我尝试使用 go-ole 库接收进程列表:
package main
import (
"fmt"
"github.com/go-ole/go-ole"
"github.com/mattn/go-ole/oleutil"
)
func main() {
ole.CoInitialize(0)
defer ole.CoUninitialize()
unknown, _ := oleutil.CreateObject("WbemScripting.SWbemLocator")
defer unknown.Release()
wmi, _ := unknown.QueryInterface(ole.IID_IDispatch)
defer wmi.Release()
serviceRaw, _ := oleutil.CallMethod(wmi, "ConnectServer")
service := serviceRaw.ToIDispatch()
defer service.Release()
resultRaw, _ := oleutil.CallMethod(service, "ExecQuery", "SELECT * FROM Win32_Process")
result := resultRaw.ToIDispatch()
defer result.Release()
countVar, _ := oleutil.GetProperty(result, "Count")
count := int(countVar.Val)
for i :=0; i < count; i++ {
itemRaw, _ := oleutil.CallMethod(result, "ItemIndex", i)
item := itemRaw.ToIDispatch()
defer item.Release()
processName, _ := oleutil.GetProperty(item, "Name")
fmt.Println(processName.ToString())
}
}
但我无法收到流程的所有者,请调用方法 GetOwner
ownerRaw, _ := oleutil.CallMethod(item, "GetOwner")
fmt.Println(ownerRaw)
因为GetOwner返回值是int32
uint32 GetOwner(
[out] string User,
[out] string Domain
);
https://docs.microsoft.com/en-us/windows/desktop/cimwin32prov/getowner-method-in-class-win32-process
如何为每个进程以字符串形式接收所有者?
最佳答案
我花了一段时间才弄清楚这一点。
GetOwner方法期望您传递两个字符串参数。这些字符串将包含方法调用的结果。
var user ole.VARIANT
var domain ole.VARIANT
res, err := oleutil.CallMethod(item, "GetOwner", &user, &domain)
fmt.Printf("user: %v\tdomain: %v", user.ToString(), domain.ToString())
要获取SID,请执行以下操作:
var sid ole.VARIANT
res, err := oleutil.CallMethod(item, "GetOwnerSid", &sid)
fmt.Printf("sid: %v\n", sid.ToString())
希望这可以帮助。
Sopwith
关于go - 如何让流程所有者使用WMI请求,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/54676447/