Expand description
tasklist
tasklist
is a crate let you easily get tasklist and process information on windows.
it based on windows-rs
crate.
what information you can get
- Process name,pid,parrentID,theradsID.
- Process start_time,exit_time,and CPU_time(including kernel time and user time).
- Process path and commandline params.
- Process SID and Domain/User.
- Process IO infomation , including all of
IO_COUNTERS
member. - Process memory information , including all of
PROCESS_MEMORY_COUNTERS
member. - Process handles information , use
GetProcessHandleCount
Api. - Process file infomation , use
GetFileVersionInfoExW
Api. - Check whether the process is running in the WOW64 environment.
- Iterate over all processes
remember some infomation need higher privilege in some specific windows versions
example
Get all process pid , process name and user .
use tasklist;
fn main(){
unsafe{
let tl = tasklist::Tasklist::new();
for i in tl{
println!("{} {} {}",i.get_pid(),i.get_pname(),i.get_user());
}
}
}
Get all process name , pid , company name , file description.
use tasklist;
fn main(){
for i in unsafe{tasklist::Tasklist::new()}{
let cpn = match i.get_file_info().get("CompanyName"){
Some(h)=>h.to_string(),
None=>"".to_string(),
};
let des = match i.get_file_info().get("FileDescription"){
Some(h)=>h.to_string(),
None=>"".to_string(),
};
println!("\t{} \t{} \t{} \t{}",i.get_pname(),i.get_pid(),cpn,des)
}
}
Modules
Structs
the process’s IO counter struct
process’s memory counter struct . can easily get memory infomation of a process.
the process struct .
this struct is Process
Iterator.
Functions
enbale the debug privilege for your program , it return a bool
to show if it success.
return the first process id by the name you gave , it return the Option<u32>
, u32
is the process id.
find the process id by the name you gave , it return a Vec<U32>
, if the process is not exist , it will return a empty Vec<u32>
just like the name , this function will return a Option<String>
by the id you gave, String
is the name of process.
get the file info of the process . use GetFileVersionInfoExW
api . it will return a HashMap<String,String>
including a lot of infomation.
you can get value throught CompanyName
FileDescription
OriginalFilename
ProductName
ProductVersion
PrivateBuild
InternalName
LegalCopyright
FileVersion
keys.
get the process io counter , it will return a IoCounter
if cant get the io counter , it will return a zero IoCounter
get process memory info . it will return a MemoryCounter
struct .
get the process command line params . it will return String
.
get process parrent id from pid , it will return a Option<u32>
get process full path from pid , it will return String
which is the location of process.
get the process sid and domain/user name from pid . it will return a tuple consisting of (domain/user,sid)
. if the privilege is not enough , it will return the failed reson.
get process thread id from pid , it will return Vec<u32>
.
get process time , including Start time , Exit time , Kernel time and User time . it will return a tuple
which is (start_time,exit_time,CpuTime)
get process handle counter . return u32
judge the process is running on wow64 or not , it will return a Option<bool>
(you must consider the situation that OpenProcess cannot be used)