
//---------------------------------------------------------------------------
Hope this helps!
Regards
BuilderSpec
I am using C+ Builder 6 .
I am trying to get the username of a running process. I have my code below , essentially a Form , a timer and 2 buttons then this code you see below.
I have got as far as getting the process , Google says I need to call GetOwner method from the class Win32_Process . In C++ i am calling the GetMethod and then ExecMethod.
Look for the "// **************** Next line fails *********************" line and the line after is the one that is failing, i think to an incorrect parameter.
The preceding GetMethod I think is right , if I change the Method to one that I know doesn't exist then it fails which is a good sign. I think I have got my call ready to go , just need to call ExecMethod but I am tearing my hair with the parameters .
Can someone please have a look and see what I am doing wrong please ? I know the line after might not be right to actually get the name , I haven't got that far yet.
Cheers
Graham
//---------------------------------------------------------------------------
//#define _WIN32_WINNT 0x0400
#include <vcl.h>
#define _WIN32_DCOM
#include <windows.h>
#include <malloc.h>
#include <objbase.h>
#include <WbemCli.h>
#pragma hdrstop
#include "Unit1.h"
//---------------------------------------------------------------------------
#pragma package(smart_init)
#pragma resource "*.dfm"
TForm1 *Form1;
//---------------------------------------------------------------------------
__fastcall TForm1::TForm1(TComponent* Owner)
: TForm(Owner)
{
}
#define VT_NAME 0
#define VT_EXEPATH 1
#define VT_START 2
#define VT_ID 3
void __fastcall TForm1::Button1Click(TObject *Sender)
{
Memo1->Clear() ;
CoUninitialize();
HRESULT hr,hr2,hr3,hr4;
hr = CoInitializeEx(0, COINIT_MULTITHREADED);
if (FAILED(hr))
{
Memo1->Lines->Add("Failed to initialise COM library");
return;
}
hr=CoInitializeSecurity(NULL,
-1,
NULL,
NULL,
RPC_C_AUTHN_LEVEL_DEFAULT,
RPC_C_IMP_LEVEL_IMPERSONATE,
NULL,
EOAC_NONE,
NULL);
if (FAILED(hr))
{
Memo1->Lines->Add("Failed to initialise security");
CoUninitialize();
return;
}
IWbemLocator *pLoc =0;
hr=CoCreateInstance(CLSID_WbemLocator,0,CLSCTX_INPROC_SERVER,IID_IWbemLocator,(LPVOID *) &pLoc);
if (FAILED(hr))
{
Memo1->Lines->Add("Failed to create IWbemLocator object");
CoUninitialize();
return;
}
IWbemServices *pSvc = 0;
hr=pLoc->ConnectServer(BSTR(L"ROOT\\CIMV2"),
NULL,
NULL,
0,
NULL,
0,
0,
&pSvc);
if (FAILED(hr))
{
Memo1->Lines->Add("Failed to connect");
CoUninitialize();
return;
}
hr=CoSetProxyBlanket(pSvc,
RPC_C_AUTHN_WINNT,
RPC_C_AUTHZ_NONE,
NULL,
RPC_C_AUTHN_LEVEL_CALL,
RPC_C_IMP_LEVEL_IMPERSONATE,
NULL,
EOAC_NONE);
if (FAILED(hr))
{
Memo1->Lines->Add("Failed to set proxy blanket");
CoUninitialize();
return;
}
IEnumWbemClassObject * pEnum = NULL;
BSTR Language = SysAllocString(L"WQL");
BSTR Query = SysAllocString(L"select * from Win32_Process where ExecutablePath is not null");
hr=pSvc->ExecQuery(Language ,Query,
WBEM_FLAG_FORWARD_ONLY ,
NULL,&pEnum);
SysFreeString(Query);
SysFreeString(Language);
if (FAILED(hr))
{
Memo1->Lines->Add("Failed to query");
CoUninitialize();
return;
}
int pcs_found = 0;
//Sleep(1000);
//int i0;
TStringList *pl = new TStringList();
pl->Clear() ;
pl->Add("excel.exe");
pl->Add("bcb.exe");
pl->Add("outlook");
pl->Add("winword.exe");
while ( 1 )
{
IWbemClassObject * pclsObj = 0;
ULONG uReturn=0;
hr=pEnum->Next(0,1,&pclsObj,&uReturn);
if (uReturn == 0)
break;
pcs_found++;
char Owner[255];
VARIANT vt1[4];
hr=pclsObj->Get(L"ExecutablePath",0,&vt1[VT_EXEPATH],0,0);
hr2=pclsObj->Get(L"Name",0,&vt1[VT_NAME],0,0);
hr3=pclsObj->Get(L"CreationDate",0,&vt1[VT_START],0,0);
hr4=pclsObj->Get(L"Handle",0,&vt1[VT_ID],0,0);
IWbemClassObject* pOutParams = NULL;
IWbemClassObject* pInParams = NULL;
IWbemClassObject* pClass = NULL;
BSTR MethodName = SysAllocString(L"GetOwner");
BSTR ClassPath = SysAllocString(L"Win32_Process");
VARIANT userField;
userField.vt = VT_BSTR;
userField.bstrVal = L"";
// IWbemClassObject* pClassInstance = NULL;
// hr = pOutParams->SpawnInstance(0, &pClassInstance);
// hr = pClassInstance->Put(L"UserName", 0,&userField, 0);
hr = pSvc->GetObject(ClassPath , 0, NULL, &pClass, NULL);
hr = pClass->GetMethod(MethodName,0,NULL, &pOutParams);
// hr = pclsObj->GetMethod(MethodName,0,NULL,&pOutParams);
// if ( hr == WBEM_S_NO_ERROR ) ;
// if ( hr == WBEM_E_NOT_FOUND ) ShowMessage ( "Method not found");
// **************** Next line fails *********************
hr = pSvc->ExecMethod(ClassPath, MethodName, 0, NULL,
NULL, &pOutParams, NULL);
hr = pOutParams->Get(L"ReturnValue",0,&userField , NULL , 0 );
if (FAILED(hr)||FAILED(hr2)||FAILED(hr3)||FAILED(hr4))
{
break;
}
else
{
try
{
// AnsiString cl = vt1[VT_EXEPATH].bstrVal ;
// Memo2->Lines->Add ( cl );
AnsiString FullInfo = "";
FullInfo = "Process " + (AnsiString)vt1[VT_ID].bstrVal + " " + (AnsiString)vt1[VT_NAME].bstrVal;
try
{
FullInfo = FullInfo + " Exepath " + (AnsiString)vt1[VT_EXEPATH].bstrVal ;
}
catch(...)
{
FullInfo = FullInfo + "Exepath Unknown ";
}
try
{
FullInfo = FullInfo + " Started at " + vt1[VT_START].bstrVal ;
}
catch(...)
{
FullInfo = FullInfo + " Started Unknown ";
}
int i = 0;
while ( i < pl->Count )
{
if ( FullInfo.UpperCase().Pos(ChangeFileExt(pl->Strings.UpperCase(),".EXE") ) > 0 )
{
Memo1->Lines->Add ( DateTimeToStr(Now()) + " " + FullInfo );
}
i++;
}
}
catch(...)
{
}
}
pclsObj->Release() ;
}
pEnum->Release() ;
delete pl;
pLoc->Release() ;
pSvc->Release() ;
}
//---------------------------------------------------------------------------
//---------------------------------------------------------------------------
void __fastcall TForm1::Timer1Timer(TObject *Sender)
{
static long t = 0;
Timer1->Enabled = false;
Button1->Click() ;
t++;
Label1->Caption = IntToStr(t);
Application->ProcessMessages() ;
Timer1->Enabled = true;
}
//---------------------------------------------------------------------------
void __fastcall TForm1::Button2Click(TObject *Sender)
{
Timer1->Enabled = true;
}
//---------------------------------------------------------------------------
Hope this helps!
Regards
BuilderSpec
