Getting the source program

I was just wondering, how could I get the program that started one of my programs?
Like was it run in cmd? was it run by the OS?
closed account (ozUkoG1T)
I really do not understand what you mean please explain in more detsil . Or Pm me I will be glad to help.

If you mean how to get source code of the cmd I think it is not possible since Microsoft would have obsfucate and put anti-debuggers in place.

Warm regards,
Cyberwarfare
Windows has no concepts of parent - child processes, so there is no way to get information regarding what process has spawned your process.

There are some undocumented APIs to show you what processes has opened handles to your process, like Sysinternals Process Monitor probably uses.
These are all the informations you can get from what launched your program:

GetStartupInfo (Function):
http://msdn.microsoft.com/en-us/library/windows/desktop/ms683230(v=vs.85).aspx

STARTUPINFO (Structure):
http://msdn.microsoft.com/en-us/library/windows/desktop/ms686331(v=vs.85).aspx
closed account (ozUkoG1T)
OP make it clear what your question is since it is quite difficult for us to understand and answer your question also learn about the windows API that way you know about GUI. I suggest you look in MSDN for the question you want to know.

Warm regards,
Cyberwarfare
Let's say I got a program called main.exe, which must be run directly-meaning running it from any other program should be disabled.
You can make a launcher for your program, which adds something weird to the command line to run your 'main' program. It can be easily 'passed' thru, anyways, but I don't have any other idea ATM.
I've thought of that, I just thought I could find a "cleaner" solution to it.
Use an environment variable, set it in your launcher program and automatically will be inherited by your child process.

No other processes in the system will have access to that environment variable. Use a GUID as a value :)

And please don't use CRT setenv() and getenv() for that.
Last edited on
Topic archived. No new replies allowed.