How to get the name of the process your dll was injected into

Question

I have a DLL written in C++. I want it so on inject it detects the process of what it was injected inside. Ie it gets the process name. How could this be done?

Possible duplicate of [How to get the process name in C++](https://stackoverflow.com/questions/4570174/how-to-get-the-process-name-in-c) — Retired Ninja, Aug 03 '17 at 04:03

score 5 · Accepted Answer · edited Aug 03 '17 at 05:02

5

You can use GetModuleFileName().

Calling it with its hModule parameter set to NULL will give you the name of the file used to create the process.

Since your DLL is running in the context of the process that loaded the DLL, it should give you the appropriate file name.

edited Aug 03 '17 at 05:02

Remy Lebeau

555,201
31
458
770

answered Aug 03 '17 at 04:03

Ajay Brahmakshatriya

8,993
3
26
49

score 0 · Answer 2 · answered Aug 22 '19 at 23:08

To get the filename from the path returned by GetModuleFileName() here are 2 methods:

Using char arrays and _splitpath()

HMODULE hExe = GetModuleHandle(NULL);
char fullPath[MAX_PATH]{ 0 };
char fname[MAX_PATH] = { 0 };
char ext[MAX_PATH] = { 0 };
char procName[MAX_PATH] = { 0 };
GetModuleFileName(hExe, fullPath, MAX_PATH);
_splitpath(fullPath, 0, 0, fname, ext);
strcpy(procName, fname);
strcat(procName, ext);

Using std::filesystem

#include <filesystem>
namespace fs = std::experimental::filesystem;
HMODULE hExe = GetModuleHandle(NULL);
WCHAR fullPath[MAX_PATH]{ 0 };
GetModuleFileName(hExe, fullPath, MAX_PATH);
fs::path path(fullPath);
fs::path filename = path.filename();

Both work well with injected DLLs or from any process.

How to get the name of the process your dll was injected into

2 Answers2