from ctypes import c_int c_char c_ulong c_void_p windll byref Structur

Anonymous
Python
03 Feb 2009
from ctypes import c_int, c_char, c_ulong, c_void_p, windll, byref, Structure, pointer, sizeof
import socket, struct

class MIB_TCPROW_OWNER_PID(Structure):
    _fields_ = [
        ("dwState",      c_ulong),
        ("dwLocalAddr",  c_ulong),
        ("dwLocalPort",  c_ulong),
        ("dwRemoteAddr", c_ulong),
        ("dwRemotePort", c_ulong),
        ("dwOwningPid",  c_ulong),
    ]

class MIB_TCPTABLE_OWNER_PID(Structure):
    _fields_ = [
        ("dwNumEntries", c_ulong),
        ("table",        MIB_TCPROW_OWNER_PID * 512)
    ]

class PROCESSENTRY32(Structure):
    _fields_ = [('dwSize', c_int ) , 
                 ('cntUsage', c_int) ,
                 ('th32ProcessID', c_int) ,
                 ('th32DefaultHeapID', c_int) ,
                 ('th32ModuleID', c_int) ,
                 ('cntThreads', c_int) ,
                 ('th32ParentProcessID', c_int) ,
                 ('pcPriClassBase', c_ulong) ,
                 ('dwFlags', c_int) ,
                 ('szExeFile', c_char * 260 ) , 
                 ('th32MemoryBase', c_ulong) ,
                 ('th32AccessKey', c_ulong )]

def getPidsPortsList():
    port_list = []
    tcp_table = MIB_TCPTABLE_OWNER_PID()
    init_size = c_int()
    af_inet = 2#ipv4
    tcp_table_owner_pid_listener = 3 #listeners
    windll.iphlpapi.GetExtendedTcpTable(byref(tcp_table), byref(init_size),False , af_inet, tcp_table_owner_pid_listener, 0)
    windll.iphlpapi.GetExtendedTcpTable(byref(tcp_table), byref(init_size), False, af_inet, tcp_table_owner_pid_listener, 0)
    
    for itemnum in xrange(tcp_table.dwNumEntries):
        item = tcp_table.table[itemnum]
        host = socket.inet_ntoa(struct.pack("L", item.dwLocalAddr))
        if host == '127.0.0.1': continue
        port = socket.ntohs(item.dwLocalPort)
        pid = item.dwOwningPid
        port_list.append((pid, port))
    return port_list
    
def getProcessDict():
    process_dict = {}
    hsnapshot = windll.kernel32.CreateToolhelp32Snapshot(2, 0)
    process = PROCESSENTRY32()
    process.dwSize = sizeof(PROCESSENTRY32)
    r = windll.kernel32.Process32First(hsnapshot, pointer(process))
    while r:
        name = process.szExeFile
        pid = process.th32ProcessID
        process_dict[pid] = name
        r = windll.kernel32.Process32Next(hsnapshot, pointer(process))
    return process_dict

def main():
    pids_ports_list = getPidsPortsList()
    pids_ports_list.sort()
    process_dict = getProcessDict()
    for item in pids_ports_list:
        print process_dict[item[0]], item[1]
    print
    raw_input('type any key to exit')
if __name__ == '__main__':
    main()
← newer dump
older dump →