ProcessOwner(PID) {  ;-- 返回给定进程ID的所有者
  /*	DESCRIPTION OF FUNCTION: -- ProcessOwner() --
  -------------------------------------------------------------------------------------
  Description  	:	Returns the Owner for a given Process ID. To make it fully functional, one needs to call SetDebugPrivilege() prior to ProcessOwner()
  Link              	:	https://autohotkey.com/board/topic/7984-ahk-functions-incache-cache-list-of-recent-items/page-8
                            	http://www.autohotkey.com/forum/viewtopic.php?p=232199#232199
  Author         	:	SKAN
                            	Sincere thanks to Sean, for pointing out the method and for providing half the code
                                	- http://www.autohotkey.com/forum/viewtopic.php?p=232247#232247
                                	- http://www.autohotkey.com/forum/viewtopic.php?t=18438
                Nibu Thomas : How to get name of owner of a process?
                                	 - https://nibuthomas.wordpress.com/2008/01/08/how-to-get-name-of-owner-of-a-process/
  Date             	:	--
  AHK-Version	:	AHK_L
  License         	:	--
  Syntax          	:	ProcessOwner(ProcessID)
  Parameter(s)	:	--
  Return value	:	string with name of the owner
  Reference     	:	* CodeProject: How To Get Process Owner ID and Current User SID
                                	- http://www.codeproject.com/KB/cs/processownersid.aspx
                * MSDN: GetTokenInformation(),  LookupAccountSid()
                  - https://msdn.microsoft.com/en-us/library/aa446671%28VS.85%29.aspx
                  - https://msdn.microsoft.com/en-us/library/aa379166%28VS.85%29.aspx
  Remark(s)    	:
  Dependencies	:	none
  KeyWords    	:	string,formatting
  -------------------------------------------------------------------------------------
  |	EXAMPLE(s)
  -------------------------------------------------------------------------------------
  ; SetDebugPrivilege() ; www.autohotkey.com/forum/viewtopic.php?p=232199#232199
  Process Exist, svchost.exe
  PID := ErrorLevel
  MsgBox, % ProcessOwner( PID )
  */

   ; PROCESS_QUERY_INFORMATION=0x400, TOKEN_READ:=0x20008, TokenUser:=0x1
   hProcess := DllCall( "OpenProcess", UInt,0x400,Int,0,UInt,PID )
   DllCall( "Advapi32.dll\OpenProcessToken", UInt,hProcess, UInt,0x20008, UIntP,Tok )
   DllCall( "Advapi32.dll\GetTokenInformation", UInt,Tok, UInt,0x1, Int,0, Int,0, UIntP,RL )
   VarSetCapacity( TI,RL,0 )
   DllCall( "Advapi32.dll\GetTokenInformation"
        , UInt,Tok, UInt,0x1, UInt,&TI, Int,RL, UIntP,RL ),           pSid := NumGet(TI)
   DllCall( "CloseHandle", UInt,hProcess ), DllCall( "CloseHandle", UInt,Tok )
   ; following code taken from www.autohotkey.com/forum/viewtopic.php?p=116487 - Author Sean
   DllCall( "Advapi32\LookupAccountSidA"
       , Str,"", UInt,pSid, UInt,0, UIntP,nSizeNM, UInt,0, UIntP,nSizeRD, UIntP,eUser )
   VarSetCapacity( sName,nSizeNM,0 ), VarSetCapacity( sRDmn,nSizeRD,0 )
   DllCall( "Advapi32\LookupAccountSidA"
    , Str,"", UInt,pSid, Str,sName, UIntP,nSizeNM, Str,sRDmn, UIntP,nSizeRD, UIntP,eUser )
   DllCall( "LocalFree", UInt,pSid )
Return sName
}

 

声明:站内资源为整理优化好的代码上传分享与学习研究,如果是开源代码基本都会标明出处,方便大家扩展学习路径。请不要恶意搬运,破坏站长辛苦整理维护的劳动成果。本站为爱好者分享站点,所有内容不作为商业行为。如若本站上传内容侵犯了原著者的合法权益,请联系我们进行删除下架。