dongwen7423
2019-02-13 17:48 浏览 128

如何使流程所有者使用WMI请求

I try to receive the list of processes using go-ole library:


    package main

    import (
        "fmt"
        "github.com/go-ole/go-ole"
        "github.com/mattn/go-ole/oleutil"
    )


    func main() {
        ole.CoInitialize(0)
        defer ole.CoUninitialize()

        unknown, _ := oleutil.CreateObject("WbemScripting.SWbemLocator")
        defer unknown.Release()

        wmi, _ := unknown.QueryInterface(ole.IID_IDispatch)
        defer wmi.Release()

        serviceRaw, _ := oleutil.CallMethod(wmi, "ConnectServer")
        service := serviceRaw.ToIDispatch()
        defer service.Release()

        resultRaw, _ := oleutil.CallMethod(service, "ExecQuery", "SELECT * FROM Win32_Process")
        result := resultRaw.ToIDispatch()
        defer result.Release()

        countVar, _ := oleutil.GetProperty(result, "Count")
        count := int(countVar.Val)

        for i :=0; i < count; i++ {
            itemRaw, _ := oleutil.CallMethod(result, "ItemIndex", i)
            item := itemRaw.ToIDispatch()
            defer item.Release()

            processName, _ := oleutil.GetProperty(item, "Name")
            fmt.Println(processName.ToString())
        }
    }

but I cannot receive the owner of process, call method GetOwner

ownerRaw, _ := oleutil.CallMethod(item, "GetOwner")
fmt.Println(ownerRaw)

because GetOwner return value is int32


    uint32 GetOwner(
      [out] string User,
      [out] string Domain
    );

https://docs.microsoft.com/en-us/windows/desktop/cimwin32prov/getowner-method-in-class-win32-process

How it is possible to receive the owner as string for each process?

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

1条回答 默认 最新

  • doulun1666 doulun1666 2019-02-21 22:42

    It took me a while to figure this out.

    The GetOwner method is expecting you to pass two string parameters. These strings will contain the results of the method call.

    var user ole.VARIANT
    var domain ole.VARIANT
    res, err := oleutil.CallMethod(item, "GetOwner", &user, &domain)
    fmt.Printf("user: %v\tdomain: %v", user.ToString(), domain.ToString())
    

    To get the SID you do the same thing:

     var sid ole.VARIANT
     res, err := oleutil.CallMethod(item, "GetOwnerSid", &sid)
     fmt.Printf("sid: %v
    ", sid.ToString())
    

    Hope this helps.

    Sopwith

    点赞 评论 复制链接分享

相关推荐