Recuperer le nom du process qui se connecte a internet

[ChaudEf]

Bonjour
Dans Fiddler, on peut voir quel processus a demande une certaine connexion Internet.
Est ce que c'est possible de faire ca en purebasic? Monter un petit serveur local, puis recevoir les domaines visites par les differents programmes de l'ordinateur, en sachant quel domaine a ete visite par quel programme?

Merci

[celtic88]

Bonjour

test !

Code : Tout sélectionner

InitNetwork()

Structure MIB_TCPTABLE_OWNER_PID 
  dwStats.l 
  dwLocalAddr.l 
  dwLocalPort.l 
  dwRemoteAddr.l 
  dwRemotePort.l 
  dwOwningPid.l 
EndStructure 

Structure MIB_TCPTABLE 
  dwNumEntries.l 
  table.MIB_TCPTABLE_OWNER_PID[0] 
EndStructure 

Structure MIB_UDPROW_OWNER_PID 
  dwLocalAddr.l
  dwLocalPort.l
  dwOwningPid.l
EndStructure 

Structure MIB_UDPTABLE
  dwNumEntries.l
  table.MIB_UDPROW_OWNER_PID[0]
EndStructure

Prototype GetExtendedTcpTable(pTcpTable,pdwSize,bOrder,ulAf,TableClass,Reserved = 0)
Prototype GetExtendedUdpTable(pUdpTable,pdwSize,bOrder,ulAf,TableClass,Reserved = 0)
OpenLibrary(0, "iphlpapi.dll") 
Global GetExtendedTcpTable.GetExtendedTcpTable = GetFunction(0,"GetExtendedTcpTable")
Global GetExtendedUdpTable.GetExtendedUdpTable = GetFunction(0,"GetExtendedUdpTable")

Global State.s = "CLOSED|LISTENING|SYN_SENT|SYN_RCVD|ESTABLISHED|FIN_WAIT1|FIN_WAIT2|CLOSE_WAIT|CLOSING|LAST_ACK|TIME_WAIT|DELETE_TCB"

Structure ProcessInfo
  strProcessName.s
  Pid.l
EndStructure

Procedure GetProcessList(List ProcessList.ProcessInfo())
  ClearList(ProcessList())
  Protected Proc32.PROCESSENTRY32\dwSize = SizeOf(PROCESSENTRY32)
  Protected snapShot = CreateToolhelp32Snapshot_(#TH32CS_SNAPPROCESS, 0)
  If snapShot
    If Process32First_(snapShot, @Proc32)
      While Process32Next_(snapShot, @Proc32)
        AddElement(ProcessList())
        ProcessList()\strProcessName = PeekS(@Proc32\szExeFile)
        ProcessList()\Pid = Proc32\th32ProcessID
      Wend
    EndIf
    CloseHandle_(snapShot)
  EndIf
EndProcedure

Structure ConnectionListInfo
  strType.s
  dwStats.l 
  strStats.s
  dwLocalAddr.l 
  strLocalAddr.s
  strLocalAddr2.s
  dwLocalPort.l 
  dwRemoteAddr.l 
  strRemoteAddr.s
  strRemoteAddr2.s
  dwRemotePort.l 
  dwOwningPid.l 
  strProcessName.s
EndStructure

Procedure GetConnectionList(List ConnectionList.ConnectionListInfo())
  Protected *tcpTable.MIB_TCPTABLE,dwSize,*udpTable.MIB_UDPTABLE,*IpName,
            NewList ProcessList.ProcessInfo()
  GetProcessList(ProcessList())
  
  GetExtendedTcpTable(0 , @dwSize, #True,#AF_INET,5) 
  If dwSize = 0
    ProcedureReturn -1
  EndIf
  *tcpTable = AllocateMemory(dwSize)
  If GetExtendedTcpTable(*tcpTable , @dwSize, #True,#AF_INET,5) <> 0
    FreeMemory(*tcpTable)
    ProcedureReturn -2
  EndIf
  With *tcpTable
    For i = 0 To \dwNumEntries - 1 
      AddElement(ConnectionList())
      ConnectionList()\strType = "TCP"
      ConnectionList()\dwStats = \table[i]\dwStats
      ConnectionList()\dwLocalAddr = \table[i]\dwLocalAddr
      ConnectionList()\dwLocalPort = ntohs_(\table[i]\dwLocalPort)
      ConnectionList()\dwRemoteAddr = \table[i]\dwRemoteAddr
      ConnectionList()\dwRemotePort = ntohs_(\table[i]\dwRemotePort)
      ConnectionList()\dwOwningPid = \table[i]\dwOwningPid
      ConnectionList()\strStats = StringField(State,\table[i]\dwStats,"|")
      ConnectionList()\strRemoteAddr = IPString(\table[i]\dwRemoteAddr)
      *IpName = gethostbyaddr_(@\table[i]\dwRemoteAddr,4,#PF_INET)
      If *IpName > 0
        ConnectionList()\strRemoteAddr2 = PeekS(PeekL(*IpName),-1,#PB_Ascii)
      EndIf
      ConnectionList()\strLocalAddr = IPString(\table[i]\dwLocalAddr)
      *IpName = gethostbyaddr_(@\table[i]\dwLocalAddr,4,#PF_INET)
      If *IpName > 0
        ConnectionList()\strLocalAddr2 = PeekS(PeekL(*IpName),-1,#PB_Ascii)
      EndIf     
      ForEach ProcessList()
        If ProcessList()\Pid = \table[i]\dwOwningPid
          ConnectionList()\strProcessName = ProcessList()\strProcessName
          Break
        EndIf
      Next
    Next 
  EndWith
  FreeMemory(*tcpTable)
  dwSize = 0
  GetExtendedUdpTable(0,@dwSize, #True,#AF_INET,1) 
  If dwSize = 0
    ProcedureReturn -3
  EndIf
  *udpTable = AllocateMemory(dwSize)
  If GetExtendedUdpTable(*udpTable , @dwSize, #True,#AF_INET,1) <> 0
    FreeMemory(*udpTable)
    ProcedureReturn -4
  EndIf
  With *udpTable
    For i = 0 To \dwNumEntries - 1 
      AddElement(ConnectionList())
      ConnectionList()\strType = "UDP"
      ConnectionList()\dwLocalAddr = \table[i]\dwLocalAddr
      ConnectionList()\dwLocalPort = ntohs_(\table[i]\dwLocalPort)
      ConnectionList()\dwOwningPid = \table[i]\dwOwningPid
      ConnectionList()\strLocalAddr = IPString(\table[i]\dwLocalAddr)
      *IpName = gethostbyaddr_(@\table[i]\dwLocalAddr,4,#PF_INET)
      If *IpName > 0
        ConnectionList()\strLocalAddr2 = PeekS(PeekL(*IpName),-1,#PB_Ascii)
      EndIf     
      ForEach ProcessList()
        If ProcessList()\Pid = \table[i]\dwOwningPid
          ConnectionList()\strProcessName = ProcessList()\strProcessName
          Break
        EndIf
      Next
    Next 
  EndWith
  FreeMemory(*udpTable)
  ProcedureReturn 1
EndProcedure
NewList ConnectionList.ConnectionListInfo()

st = GetConnectionList(ConnectionList())
If st <> 1
  Debug " ERROR CODE : " + Str(st)
  End 1
EndIf

ForEach ConnectionList()
  Debug ConnectionList()\strType + " - " + ConnectionList()\strStats
  Debug ConnectionList()\strProcessName + " (" + Str(ConnectionList()\dwOwningPid) + ")"
  Debug ConnectionList()\strRemoteAddr2 + " (" + ConnectionList()\strRemoteAddr + ") : " +
        Str(ConnectionList()\dwRemotePort)
  Debug ConnectionList()\strLocalAddr + " (" + ConnectionList()\strLocalAddr2 + ") : "  +
        Str(ConnectionList()\dwLocalPort)
  Debug  "____________________________________________________________________________________"
Next

[Marc56]

...quel processus a demande une certaine connexion Internet.

Sous Windows, sans API, avec netstat

Code : Tout sélectionner

C:> netstat /?

Affiche les statistiques de protocole et les connexions réseau TCP/IP actuelles                                    
                                                                                                                   
NETSTAT [-a] [-b] [-e] [-f] [-n] [-o] [-p proto] [-r] [-s] [-x] [-t] [interval]                                    
                                                                                                                   
  -a            Affiche toutes les connexions et tous les ports d'écoute.                                          
  -b            Affiche l'exécutable impliqué dans la création de chaque                                           
                connexion ou port d'écoute...

(Voir le reste de l'aide pour les autres paramètres)

Ensuite RunProgram("cmd", "/c netstat ...) et récupérer la sortie.

[Kwai chang caine]

@CELTIC
Marche nickel ton code sur W10 X64
Merci