在 Windows 上查找父进程 ID
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7486717/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Finding parent process ID on Windows
提问by joslinm
Problem
问题
Given a process ID & command-line access on a remote Windows host, how can you find its parent's PID?
给定远程 Windows 主机上的进程 ID 和命令行访问权限,如何找到其父进程的 PID?
Solution
解决方案
Given Marc B's answer, we can use WMIC (Command samples here) and do something like this:
鉴于 Marc B 的回答,我们可以使用 WMIC(此处的命令示例)并执行以下操作:
wmic process where (processid=PROCID_HERE) get parentprocessid
wmic process where (processid=PROCID_HERE) get parentprocessid
回答by Marc B
C:\> wmic process get processid,parentprocessid,executablepath|find "process id goes here"
回答by robinst
Based on joslinm's solution in the question, here's a snippet of how to use this in a batch script:
基于joslinm 在问题中的解决方案,这里是如何在批处理脚本中使用它的片段:
set PID=<this is the child process ID>
for /f "usebackq tokens=2 delims==" %%a in (`wmic process where ^(processid^=%PID%^) get parentprocessid /value`) do (
set PARENT_PID=%%a
)
回答by uffe hellum
In powershell:
在 PowerShell 中:
PS> wmic process where '(processid=4632)' get 'processid,parentprocessid,executablepath'
ExecutablePath ParentProcessId ProcessId
C:\Program Files\Docker\Docker\Resources\com.docker.db.exe 4488 4632
