public void Perform()
{
Process[] myProcesses;
myProcesses = Process.GetProcesses();
MyFormPoster = new FormPoster();
MyConsoleLogger = new ConsoleLogger();
MyNTEventLogLogger = new NTEventLogLogger();
myDiscovery = new ToolSpecificEvent();
myDiscovery.ActionEvent += new ToolSpecificEventHandler(MyConsoleLogger.handler);
myDiscovery.ActionEvent += new ToolSpecificEventHandler(MyNTEventLogLogger.handler);
myDiscovery.ActionEvent += new ToolSpecificEventHandler(MyFormPoster.handler);
configuration_from_xml = new ConfigRead();
configuration_from_xml.LoadConfiguration("Configuration/ProcessDetection/Process", "ProcessName");
string process_detector_expression = configuration_from_xml.DetectorExpression;
Regex process_detector_regex = new Regex(process_detector_expression, RegexOptions.ExplicitCapture | RegexOptions.IgnoreCase);
foreach (Process myProcess in myProcesses)
{
string res = String.Empty;
string sProbe = myProcess.ProcessName;
// myProcess.StartInfo.FileName - not accessible
if (Debug)
{
Console.WriteLine("Process scan: {0}", process_detector_expression);
}
MatchCollection m = process_detector_regex.Matches(sProbe);
if (sProbe != null && m.Count != 0)
{
try
{
DialogDetected = true;
process_command_line = new ProcessCommandLine(myProcess.Id.ToString());
if (Debug)
{
Console.WriteLine("{0}{1}", myProcess.Id.ToString(), process_command_line.CommandLine);
}
CommandLine = process_command_line.CommandLine;
// CommandLine = myProcess.ProcessName;
Console.WriteLine("--> {0} {1} {2} {3}", sProbe, myProcess.ProcessName, myProcess.Id, DateTime.Now - myProcess.StartTime);
}
catch (Win32Exception e) {
System.Diagnostics.Trace.Assert(e != null);
}
}
}
CallBackPtr callBackPtr = new CallBackPtr(EnumReport.Report);
if (DialogDetected)
{
EnumReport.evt = myDiscovery;
EnumReport.CommandLine = CommandLine;
EnumReport.EnumWindows(callBackPtr, 0);
}
}
public void Perform()
{
Process[] myProcesses;
myProcesses = Process.GetProcesses();
MyFormPoster = new FormPoster();
MyConsoleLogger = new ConsoleLogger();
MyNTEventLogLogger = new NTEventLogLogger();
myDiscovery = new ToolSpecificEvent();
myDiscovery.ActionEvent += new ToolSpecificEventHandler(MyConsoleLogger.handler);
myDiscovery.ActionEvent += new ToolSpecificEventHandler(MyNTEventLogLogger.handler);
myDiscovery.ActionEvent += new ToolSpecificEventHandler(MyFormPoster.handler);
configuration_from_xml = new ConfigRead();
configuration_from_xml.LoadConfiguration("Configuration/ProcessDetection/Process", "ProcessName");
string process_detector_expression = configuration_from_xml.DetectorExpression;
Regex process_detector_regex = new Regex(process_detector_expression, RegexOptions.ExplicitCapture | RegexOptions.IgnoreCase);
foreach (Process myProcess in myProcesses)
{
string res = String.Empty;
string sProbe = myProcess.ProcessName;
// myProcess.StartInfo.FileName - not accessible
if (Debug) Console.WriteLine("Process scan: {0}", process_detector_expression); MatchCollection m = process_detector_regex.Matches(sProbe);
if (sProbe != null && m.Count != 0)
{
try
{
DialogDetected = true;
process_command_line = new ProcessCommandLine(myProcess.Id.ToString());
if (Debug) Console.WriteLine("{0}{1}", myProcess.Id.ToString(), process_command_line.CommandLine);
CommandLine = process_command_line.CommandLine;
// CommandLine = myProcess.ProcessName;
Console.WriteLine("--> {0} {1} {2} {3}", sProbe, myProcess.ProcessName, myProcess.Id, DateTime.Now - myProcess.StartTime);
}
catch (Win32Exception e) {
System.Diagnostics.Trace.Assert(e != null);
}
}
}
CallBackPtr callBackPtr = new CallBackPtr(EnumReport.Report);
if (DialogDetected)
{
EnumReport.evt = myDiscovery;
EnumReport.CommandLine = CommandLine;
EnumReport.EnumWindows(callBackPtr, 0);
}
}
static void Main(string[] args)
{
Console.WriteLine("Managed ProcessCommandLine");
Console.WriteLine("------------------------\n");
foreach (var p in Process.GetProcesses())
{
Console.ForegroundColor = ConsoleColor.Green;
Console.WriteLine($"{p.ProcessName} ({p.Id}):");
Console.ResetColor();
var rc = ProcessCommandLine.Retrieve(p, out var workingDir, ProcessCommandLine.Parameter.WorkingDirectory);
if (0 == rc)
{
Console.WriteLine($"\tdir: {workingDir}");
}
else
{
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine($"\tUnable to get working directory ({rc}): {ProcessCommandLine.ErrorToString(rc)}");
Console.ResetColor();
}
rc = ProcessCommandLine.Retrieve(p, out var cl);
if (0 == rc)
{
var cmdLineArray = ProcessCommandLine.CommandLineToArgs(cl);
cmdLineArray.Select((x, i) => $"\targ {i}:\t{x}").ToList().ForEach(Console.WriteLine);
}
else
{
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine($"\tUnable to get command line ({rc}): {ProcessCommandLine.ErrorToString(rc)}");
Console.ResetColor();
}
}
Console.Write("\nPress any key to quit ...");
Console.ReadKey(true);
}
private async Task <IEnumerable <int> > TryFindProcessesMatching(
string s
)
{
Logger.VerboseLog($"Attempting to match processes with '{s}'");
var re = new Regex(s, RegexOptions.IgnoreCase);
var tasks = Process.GetProcesses()
.Where(p => p.Id != MyPid)
.Select(p =>
{
return(Task.Run(() =>
{
try
{
var commandLine = TryGet(() => ProcessCommandLine.Retrieve(p, out var result) == 0
? result
: ""
);
var strings = new[]
{
p.MainWindowTitle,
p.ProcessName,
commandLine
};
return new
{
p.Id,
p.MainWindowTitle,
p.ProcessName,
CommandLine = commandLine,
IsMatch = strings.Any(re.IsMatch)
};
}
catch
{
return null;
}
}));
});
var results = await Task.WhenAll(tasks);
return(results.Where(o => o?.IsMatch == true)
.Select(o =>
{
Logger.VerboseLog(string.IsNullOrWhiteSpace(o.MainWindowTitle)
? $"match: {o.CommandLine}"
: $"match: {o.CommandLine} ({o.MainWindowTitle})");
return o.Id;
})
.ToArray());
string TryGet(Func <string> func)
{
try
{
return(func());
}
catch
{
return("");
}
}
}