How to clear a process command line? How to clear a process command line? windows windows

How to clear a process command line?


c++ windows winapi command-line command-line-arguments

I suppose you have to modify the RTL_USER_PROCESS_PARAMETERS part of the PEB of your process (see http://en.wikipedia.org/wiki/Process_Environment_Block for example and http://undocumented.ntinternals.net/UserMode/Undocumented%20Functions/NT%20Objects/Process/PEB.html). You can try to use NtQueryInformationProcess to get PEB. Then you can modify ProcessParameters.CommandLine. I hope it will work.

UPDATED: I verified my suggestion. It works. The following test program demonstrate this:

#include <Windows.h>#include <Winternl.h> // for PROCESS_BASIC_INFORMATION and ProcessBasicInformation#include <stdio.h>#include <tchar.h>typedef NTSTATUS (NTAPI *PFN_NT_QUERY_INFORMATION_PROCESS) (    IN HANDLE ProcessHandle,    IN PROCESSINFOCLASS ProcessInformationClass,    OUT PVOID ProcessInformation,    IN ULONG ProcessInformationLength,    OUT PULONG ReturnLength OPTIONAL);int main(){    HANDLE hProcess = OpenProcess (PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,                                   FALSE, GetCurrentProcessId());    PROCESS_BASIC_INFORMATION pbi;    ULONG ReturnLength;    PFN_NT_QUERY_INFORMATION_PROCESS pfnNtQueryInformationProcess =        (PFN_NT_QUERY_INFORMATION_PROCESS) GetProcAddress (            GetModuleHandle(TEXT("ntdll.dll")), "NtQueryInformationProcess");    NTSTATUS status = pfnNtQueryInformationProcess (        hProcess, ProcessBasicInformation,        (PVOID)&pbi, sizeof(pbi), &ReturnLength);    // remove full information about my command line    pbi.PebBaseAddress->ProcessParameters->CommandLine.Length = 0;    getchar(); // wait till we can verify the results    return 0;}

If we start the program with some parameters we will see

alt text

instead of the following seen before

alt text

c++ windows winapi command-line command-line-arguments

Based on your comment above, you may wish to consider passing the secret key via an environment variable. If you set the key in the parent process environment, it will be inherited by the child process and won't be visible to outsiders quite as easily as the command line.

c++ windows winapi command-line command-line-arguments

You might try calling the GetCommandLine API function and then setting the first byte to 0. That is:

LPTSTR cmdline = GetCommandLine();*cmdline = '\0';

I honestly don't know if that'll work or what the possible ramifications are, but it might be worth a shot.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last