NktProcessesEnum C# (CSharp) Code Examples

Example #1

0

Show file

File: Form1.cs Project: nektra/CVE-2010-3971-hotpatch

        private bool HookProcess(string proccessName)
        {
            NktProcessesEnum enumProcess = _spyMgr.Processes();
            NktProcess       tempProcess = enumProcess.First();

            while (tempProcess != null)
            {
                if (tempProcess.Name.Equals(proccessName, StringComparison.InvariantCultureIgnoreCase) && tempProcess.PlatformBits > 0 && tempProcess.PlatformBits <= IntPtr.Size * 8)
                {
                    _process = tempProcess;

                    NktModule module = _process.ModuleByName("mshtml.dll");

                    if (module != null)
                    {
                        IntPtr EA = (IntPtr) new IntPtr(module.BaseAddress.ToInt32() + _RVA.ToInt32());

                        NktHook hook = _spyMgr.CreateHookForAddress(EA, "mshtml.dll!CStyleSheet::Notify", (int)(eNktHookFlags.flgRestrictAutoHookToSameExecutable | eNktHookFlags.flgOnlyPreCall | eNktHookFlags.flgDontCheckAddress));

                        hook.Attach(_process, true);
                        hook.Hook(true);
                    }
                }
                tempProcess = enumProcess.Next();
            }

            _process = null;
            return(false);
        }

Example #2

0

Show file

        private void Form1_Load(object sender, EventArgs e)
        {
            NktHook hook = _spyMgr.CreateHook("WINMM.dll!timeGetTime", (int)(eNktHookFlags.flgOnlyPostCall));

            hook.Hook(true);

            bool             bProcessFound = false;
            NktProcessesEnum enumProcess   = _spyMgr.Processes();
            NktProcess       tempProcess   = enumProcess.First();

            while (tempProcess != null)
            {
                if (tempProcess.Name.Equals("iexplore.exe", StringComparison.InvariantCultureIgnoreCase) && tempProcess.PlatformBits == 32)
                {
                    hook.Attach(tempProcess, true);
                    bProcessFound = true;
                }
                tempProcess = enumProcess.Next();
            }

            if (!bProcessFound)
            {
                MessageBox.Show("Please run \"iexplore.exe\" before!", "Error");
                Environment.Exit(0);
            }
        }

Example #3

0

Show file

        public void FindSqlService()
        {
            NktProcessesEnum pEnum = _spyMgr.Processes();

            _sqlServerProcess = pEnum.GetByName("sqlservr.exe");

            if (_sqlServerProcess == null)
            {
                throw new SqlServiceNotFoundException();
            }
        }

Example #4

0

Show file

        private NktProcess GetProcess(string proccessName)
        {
            NktProcessesEnum enumProcess = _spyMgr.Processes();
            NktProcess       tempProcess = enumProcess.First();

            while (tempProcess != null)
            {
                if (tempProcess.Name.Equals(proccessName, StringComparison.InvariantCultureIgnoreCase))
                {
                    return(tempProcess);
                }
                tempProcess = enumProcess.Next();
            }
            return(null);
        }

Example #5

0

Show file

        public bool HookProcess(string proccessName)
        {
            NktProcessesEnum enumProcess = spyMgr.Processes();
            NktProcess       tempProcess = enumProcess.First();

            while (tempProcess != null)
            {
                if (tempProcess.Name.Equals(proccessName, StringComparison.InvariantCultureIgnoreCase))
                {
                    Console.WriteLine("Found process {0}", proccessName);
                    return(HookProcess(tempProcess));
                }
                tempProcess = enumProcess.Next();
            }
            return(false);
        }

Example #6

0

Show file

        private bool GetProcess(string proccessName)
        {
            NktProcessesEnum enumProcess = _spyMgr.Processes();
            NktProcess       tempProcess = enumProcess.First();

            while (tempProcess != null)
            {
                if (tempProcess.Name.Equals(proccessName, StringComparison.InvariantCultureIgnoreCase) && tempProcess.PlatformBits > 0 && tempProcess.PlatformBits <= IntPtr.Size * 8)
                {
                    _process = tempProcess;
                    return(true);
                }
                tempProcess = enumProcess.Next();
            }
            _process = null;
            return(false);
        }

Example #7

0

Show file

File: HookingManager.cs Project: xornand/improving-deviare-hooking-performance-with-custom-hooks

        public void Hook(bool use_deviare_custom_hook_plugin)
        {
            this._use_deviare_custom_hook_plugin = use_deviare_custom_hook_plugin;
            string[] functions = { "kernel32.dll!MapViewOfFile" };

            Nektra.Deviare2.eNktHookFlags flags = 0;

            flags |= eNktHookFlags.flgAutoHookChildProcess;
            flags |= eNktHookFlags.flgOnlyPostCall;

            if (_use_deviare_custom_hook_plugin)
            {
                flags |= eNktHookFlags.flgAsyncCallbacks;
            }

            foreach (var function in functions)
            {
                NktHook a_hook = this._spyMgr.CreateHook(function, (int)flags);
                if (this._use_deviare_custom_hook_plugin)
                {
                    a_hook.AddCustomHandler(this._custom_handler_path, (int)Nektra.Deviare2.eNktHookCustomHandlerFlags.flgChDontCallIfLoaderLocked);
                }

                a_hook.Hook(true);
                hooks.Add(a_hook);
            }

            NktProcessesEnum processes = this._spyMgr.Processes();
            NktProcess       process   = processes.First();

            while (process != null)
            {
                if (process.Name.Equals("notepad.exe", StringComparison.InvariantCultureIgnoreCase))
                {
                    foreach (var hook in hooks)
                    {
                        hook.Attach(process, true);
                    }
                }
                Debug.WriteLine(String.Format("process.Name = {0} process.PlatformBits = {1}", process.Name, process.PlatformBits));
                process = processes.Next();
            }
        }

Example #8

0

Show file

        private bool GetProcess(string proccessName)
        {
            NktProcessesEnum enumProcess = _spyMgr.Processes();
            NktProcess       tempProcess = enumProcess.First();

            while (tempProcess != null)
            {
                //Console.Out.WriteLine(tempProcess.Name);

                if (tempProcess.Name.Contains(proccessName) && tempProcess.PlatformBits > 0 && tempProcess.PlatformBits <= IntPtr.Size * 8)
                {
                    _process = tempProcess;
                    return(true);
                }
                tempProcess = enumProcess.Next();
            }

            _process = null;
            return(false);
        }

Example #9

0

Show file

File: NktProcessEnumExtensions.cs Project: zelorun/Deviare2

 public static NktProcess[] CollectAll(this NktProcessesEnum aProcessesEnumerator)
 {
     return(NktEnumExtensions.CollectAll(() => aProcessesEnumerator.Count, index => aProcessesEnumerator.GetAt(index)));
 }

C# (CSharp) NktProcessesEnum Examples