private void ShowSessionID(AccessTokenHandle hToken)
{
var sessionId = AccessTokenSessionId.FromTokenHandle(hToken);
console.WriteLine("[SESSION ID]");
console.WriteLine("");
console.WriteLine(sessionId.ToOutputString());
console.WriteLine("");
}
private void InnerSetSameSessionId()
{
var hCurrent = AccessTokenHandle.GetCurrentProcessTokenHandle();
var currentSession = AccessTokenSessionId.FromTokenHandle(hCurrent);
var targetSession = AccessTokenSessionId.FromTokenHandle(this.TokenHandle);
if (currentSession.SessionId != targetSession.SessionId)
{
AccessTokenSessionId.SetTokenSessionId(currentSession, this.TokenHandle);
}
var tmp = AccessTokenSessionId.FromTokenHandle(TokenHandle);
if (tmp.SessionId != currentSession.SessionId)
{
Logger.GetInstance().Error($"Failed to set session id for token. {currentSession.SessionId} vs {tmp.SessionId}");
}
}
public AccessTokenInformation(AccessTokenHandle handle)
{
try
{
this._groups = AccessTokenGroups.FromTokenHandle(handle);
}
catch { }
try
{
this._logonSid = AccessTokenLogonSid.FromTokenHandle(handle);
}
catch { }
try
{
this._owner = AccessTokenOwner.FromTokenHandle(handle);
}
catch { }
try
{
this._primaryGroup = AccessTokenPrimaryGroup.FromTokenHandle(handle);
}
catch { }
try
{
this._primaryGroup = AccessTokenPrimaryGroup.FromTokenHandle(handle);
}
catch { }
try
{
this._privileges = AccessTokenPrivileges.FromTokenHandle(handle);
}
catch { }
try
{
this._sessionId = AccessTokenSessionId.FromTokenHandle(handle);
}
catch { }
try
{
this._user = AccessTokenUser.FromTokenHandle(handle);
}
catch { }
}
private void InnerPrintProcesses(List <TMProcess> processes)
{
List <Tuple <string, string, string, string> > processesInfo = new List <Tuple <string, string, string, string> >();
foreach (var p in processes)
{
var sessionId = "";
string username = "";
try
{
var pHandle = TMProcessHandle.FromProcess(p, ProcessAccessFlags.QueryInformation);
var tHandle = AccessTokenHandle.FromProcessHandle(pHandle, TokenAccess.TOKEN_QUERY);
var userInfo = AccessTokenUser.FromTokenHandle(tHandle);
var sessionInfo = AccessTokenSessionId.FromTokenHandle(tHandle);
username = userInfo.Domain + "\\" + userInfo.Username;
sessionId = sessionInfo.SessionId.ToString();
}
catch (Exception)
{
}
processesInfo.Add(new Tuple <string, string, string, string>(p.ProcessId.ToString(), p.ProcessName, username, sessionId));
}
StringBuilder output = new StringBuilder();
int padding = 2;
int maxName = 0;
int maxPid = 0;
int maxUser = 0;
int maxSession = 0;
foreach (var p in processesInfo)
{
maxPid = Math.Max(maxPid, p.Item1.Length);
maxName = Math.Max(maxName, p.Item2.Length);
maxUser = Math.Max(maxUser, p.Item3.Length);
maxSession = Math.Max(maxSession, p.Item4.Length);
}
string name = "PROCESS";
string pid = "PID";
string user = "******";
string session = "SESSION";
output.Append(pid + "," + generateSpaces(maxPid + padding - pid.Length));
output.Append(name + "," + generateSpaces(maxName + padding - name.Length));
output.Append(user + generateSpaces(maxUser + padding - user.Length));
output.Append(session + "\n");
var sorted = processesInfo.OrderBy(x => x.Item1).ToList();
foreach (var p in sorted)
{
string line = "";
line += p.Item1 + ",";
line += generateSpaces(maxPid + padding - p.Item1.Length);
line += p.Item2 + ",";
line += generateSpaces(maxName + padding - p.Item2.Length);
line += p.Item3;
line += generateSpaces(maxUser + padding - p.Item3.Length);
line += p.Item4;
output.Append(line + "\n");
}
console.Write(output.ToString());
}
