public HackerWindow() { Program.HackerWindow = this; processP = Program.ProcessProvider; serviceP = Program.ServiceProvider; networkP = Program.NetworkProvider; InitializeComponent(); { var handle = this.Handle; } Program.HackerWindowHandle = this.Handle; if (OSVersion.HasExtendedTaskbar) { Windows7Taskbar.AllowWindowMessagesThroughUipi(); Windows7Taskbar.AppId = "ProcessHacker"; Windows7Taskbar.ProcessAppId = "ProcessHacker"; thumbButtonManager = new ThumbButtonManager(this); thumbButtonManager.TaskbarButtonCreated += new EventHandler(thumbButtonManager_TaskbarButtonCreated); } this.AddEscapeToClose(); Logging.Logged += this.QueueMessage; Settings.Refresh(); this.LoadWindowSettings(); this.LoadOtherSettings(); this.LoadControls(); this.LoadNotificationIcons(); Program.AppInstance = new ApplicationInstance(); Program.AppInstance.MainMenu = new MainMenuManager(mainMenu.MenuItems); Program.AppInstance.MainMenu.Hacker = new MenuItemManager(hackerMenuItem.MenuItems); Program.AppInstance.MainMenu.View = new MenuItemManager(viewMenuItem.MenuItems); Program.AppInstance.MainMenu.Tools = new MenuItemManager(toolsMenuItem.MenuItems); Program.AppInstance.MainMenu.Help = new MenuItemManager(helpMenu.MenuItems); this.LoadPlugins(); if ((!Properties.Settings.Default.StartHidden && !Program.StartHidden) || Program.StartVisible) { this.Visible = true; } if (tabControl.SelectedTab == tabProcesses) treeProcesses.Tree.Select(); this.LoadOther(); this.LoadStructs(); vistaMenu.DelaySetImageCalls = false; vistaMenu.PerformPendingSetImageCalls(); serviceP.RunOnceAsync(); serviceP.Enabled = true; _dontCalculate = false; }
public static void DumpProcesses(MemoryFileSystem mfs, ProcessSystemProvider provider) { using (var processes = mfs.RootObject.GetChild("Processes")) { var p = Windows.GetProcesses(); foreach (var process in p.Values) { using (var processChild = processes.CreateChild(process.Process.ProcessId.ToString("x"))) { ProcessItem item = null; if (provider != null) { if (provider.Dictionary.ContainsKey(process.Process.ProcessId)) { item = provider.Dictionary[process.Process.ProcessId]; } } DumpProcess(processChild, process, item, p, Windows.GetHandles()); } } if (provider != null) { int dpcsPid = provider.DpcsProcess.Process.ProcessId; int interruptsPid = provider.InterruptsProcess.Process.ProcessId; using (var dpcsChild = processes.CreateChild(dpcsPid.ToString("x"))) { DumpProcess(dpcsChild, provider.DpcsProcess, provider.Dictionary[dpcsPid], null, null); } using (var interruptsChild = processes.CreateChild(interruptsPid.ToString("x"))) { DumpProcess(interruptsChild, provider.InterruptsProcess, provider.Dictionary[interruptsPid], null, null); } } } }
private static bool ProcessCommandLine(Dictionary<string, string> pArgs) { if (pArgs.ContainsKey("-assistant")) { Assistant.Main(pArgs); return true; } if (pArgs.ContainsKey("-e")) { try { ExtendedCmd.Run(pArgs); } catch (Exception ex) { PhUtils.ShowException("Unable to complete the operation", ex); } return true; } if (pArgs.ContainsKey("-installkph")) { try { using (ServiceManagerHandle scm = new ServiceManagerHandle(ScManagerAccess.CreateService)) { using (ServiceHandle shandle = scm.CreateService( "KProcessHacker2", "KProcessHacker2", ServiceType.KernelDriver, ServiceStartType.SystemStart, ServiceErrorControl.Ignore, Application.StartupPath + "\\kprocesshacker.sys", null, null, null )) { shandle.Start(); } } } catch (WindowsException ex) { // Need to pass status back. Environment.Exit((int)ex.ErrorCode); } return true; } if (pArgs.ContainsKey("-uninstallkph")) { try { using (ServiceHandle shandle = new ServiceHandle("KProcessHacker2", ServiceAccess.Stop | (ServiceAccess)StandardRights.Delete)) { try { shandle.Control(ServiceControl.Stop); } catch { } shandle.Delete(); } } catch (WindowsException ex) { // Need to pass status back. Environment.Exit((int)ex.ErrorCode); } return true; } if (pArgs.ContainsKey("-ip")) InspectPid = int.Parse(pArgs["-ip"]); if (pArgs.ContainsKey("-pw")) { int pid = int.Parse(pArgs["-pw"]); PrimaryProviderThread = new ProviderThread(Settings.Instance.RefreshInterval); SecondaryProviderThread = new ProviderThread(Settings.Instance.RefreshInterval); ProcessProvider = new ProcessSystemProvider(); ServiceProvider = new ServiceProvider(); PrimaryProviderThread.Add(ProcessProvider); PrimaryProviderThread.Add(ServiceProvider); ProcessProvider.Boost(); ServiceProvider.Boost(); ProcessProvider.Enabled = true; ServiceProvider.Enabled = true; Win32.LoadLibrary(Settings.Instance.DbgHelpPath); if (!ProcessProvider.Dictionary.ContainsKey(pid)) { PhUtils.ShowError("The process (PID " + pid.ToString() + ") does not exist."); Environment.Exit(0); return true; } ProcessWindow pw = new ProcessWindow(ProcessProvider.Dictionary[pid]); Application.Run(pw); PrimaryProviderThread.Dispose(); ProcessProvider.Dispose(); ServiceProvider.Dispose(); Environment.Exit(0); return true; } if (pArgs.ContainsKey("-pt")) { int pid = int.Parse(pArgs["-pt"]); try { using (var phandle = new ProcessHandle(pid, Program.MinProcessQueryRights)) Application.Run(new TokenWindow(phandle)); } catch (Exception ex) { PhUtils.ShowException("Unable to show token properties", ex); } return true; } if (pArgs.ContainsKey("-o")) { OptionsWindow options = new OptionsWindow(true) { StartPosition = FormStartPosition.CenterScreen }; IWin32Window window; if (pArgs.ContainsKey("-hwnd")) window = new WindowFromHandle(new IntPtr(int.Parse(pArgs["-hwnd"]))); else window = new WindowFromHandle(IntPtr.Zero); if (pArgs.ContainsKey("-rect")) { Rectangle rect = Utils.GetRectangle(pArgs["-rect"]); options.Location = new Point(rect.X + 20, rect.Y + 20); options.StartPosition = FormStartPosition.Manual; } options.SelectedTab = options.TabPages["tabAdvanced"]; options.ShowDialog(window); return true; } if (pArgs.ContainsKey(string.Empty)) if (pArgs[string.Empty].Replace("\"", string.Empty).Trim().EndsWith("taskmgr.exe", StringComparison.OrdinalIgnoreCase)) StartVisible = true; if (pArgs.ContainsKey("-m")) StartHidden = true; if (pArgs.ContainsKey("-v")) StartVisible = true; if (pArgs.ContainsKey("-a")) { try { Unhook(); } catch { } try { NProcessHacker.KphHookInit(); } catch { } } if (pArgs.ContainsKey("-t")) { if (pArgs["-t"] == "0") SelectTab = "Processes"; else if (pArgs["-t"] == "1") SelectTab = "Services"; else if (pArgs["-t"] == "2") SelectTab = "Network"; } return false; }
private static void LoadProviders() { ProcessProvider = new ProcessSystemProvider(); ServiceProvider = new ServiceProvider(); NetworkProvider = new NetworkProvider(); Program.PrimaryProviderThread = new ProviderThread(Settings.Instance.RefreshInterval) { ProcessProvider, ServiceProvider, NetworkProvider }; Program.SecondaryProviderThread = new ProviderThread(Settings.Instance.RefreshInterval); }
private static void LoadProviders() { ProcessProvider = new ProcessSystemProvider(); ServiceProvider = new ServiceProvider(); NetworkProvider = new NetworkProvider(); Program.SharedThreadProvider = new SharedThreadProvider(Properties.Settings.Default.RefreshInterval); Program.SharedThreadProvider.Add(ProcessProvider); Program.SharedThreadProvider.Add(ServiceProvider); Program.SharedThreadProvider.Add(NetworkProvider); Program.SecondarySharedThreadProvider = new SharedThreadProvider(Properties.Settings.Default.RefreshInterval); }