In case you still need it (after reading the comments), here's a piece of code that gets the conhost.exe processes. Please note that I only wrote it for demonstrative purposes (to check whether [MSDN]: Tool Help Functions can be used for this scenario), so don't mind its structure or other coding NO-NOs.
code.c:
#include <Windows.h>
#include <TlHelp32.h>
#include <stdio.h>
#include <conio.h>
#include <tchar.h>
int main(int argc, char **argv) {
DWORD pid = 0, i = 0, cPid = 0;
PROCESSENTRY32 pe32;
BOOL res = FALSE;
HANDLE snap = INVALID_HANDLE_VALUE, proc = INVALID_HANDLE_VALUE;
char c = 0;
if (argc > 1) {
pid = atoi(argv[1]);
} else {
pid = GetCurrentProcessId();
}
printf("PID: %d
", pid);
snap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, pid);
if (snap == INVALID_HANDLE_VALUE) {
printf("CreateToolhelp32Snapshot failed: %d
", GetLastError());
return -1;
}
pe32.dwSize = sizeof(PROCESSENTRY32);
res = Process32First(snap, &pe32);
if (res == FALSE) {
printf("Process32First failed: %d
", GetLastError());
CloseHandle(snap);
return -2;
}
do {
if (_tcscmp(pe32.szExeFile, TEXT("conhost.exe")) == 0) {
_tprintf(TEXT(" Idx: %02d PID: %5d PPID: %5d Name: %s
"), i++, pe32.th32ProcessID, pe32.th32ParentProcessID, pe32.szExeFile);
if (pe32.th32ParentProcessID == pid) {
cPid = pe32.th32ProcessID;
}
}
} while ((res = Process32Next(snap, &pe32)));
CloseHandle(snap);
if ((proc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, cPid)) == INVALID_HANDLE_VALUE) {
printf("OpenProcess failed: %d
", GetLastError());
return -3;
}
printf("Conhost handle: 0x%08X
", proc);
CloseHandle(proc);
printf("Press a key to exit...
");
c = getch();
return 0;
}
Output (as a VStudio 2010, Console App (Debug - x86) on Win 10):
e:WorkDevStackOverflowq035102238>ver
Microsoft Windows [Version 10.0.17134.48]
e:WorkDevStackOverflowq035102238>"Debugq035102238.exe"
PID: 22388
Idx: 00 PID: 19892 PPID: 20164 Name: conhost.exe
Idx: 01 PID: 21128 PPID: 21120 Name: conhost.exe
Idx: 02 PID: 1144 PPID: 20572 Name: conhost.exe
Idx: 03 PID: 8184 PPID: 19572 Name: conhost.exe
Idx: 04 PID: 10976 PPID: 20608 Name: conhost.exe
Idx: 05 PID: 21284 PPID: 8792 Name: conhost.exe
Idx: 06 PID: 8172 PPID: 20444 Name: conhost.exe
Idx: 07 PID: 4396 PPID: 19484 Name: conhost.exe
Idx: 08 PID: 12484 PPID: 2580 Name: conhost.exe
Idx: 09 PID: 18636 PPID: 11552 Name: conhost.exe
Idx: 10 PID: 21456 PPID: 21016 Name: conhost.exe
Idx: 11 PID: 960 PPID: 3528 Name: conhost.exe
Idx: 12 PID: 20616 PPID: 18404 Name: conhost.exe
Idx: 13 PID: 21548 PPID: 21528 Name: conhost.exe
Idx: 14 PID: 20192 PPID: 8316 Name: conhost.exe
Idx: 15 PID: 2496 PPID: 9284 Name: conhost.exe
Idx: 16 PID: 5820 PPID: 23140 Name: conhost.exe
Idx: 17 PID: 6032 PPID: 26512 Name: conhost.exe
Connhost handle: 0x00000000
Press a key to exit...
So, it is possible to enumerate all running conhost.exe processes, and also get PROCESS_ALL_ACCESS
to the one associated with my current application (I have to mention here that my Win user has full administrative privileges).
@EDIT0:
- As @BladeMight noticed, on Win 7 all conhost.exe processes are children of crss.exe (as it can be also seen in ProcExp)
Output:
c:WorkDevStackOverflowq035102238>ver
Microsoft Windows [Version 6.1.7601]
c:WorkDevStackOverflowq035102238>q035102238.exe
PID: 1548
Idx: 00 PID: 4960 PPID: 3472 Name: conhost.exe
Idx: 01 PID: 5024 PPID: 3472 Name: conhost.exe
Idx: 02 PID: 5076 PPID: 3472 Name: conhost.exe
Idx: 03 PID: 2676 PPID: 3472 Name: conhost.exe
Idx: 04 PID: 1888 PPID: 3472 Name: conhost.exe
Connhost handle: 0x00000000
Press a key to exit...
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…