Ejemplo n.º 1
0
 private void SetupProcessEntry(COMProcessEntry obj)
 {
     m_process = obj;
     textBoxProcessExecutablePath.Text       = obj.ExecutablePath;
     textBoxProcessProcessId.Text            = obj.Pid.ToString();
     textBoxProcessAppId.Text                = GetGuidValue(obj.AppId);
     textBoxProcessAccessPermissions.Text    = GetStringValue(obj.AccessPermissions);
     btnProcessViewAccessPermissions.Enabled = !String.IsNullOrWhiteSpace(obj.AccessPermissions);
     textBoxProcessLrpcPermissions.Text      = GetStringValue(obj.LRpcPermissions);
     textBoxProcessUser.Text     = GetStringValue(obj.User);
     textBoxProcessSecurity.Text = String.Format("Capabilities: {0}, Authn Level: {1}, Imp Level: {2}",
                                                 obj.Capabilities, obj.AuthnLevel, obj.ImpLevel);
     textBoxProcessStaHwnd.Text = String.Format("0x{0:X}", obj.STAMainHWnd.ToInt64());
     foreach (COMIPIDEntry ipid in obj.Ipids)
     {
         ListViewItem item = listViewProcessIPids.Items.Add(ipid.Ipid.ToString());
         item.SubItems.Add(m_registry.MapIidToInterface(ipid.Iid).Name);
         item.SubItems.Add(ipid.Flags.ToString());
         item.Tag = ipid;
     }
     listViewProcessIPids.AutoResizeColumns(ColumnHeaderAutoResizeStyle.ColumnContent);
     listViewProcessIPids.AutoResizeColumns(ColumnHeaderAutoResizeStyle.HeaderSize);
     listViewProcessIPids.ListViewItemSorter = new ListItemComparer(0);
     tabControlProperties.TabPages.Add(tabPageProcess);
     if (m_registry.AppIDs.ContainsKey(obj.AppId))
     {
         SetupAppIdEntry((COMAppIDEntry)m_registry.AppIDs[obj.AppId]);
     }
 }
        public static IEnumerable <COMProcessEntry> GetProcesses(IEnumerable <Process> procs, string dbghelp_path, string symbol_path, IProgress <Tuple <string, int> > progress)
        {
            List <COMProcessEntry> ret = new List <COMProcessEntry>();

            NtToken.EnableDebugPrivilege();
            int total_count   = procs.Count();
            int current_count = 0;

            foreach (Process p in procs)
            {
                try
                {
                    if (progress != null)
                    {
                        progress.Report(new Tuple <string, int>(String.Format("Parsing process {0}", p.ProcessName),
                                                                100 * current_count++ / total_count));
                    }
                    COMProcessEntry proc = COMProcessParser.ParseProcess(p.Id,
                                                                         dbghelp_path, symbol_path);
                    if (proc != null)
                    {
                        ret.Add(proc);
                    }
                }
                catch (Win32Exception)
                {
                }
                finally
                {
                    p.Close();
                }
            }

            return(ret);
        }
Ejemplo n.º 3
0
 private void SetupProcessEntry(COMProcessEntry obj)
 {
     m_process = obj;
     textBoxProcessExecutablePath.Text       = obj.ExecutablePath;
     textBoxProcessProcessId.Text            = obj.Pid.ToString();
     textBoxProcessAppId.Text                = GetGuidValue(obj.AppId);
     textBoxProcessAccessPermissions.Text    = GetStringValue(obj.AccessPermissions);
     btnProcessViewAccessPermissions.Enabled = !String.IsNullOrWhiteSpace(obj.AccessPermissions);
     textBoxProcessLrpcPermissions.Text      = GetStringValue(obj.LRpcPermissions);
     textBoxProcessUser.Text     = GetStringValue(obj.User);
     textBoxProcessSecurity.Text = String.Format("Capabilities: {0}, Authn Level: {1}, Imp Level: {2}",
                                                 obj.Capabilities, obj.AuthnLevel, obj.ImpLevel);
     textBoxProcessStaHwnd.Text = String.Format("0x{0:X}", obj.STAMainHWnd.ToInt64());
     SetupIpidEntries(obj.Ipids, false);
     listViewProcessIPids.ListViewItemSorter = new ListItemComparer(0);
     tabControlProperties.TabPages.Add(tabPageProcess);
     if (m_registry.AppIDs.ContainsKey(obj.AppId))
     {
         SetupAppIdEntry((COMAppIDEntry)m_registry.AppIDs[obj.AppId]);
     }
 }
Ejemplo n.º 4
0
 private void SetupProcessEntry(COMProcessEntry obj)
 {
     m_process = obj;
     textBoxProcessExecutablePath.Text       = obj.ExecutablePath;
     textBoxProcessProcessId.Text            = obj.ProcessId.ToString();
     textBoxProcessAppId.Text                = GetGuidValue(obj.AppId);
     textBoxProcessAccessPermissions.Text    = GetStringValue(obj.AccessPermissions);
     btnProcessViewAccessPermissions.Enabled = !String.IsNullOrWhiteSpace(obj.AccessPermissions);
     textBoxProcessLrpcPermissions.Text      = GetStringValue(obj.LRpcPermissions);
     textBoxProcessUser.Text     = GetStringValue(obj.User);
     textBoxProcessSecurity.Text = String.Format("Capabilities: {0}, Authn Level: {1}, Imp Level: {2}, Unmarshal Policy: {3}",
                                                 obj.Capabilities, obj.AuthnLevel, obj.ImpLevel, obj.UnmarshalPolicy);
     textBoxProcessStaHwnd.Text = String.Format("0x{0:X}", obj.STAMainHWnd.ToInt64());
     SetupIpidEntries(obj.Ipids, false);
     listViewProcessIPids.ListViewItemSorter = new ListItemComparer(0);
     lblProcess64bit.Text = COMUtilities.FormatBitness(obj.Is64Bit);
     tabControlProperties.TabPages.Add(tabPageProcess);
     if (m_registry.AppIDs.ContainsKey(obj.AppId))
     {
         SetupAppIdEntry((COMAppIDEntry)m_registry.AppIDs[obj.AppId]);
     }
     if (obj.Classes.Any())
     {
         tabControlProperties.TabPages.Add(tabPageRegisteredClasses);
         foreach (var c in obj.Classes)
         {
             COMCLSIDEntry clsid = m_registry.MapClsidToEntry(c.Clsid);
             ListViewItem  item  = listViewRegisteredClasses.Items.Add(c.Clsid.FormatGuid());
             item.SubItems.Add(clsid.Name);
             item.SubItems.Add(c.VTable);
             item.SubItems.Add(c.RegFlags.ToString());
             item.SubItems.Add(c.Apartment.ToString());
             item.SubItems.Add(c.Context.ToString());
             item.Tag = c;
         }
         listViewRegisteredClasses.ListViewItemSorter = new ListItemComparer(0);
         listViewRegisteredClasses.AutoResizeColumns(ColumnHeaderAutoResizeStyle.ColumnContent);
         listViewRegisteredClasses.AutoResizeColumns(ColumnHeaderAutoResizeStyle.HeaderSize);
     }
 }