March 5, 2004 tools

Reimplementing Mike’s cmdline Utility using WMI


In early 2000, Mike Woodring moved Heaven and Earth to write a tool that would inject a DLL into a process’s memory for purposes of finding the command line with which the process was launched. While hanging around Don and Tim this week, Don was all hot on WMI, so we fired it up in .NET and rebuilt Mike’s tool like so:

using System;
using System.Management;

cmdline {
  static void Main(string[] args) {
    if( args.Length != 1 ) {
      Console.WriteLine(“usage: cmdline <processId>“);

    ManagementObject obj =
      new ManagementObject(string.Format(“Win32_Process.Handle="{0}\“”, args[0]));

This makes WMI pretty darn cool in my book. I’ll be reading Jon Fancey’s article on WMI + .NET in the latest MSDN Magazine.

BTW, I have to admit that I’m nowhere near as manly as Mike. I’ll take this sissy code any day. : )