I am trying to get commandline arguments of an executable which was launched by another program.
I tried the command mentioned in this answer, but I can't understand the syntax :(
I am trying to get the commandline arguments of an process, I have the PID & the process name, In this case I am trying get arguments of an ping command which I am using to test the command...
Thanks in Advance :)
Try this:
wmic process where "name='ping.exe'" get commandline /format:list
Or if you prefer to query by PID:
wmic process where "processid='NNNN'" get commandline /format:list
wmic uses a query language called WQL, which is similar to SQL. You can do wildcard stuff like wmic process where "name like 'ping%'" get commandline (but be sure to double the %% within a batch script), vary the output style (list, csv, even html), and other magic. See wmic /? from a command line for more info.
If you want to capture the output of any command to a variable, use a for /f loop. help for in a cmd console for more info. Try this in a cmd console:
for /f "delims=" %I in ('wmic process where "name='ping.exe'" get commandline /format:list ^| find "="') do set "%I"
You'll notice something very odd indeed. The output of that command will be similar to this:
" \Users\username>set "CommandLine=ping -n 60 localhost
The closing quotation mark gets printed at the beginning of the line! Isn't that weird? That's because WMI query results are encoded in UCS-2 LE, not ANSI.
One workaround I like to use is to use /format:csv and add a disposable column to the query.
From within a batch script:
for /f "tokens=2 delims=," %%I in (
'wmic process where "name='ping.exe'" get commandline^,status /format:csv'
) do set "commandline=%%I"
... and that way you won't capture any invisible treachery to your variable.