一个简单的实现，最终没有使用。

#include <winternl.h>

typedef NTSTATUS(WINAPI* NtQuery)(HANDLE, PROCESSINFOCLASS, PVOID, ULONG, PULONG);

void getHandle() {
		// get pid
    HANDLE pHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);

    HINSTANCE hlib = LoadLibrary(TEXT("Ntdll.dll"));
    NtQuery ntQuery = (NtQuery)GetProcAddress(hlib, "NtQueryInformationProcess");

    PEB peb;
    RTL_USER_PROCESS_PARAMETERS para;
    PROCESS_BASIC_INFORMATION pbi;
    NTSTATUS nt = (ntQuery)(pHandle, ProcessBasicInformation, (PVOID)&pbi, sizeof(pbi), NULL);

    std::cout << NT_SUCCESS(nt) << std::endl;

    ReadProcessMemory(pHandle, pbi.PebBaseAddress, &peb, sizeof(peb), NULL);
    ReadProcessMemory(pHandle, peb.ProcessParameters, &para, sizeof(para), NULL);

    LPVOID lpAddress = para.CommandLine.Buffer;
    DWORD dwSize     = para.CommandLine.Length;
        
    std::vector<wchar_t> commandLine(dwSize + 1, L'\\0');
    ReadProcessMemory(pHandle, lpAddress, commandLine.data(), dwSize, NULL);
    std::string cmdLine = utf16ToGbk(commandLine.data());
    std::cout << "[Cmdline] " << cmdLine << std::endl;
}