我有一个 PID,我正在尝试确定进程的当前工作目录。我尝试了wmic process一段时间,但似乎没有可用的 cwd。有人知道我可以实现这一点的巧妙方法吗?
答案1
您可以尝试使用管理员权限执行类似以下批处理脚本:
@echo off
Mode 75,8 & color 0A
Title Get ExecutablePath of any PID by Hackoo 2018
:::::::::::::::::::::::::::::::::::::::::
:: Automatically check & get admin rights
:::::::::::::::::::::::::::::::::::::::::
REM --> Check for permissions
Reg query "HKU\S-1-5-19\Environment" >nul 2>&1
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
Echo.
ECHO **************************************
ECHO Running Admin shell... Please wait...
ECHO **************************************
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
set params = %*:"=""
echo UAC.ShellExecute "cmd.exe", "/c ""%~s0"" %params%", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
del "%temp%\getadmin.vbs"
exit /B
:gotAdmin
::::::::::::::::::::::::::::
::START
::::::::::::::::::::::::::::
:Loop
Cls
echo(
set /P "PID=Please provide a PID number to get its ExecutablePath : "
set "ExePath="
SetLocal EnableDelayedExpansion
for /f "skip=1 delims=" %%a in ('"wmic process where "ProcessID^=!PID!" get ExecutablePath 2^>nul"') do (
If Not "!errorlevel!" equ "1" (
for /f "delims=" %%b in ("%%a") do if not defined ExePath set "ExePath=%%b"
Rem To trim a variable ( Removing Spaces into a variable )
set "ExePath=!ExePath: =!"
)
)
echo ExecutablePath ==^> "!ExePath!"
for %%a in ("!ExePath!") do set "CWD=%%~dpa"
echo Current Working Directory ==^> "!cwd!"
echo(
echo Hit any key to choose another PID & pause>nul & goto Loop