I try to receive the list of processes using go-ole library:
package main
import (
"fmt"
"github.com/go-ole/go-ole"
"github.com/mattn/go-ole/oleutil"
)
func main() {
ole.CoInitialize(0)
defer ole.CoUninitialize()
unknown, _ := oleutil.CreateObject("WbemScripting.SWbemLocator")
defer unknown.Release()
wmi, _ := unknown.QueryInterface(ole.IID_IDispatch)
defer wmi.Release()
serviceRaw, _ := oleutil.CallMethod(wmi, "ConnectServer")
service := serviceRaw.ToIDispatch()
defer service.Release()
resultRaw, _ := oleutil.CallMethod(service, "ExecQuery", "SELECT * FROM Win32_Process")
result := resultRaw.ToIDispatch()
defer result.Release()
countVar, _ := oleutil.GetProperty(result, "Count")
count := int(countVar.Val)
for i :=0; i < count; i++ {
itemRaw, _ := oleutil.CallMethod(result, "ItemIndex", i)
item := itemRaw.ToIDispatch()
defer item.Release()
processName, _ := oleutil.GetProperty(item, "Name")
fmt.Println(processName.ToString())
}
}
but I cannot receive the owner of process, call method GetOwner
ownerRaw, _ := oleutil.CallMethod(item, "GetOwner")
fmt.Println(ownerRaw)
because GetOwner return value is int32
uint32 GetOwner(
[out] string User,
[out] string Domain
);
https://docs.microsoft.com/en-us/windows/desktop/cimwin32prov/getowner-method-in-class-win32-process
How it is possible to receive the owner as string for each process?
It took me a while to figure this out.
The GetOwner method is expecting you to pass two string parameters. These strings will contain the results of the method call.
var user ole.VARIANT
var domain ole.VARIANT
res, err := oleutil.CallMethod(item, "GetOwner", &user, &domain)
fmt.Printf("user: %v\tdomain: %v", user.ToString(), domain.ToString())
To get the SID you do the same thing:
var sid ole.VARIANT
res, err := oleutil.CallMethod(item, "GetOwnerSid", &sid)
fmt.Printf("sid: %v
", sid.ToString())
Hope this helps.
Sopwith