private void buttonOK_Click(object sender, EventArgs e) { this.Cursor = Cursors.WaitCursor; Application.DoEvents(); try { System.Diagnostics.ProcessStartInfo info = new System.Diagnostics.ProcessStartInfo(); info.WindowStyle = System.Diagnostics.ProcessWindowStyle.Hidden; info.FileName = Application.StartupPath + "\\Assistant.exe"; info.Arguments = "-w"; System.Diagnostics.Process.Start(info); } catch { } try { string binPath; string mailslotName; bool omitUserAndType = false; if (_pid != -1) { omitUserAndType = true; } mailslotName = "ProcessHackerAssistant" + Utils.CreateRandomString(8); binPath = "\"" + Application.StartupPath + "\\Assistant.exe\" " + (omitUserAndType ? "" : ("-u \"" + comboUsername.Text + "\" -t " + comboType.SelectedItem.ToString().ToLower() + " ")) + (_pid != -1 ? ("-P " + _pid.ToString() + " ") : "") + "-p \"" + textPassword.Text.Replace("\"", "\\\"") + "\" -s " + textSessionID.Text + " -c \"" + textCmdLine.Text.Replace("\"", "\\\"") + "\" -E " + mailslotName; if (Program.ElevationType == TokenElevationType.Limited) { var result = Program.StartProcessHackerAdminWait( "-e -type processhacker -action runas -obj \"" + binPath.Replace("\"", "\\\"") + "\" -mailslot " + mailslotName + " -hwnd " + this.Handle.ToString(), this.Handle, 5000); if (result == WaitResult.Object0) { this.Close(); } } else { string serviceName = Utils.CreateRandomString(8); using (var manager = new ServiceManagerHandle(ScManagerAccess.CreateService)) { using (var service = manager.CreateService( serviceName, serviceName + " (Process Hacker Assistant)", ServiceType.Win32OwnProcess, ServiceStartType.DemandStart, ServiceErrorControl.Ignore, binPath, "", "LocalSystem", null)) { // Create a mailslot so we can receive the error code for Assistant. using (var mhandle = MailslotHandle.Create( FileAccess.GenericRead, @"\Device\Mailslot\" + mailslotName, 0, 5000) ) { try { service.Start(); } catch { } service.Delete(); Win32Error errorCode = (Win32Error)mhandle.Read(4).ToInt32(); if (errorCode != Win32Error.Success) { throw new WindowsException(errorCode); } } } } this.Close(); } } catch (Exception ex) { PhUtils.ShowException("Unable to start the program", ex); } this.Cursor = Cursors.Default; }
public static void Run(IDictionary <string, string> args) { try { ThemingScope.Activate(); } catch { } if (!args.ContainsKey("-type")) { throw new Exception("-type switch required."); } string type = args["-type"].ToLowerInvariant(); if (!args.ContainsKey("-obj")) { throw new Exception("-obj switch required."); } string obj = args["-obj"]; if (!args.ContainsKey("-action")) { throw new Exception("-action switch required."); } string action = args["-action"].ToLowerInvariant(); WindowFromHandle window = new WindowFromHandle(IntPtr.Zero); if (args.ContainsKey("-hwnd")) { window = new WindowFromHandle(new IntPtr(int.Parse(args["-hwnd"]))); } try { switch (type) { case "processhacker": { switch (action) { case "runas": { using (var manager = new ServiceManagerHandle(ScManagerAccess.CreateService)) { Random r = new Random((int)(DateTime.Now.ToFileTime() & 0xffffffff)); string serviceName = ""; for (int i = 0; i < 8; i++) { serviceName += (char)('A' + r.Next(25)); } using (var service = manager.CreateService( serviceName, serviceName + " (Process Hacker Assistant)", ServiceType.Win32OwnProcess, ServiceStartType.DemandStart, ServiceErrorControl.Ignore, obj, "", "LocalSystem", null)) { // Create a mailslot so we can receive the error code for Assistant. using (var mhandle = MailslotHandle.Create( FileAccess.GenericRead, @"\Device\Mailslot\" + args["-mailslot"], 0, 5000) ) { try { service.Start(); } catch { } service.Delete(); Win32Error errorCode = (Win32Error)mhandle.Read(4).ToInt32(); if (errorCode != Win32Error.Success) { throw new WindowsException(errorCode); } } } } } break; default: throw new Exception("Unknown action '" + action + "'"); } } break; case "process": { var processes = Windows.GetProcesses(); string[] pidStrings = obj.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries); int[] pids = new int[pidStrings.Length]; string[] names = new string[pidStrings.Length]; for (int i = 0; i < pidStrings.Length; i++) { pids[i] = int.Parse(pidStrings[i]); names[i] = processes[pids[i]].Name; } switch (action) { case "terminate": ProcessActions.Terminate(window, pids, names, true); break; case "suspend": ProcessActions.Suspend(window, pids, names, true); break; case "resume": ProcessActions.Resume(window, pids, names, true); break; case "reduceworkingset": ProcessActions.ReduceWorkingSet(window, pids, names, false); break; default: throw new Exception("Unknown action '" + action + "'"); } } break; case "thread": { foreach (string tid in obj.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries)) { switch (action) { case "terminate": { try { using (var thandle = new ThreadHandle(int.Parse(tid), ThreadAccess.Terminate)) thandle.Terminate(); } catch (Exception ex) { DialogResult result = MessageBox.Show(window, "Could not terminate thread with ID " + tid + ":\n\n" + ex.Message, "Process Hacker", MessageBoxButtons.OKCancel, MessageBoxIcon.Error); if (result == DialogResult.Cancel) { return; } } } break; case "suspend": { try { using (var thandle = new ThreadHandle(int.Parse(tid), ThreadAccess.SuspendResume)) thandle.Suspend(); } catch (Exception ex) { DialogResult result = MessageBox.Show(window, "Could not suspend thread with ID " + tid + ":\n\n" + ex.Message, "Process Hacker", MessageBoxButtons.OKCancel, MessageBoxIcon.Error); if (result == DialogResult.Cancel) { return; } } } break; case "resume": { try { using (var thandle = new ThreadHandle(int.Parse(tid), ThreadAccess.SuspendResume)) thandle.Resume(); } catch (Exception ex) { DialogResult result = MessageBox.Show(window, "Could not resume thread with ID " + tid + ":\n\n" + ex.Message, "Process Hacker", MessageBoxButtons.OKCancel, MessageBoxIcon.Error); if (result == DialogResult.Cancel) { return; } } } break; default: throw new Exception("Unknown action '" + action + "'"); } } } break; case "service": { switch (action) { case "start": { ServiceActions.Start(window, obj, false); } break; case "continue": { ServiceActions.Continue(window, obj, false); } break; case "pause": { ServiceActions.Pause(window, obj, false); } break; case "stop": { ServiceActions.Stop(window, obj, false); } break; case "delete": { ServiceActions.Delete(window, obj, true); } break; case "config": { using (ServiceHandle service = new ServiceHandle(obj, ServiceAccess.ChangeConfig)) { ServiceType serviceType; if (args["-servicetype"] == "Win32OwnProcess, InteractiveProcess") { serviceType = ServiceType.Win32OwnProcess | ServiceType.InteractiveProcess; } else if (args["-servicetype"] == "Win32ShareProcess, InteractiveProcess") { serviceType = ServiceType.Win32ShareProcess | ServiceType.InteractiveProcess; } else { serviceType = (ServiceType)Enum.Parse(typeof(ServiceType), args["-servicetype"]); } var startType = (ServiceStartType) Enum.Parse(typeof(ServiceStartType), args["-servicestarttype"]); var errorControl = (ServiceErrorControl) Enum.Parse(typeof(ServiceErrorControl), args["-serviceerrorcontrol"]); string binaryPath = null; string loadOrderGroup = null; string userAccount = null; string password = null; if (args.ContainsKey("-servicebinarypath")) { binaryPath = args["-servicebinarypath"]; } if (args.ContainsKey("-serviceloadordergroup")) { loadOrderGroup = args["-serviceloadordergroup"]; } if (args.ContainsKey("-serviceuseraccount")) { userAccount = args["-serviceuseraccount"]; } if (args.ContainsKey("-servicepassword")) { password = args["-servicepassword"]; } if (!Win32.ChangeServiceConfig(service, serviceType, startType, errorControl, binaryPath, loadOrderGroup, IntPtr.Zero, null, userAccount, password, null)) { Win32.Throw(); } } } break; default: throw new Exception("Unknown action '" + action + "'"); } } break; case "session": { int sessionId = int.Parse(obj); switch (action) { case "disconnect": { SessionActions.Disconnect(window, sessionId, false); } break; case "logoff": { SessionActions.Logoff(window, sessionId, false); } break; default: throw new Exception("Unknown action '" + action + "'"); } } break; default: throw new Exception("Unknown object type '" + type + "'"); } } catch (Exception ex) { MessageBox.Show(window, ex.Message, "Process Hacker", MessageBoxButtons.OK, MessageBoxIcon.Error); } }