a small crate let you can easily get tasklist and process information on windows
- based on
windows-rs
crate
- Process name,pid,parrentID,theradsID.
- Process start_time,exit_time,and CPU_time(including kernel time and user time).
- Process path and commandline params.
- Process SID and Domain/User.
- Process IO infomation , including all of
IO_COUNTERS
member. - Process memory information , including all of
PROCESS_MEMORY_COUNTERS
member. - Process handles information , use
GetProcessHandleCount
Api. - Process file infomation , use
GetFileVersionInfoExW
Api. - Check whether the process is running in the WOW64 environment.
- Iterate over all processes
remember some infomation need higher privilege in some specific windows versions
Get all process pid , process name and user .
use tasklist;
fn main(){
unsafe{
let tl = tasklist::Tasklist::new();
tasklist::enable_debug_priv();
for i in tl{
println!("{} {} {}",i.get_pid(),i.get_pname(),i.get_user());
}
}
}
Get all process name , pid , company name , file description.
use tasklist;
fn main(){
tasklist::enable_debug_priv();
for i in unsafe{tasklist::Tasklist::new()}{
let cpn = match i.get_file_info().get("CompanyName"){
Some(h)=>h.to_string(),
None=>"".to_string(),
};
let des = match i.get_file_info().get("FileDescription"){
Some(h)=>h.to_string(),
None=>"".to_string(),
};
println!("\t{} \t{} \t{} \t{}",i.get_pname(),i.get_pid(),cpn,des)
}
}
Add this to your Cargo.toml
:
[dependencies]
tasklist = "0.2.15"