我想使用 PowerShell 了解 Windows 窗口是顶层(前台)还是后台。我该怎么做?
答案1
您想要实现什么目标或者为什么?
您不会说出您尝试过什么,也不会展示它以及您遇到了什么错误。系统上运行的所有进程都有进程名称和 ID,您可以说获取启动时间,而较近的那个可能就是活动的进程。
# get all object members of a process
get-process | Select * -First 1 | Get-Member
Name : aesm_service
Id : 19420
PriorityClass : Normal
FileVersion : 2.0.101.44237
HandleCount : 169
WorkingSet : 8597504
PagedMemorySize : 2203648
PrivateMemorySize : 2203648
VirtualMemorySize : 87666688
TotalProcessorTime : 00:00:00.1250000
SI : 0
Handles : 169
VM : 4382633984
WS : 8597504
PM : 2203648
NPM : 2189736
Path : C:\WINDOWS\System32...aesm_service.exe
Company : Intel Corporation
CPU : 0.125
ProductVersion : 2.0.101.44237
Description : Intel® SGX Application Enclave Services Manager
Product : Intel® Software Guard Extensions
__NounName : Process
BasePriority : 8
ExitCode :
HasExited : False
ExitTime :
Handle : 6280
SafeHandle : Microsoft.Win32.SafeHandles.SafeProcessHandle
MachineName : .
MainWindowHandle : 0
MainWindowTitle :
MainModule : System.Diagnostics.ProcessModule (aesm_service.exe)
MaxWorkingSet : 1413120
MinWorkingSet : 204800
Modules : {System.Diagnostics....
NonpagedSystemMemorySize : 2189736
NonpagedSystemMemorySize64 : 2189736
PagedMemorySize64 : 2203648
PagedSystemMemorySize : 102120
PagedSystemMemorySize64 : 102120
PeakPagedMemorySize : 3158016
PeakPagedMemorySize64 : 3158016
PeakWorkingSet : 9588736
PeakWorkingSet64 : 9588736
PeakVirtualMemorySize : 99708928
PeakVirtualMemorySize64 : 4394676224
PriorityBoostEnabled : True
PrivateMemorySize64 : 2203648
PrivilegedProcessorTime : 00:00:00.0937500
ProcessName : aesm_service
ProcessorAffinity : 255
Responding : True
SessionId : 0
StartInfo : System.Diagnostics.ProcessStartInfo
StartTime : 9/7/2018 1:16:52 PM
SynchronizingObject :
Threads : {12776, 19072}
UserProcessorTime : 00:00:00.0312500
VirtualMemorySize64 : 4382633984
EnableRaisingEvents : False
StandardInput :
StandardOutput :
StandardError :
WorkingSet64 : 8597504
Site :
Container :
get-process |
Select StartTime,ProcessName |
Sort-Object StartTime |
Format-Table -AutoSize
StartTime ProcessName
--------- -----------
Idle
9/7/2018 1:14:17 PM Secure System
9/7/2018 1:14:17 PM Registry
….
现在,如果您说,您正尝试在远程主机上执行此操作,这是一个完全不同的问题,因为最新的进程可能并不重要,用户将使用他们正在使用的任何进程。
你没有说明你搜索和尝试了什么,以及它是否对你有用。网络上有多个地方的例子,讨论了类似的用例。
查看这些讨论和答案,您会注意到,它需要调用 C 代码和 Windows DLL。
Add-Type @"
using System;
using System.Runtime.InteropServices;
public class Tricks {
[DllImport("user32.dll")]
public static extern IntPtr GetForegroundWindow();
}
"@
$a = [tricks]::GetForegroundWindow()
get-process | ? { $_.mainwindowhandle -eq $a }
https://techibee.com/powershell/get-active-window-on-desktop-using-powershell/2178
[CmdletBinding()]
Param(
)
Add-Type @"
using System;
using System.Runtime.InteropServices;
public class UserWindows {
[DllImport("user32.dll")]
public static extern IntPtr GetForegroundWindow();
}
"@
try {
$ActiveHandle = [Windows]::GetForegroundWindow()
$Process = Get-Process | ? {$_.MainWindowHandle -eq $activeHandle}
$Process | Select ProcessName, @{Name="AppTitle";Expression= {($_.MainWindowTitle)}}
} catch {
Write-Error "Failed to get active Window details. More Info: $_"
}
当您选择不同的窗口时,这将改变其输出。将窗口设置得足够小,以便您在选择新窗口时可以查看输出。
如果您有双显示器,则将 PS 放在第二台显示器上,然后在另一台显示器上选择窗口。
$code = @'
[DllImport("user32.dll")]
public static extern IntPtr GetForegroundWindow();
'@
Add-Type $code -Name Utils -Namespace Win32
while(1){
$hwnd = [Win32.Utils]::GetForegroundWindow()
Get-Process |
Where-Object { $_.mainWindowHandle -eq $hwnd } |
Select-Object processName, MainWindowTItle, MainWindowHandle
sleep -Milliseconds 200
}
或者购买这个模块...
https://www.vexasoft.com/pages/get-window
Get-Window
Synopsis
Gets the application windows that are open on the local desktop.
Syntax
• Get-Window [-Process] [-ShowBackgroundWindows]
• Get-Window [-Title] [-ShowBackgroundWindows]
• Get-Window [-ProcessID] [-ShowBackgroundWindows]
Description
The Get-Window cmdlet gets the application windows that are open on the local desktop.
答案2
这是通过invoke命令远程获取活动程序的复杂方法,使用任务计划程序并以用户组(当前用户)身份运行。隐藏窗口的唯一方法是使用wscript。
# doforeground.ps1
@'
Add-Type '
using System;
using System.Runtime.InteropServices;
public class UserWindows {
[DllImport("user32.dll")]
public static extern IntPtr GetForegroundWindow();
}
'
$a = [UserWindows]::GetForegroundWindow()
get-process | ? mainwindowhandle -eq $a | % name |
set-content c:\windows\temp\get-foreground.log
'@ | set-content c:\windows\get-foreground.ps1
'On Error Resume Next
hidden = 0
style = hidden
wait = True
command = "powershell.exe -file c:\windows\get-foreground.ps1"
Set objShell = WScript.CreateObject("WScript.Shell")
objShell.run command, style, wait' | set-content c:\windows\get-foreground.vbs
$action = New-ScheduledTaskAction -Execute wscript.exe -Argument c:\windows\get-foreground.vbs
$principal = New-ScheduledTaskPrincipal -GroupId Users
Register-ScheduledTask -Action $action -TaskName get-foreground -principal $principal -force > $null
Start-ScheduledTask -TaskName get-foreground
sleep 3
[pscustomobject]@{result = cat c:\windows\temp\get-foreground.log -ea 0}
Unregister-ScheduledTask get-foreground -confirm:$false
del c:\windows\temp\get-foreground.log,c:\windows\get-foreground.ps1,c:\windows\get-foreground.vbs -ea 0
invoke-command comp1,comp2,comp3 doforeground.ps1
result PSComputerName RunspaceId
------ -------------- ----------
chrome comp1 692df884-458c-4c9a-8470-60e1715399f2
firefox comp2 94b82d7f-2800-4faa-a483-fbc353dbe9d1
EXCEL comp3 f6b13e41-8874-474d-97a0-1b43391ef3ee