Get a Winstation Name from a Process ID

views:

199

answers:

Get a Winstation Name from a Process ID

I am trying to get the name of the winstation (for example "winsta0") that a separate process has opened using only its Process ID. I can't find anything that does this on MSDN. They only seem to have GetProcessWindowStation() which only works for your own process.

Any ideas?

UPDATE: Maybe this is part of the puzzle...

BOOL ProcessIdToSessionId( __in DWORD dwProcessId, __out DWORD *pSessionId );

+1 A:

You will probably have to use EnumWindowStations(), EnumDesktops(), EnumDesktopWindows(), and GetWindowThreadProcessId() to look at all running windows until you find one that matches the desired process ID.

Remy Lebeau - TeamB 2009-06-03 23:40:52

Well, I had a look at the API functions but hit the same dead end as you. Remy's suggestion should work as long as the target process creates one or more top-level windows. The following, crazy idea also occured to me:

Use VirtualAllocEx() to allocate some executable memory in the target process
Use WriteProcessMemory() to write some code into that memory
Use CreateRemoteThread() to execute the code in that process

The injected code would call GetProcessWindowStation() and then use an IPC mechanism to send it back to your process. After you get it, use VirtualFreeEx() to restore the target process's orginal address space. There are some additional issues using this on another user's process, but it should still work if you run as administrator.

Peter Ruderman 2009-06-04 13:15:58

ansaurus

tags:

views:

answers:

Get a Winstation Name from a Process ID

related questions