/// <summary>
/// adds the currently selected process to the favorites (by window title text)
/// </summary>
private void byTheWindowTitleTextregexToolStripMenuItem_Click(object sender, EventArgs e)
{
if (lstProcesses.SelectedItem == null)
{
return;
}
ProcessDetails pd = ((ProcessDetails)lstProcesses.SelectedItem);
if (!pd.Manageable)
{
return;
}
//TODO move to controller
if (controller.Favorites.CanAdd(pd.WindowTitle))
{
string res = Tools.Input_Text("Add to favorites by RegEx string", "Regex string (see the Help menu for reference)", pd.WindowTitle);
if (res.Trim().Length > 0)
{
Favorites.Favorite fav = new Favorites.Favorite();
fav.Kind = Favorites.Favorite.FavoriteKinds.ByRegexString;
fav.SearchText = res;
controller.Favorites.Add(fav);
}
}
}
public static void WinEventProc(IntPtr hWinEventHook, uint eventType, IntPtr hwnd, int idObject, int idChild, uint dwEventThread, uint dwmsEventTime)
{
if (Config.Instance.Favorites != null)
{
try
{
var handle = Native.GetForegroundWindow();
Native.GetWindowThreadProcessId(handle, out uint processId);
var details = new ProcessDetails(Process.GetProcessById((int)processId), handle);
foreach (var fav in Config.Instance.Favorites.Where(favorite => favorite.IsRunning && favorite.MuteInBackground))
{
if (fav.Matches(details))
{
if (Native.IsMuted((int)processId))
{
Native.UnMuteProcess((int)processId);
}
}
else
{
if (!Native.IsMuted(fav.RunningId))
{
Native.MuteProcess(fav.RunningId);
}
}
}
}
catch (Exception)
{
//
}
}
}
private void DoAccessCheck(IEnumerable <TokenEntry> tokens,
ProcessDetails proc_details, NtThread thread, AccessMask access_rights)
{
var sd = thread.GetSecurityDescriptor(SecurityInformation.AllBasic, false);
if (sd.IsSuccess)
{
foreach (TokenEntry token in tokens)
{
CheckAccess(token, proc_details, ThreadDetails.FromThread(thread), _thread_type, access_rights, sd.Result);
}
}
else
{
// Try and open process when under impersonation.
foreach (TokenEntry token in tokens)
{
using (var new_thread = token.Token.RunUnderImpersonate(() => NtThread.Open(thread.ThreadId, ThreadAccessRights.MaximumAllowed, false)))
{
if (new_thread.IsSuccess && IsAccessGranted(new_thread.Result.GrantedAccessMask, access_rights))
{
WriteAccessCheckResult(proc_details, ThreadDetails.FromThread(thread), new_thread.Result.GrantedAccessMask,
_thread_type.GenericMapping, String.Empty, token.Information);
}
}
}
}
}
private void Kill(ProcessDetails ProcessDetails)
{
bool IsKill = int.Parse(ProcessDetails.PortNumber) > 1024;
IsKill = IsKill && !processList.PermittedProcess.Any(x => x == ProcessDetails.ProcessName);
if (IsKill)
{
try
{
foreach (var process in Process.GetProcessesByName(ProcessDetails.ProcessName))
{
process.Kill();
Console.WriteLine(string.Format("Process {0} killed", ProcessDetails.Name));
LogHelper.Info(string.Format("Process {0} killed", ProcessDetails.Name));
}
}
catch (Exception ex)
{
Console.WriteLine(string.Format("{0} :{1}", ex.Message, ProcessDetails.Name));
LogHelper.Error(string.Format("{0} :{1}", ex.Message, ProcessDetails.Name));
//throw;
}
}
}
public IDictionary <int, IProcessDetails> LoadProcessDetails()
{
// generate all IProcessDetails
var xmlProcDetList = XDocument.Load(this._processDetailsPath)
.Root
.Elements();
var pdict = new Dictionary <int, IProcessDetails>();
foreach (var xpd in xmlProcDetList)
{
int id = (int)xpd.Element("Id");
string name = (string)xpd.Element("Name");
string assemblyPath = (string)xpd.Element("DotNetObjectDetails").Element("AssemblyPath");
string objectName = (string)xpd.Element("DotNetObjectDetails").Element("FullyQualifiedObjectName");
Type procType = LoadTypeFromAssembly(assemblyPath, objectName);
double weight = double.Parse((string)xpd.Element("Weight"));
double avgDuration = double.Parse((string)xpd.Element("AverageDurationMS"));
var pd = new ProcessDetails(id, name, procType, weight, avgDuration);
pdict.Add(pd.Id, pd);
}
return(pdict);
}
internal override void RunAccessCheck(IEnumerable <TokenEntry> tokens)
{
AccessMask access_rights = _process_type.MapGenericRights(AccessRights);
AccessMask thread_access_rights = _thread_type.MapGenericRights(ThreadAccessRights);
if (!NtToken.EnableDebugPrivilege())
{
WriteWarning("Current process doesn't have SeDebugPrivilege, results may be inaccurate");
}
if (CheckProcess())
{
using (var procs = NtProcess.GetProcesses(ProcessAccessRights.MaximumAllowed, false).ToDisposableList())
{
DoAccessCheck(tokens, procs.Where(p => ShowDeadProcesses || !p.IsDeleting), access_rights, thread_access_rights);
}
}
else
{
using (var threads = NtThread.GetThreads(ThreadAccessRights.MaximumAllowed, true).ToDisposableList())
{
foreach (var thread in threads)
{
DoAccessCheck(tokens, ProcessDetails.FromThread(thread), thread, thread_access_rights);
}
}
}
}
// Dependency injection uses this constructor to instantiate MainDialog
public MainDialog(ProcessRecognizer luisRecognizer, ILogger <MainDialog> logger, UserState userState, ConversationState conversationState)
: base(nameof(MainDialog))
{
_luisRecognizer = luisRecognizer;
Logger = logger;
_conversationFlow = conversationState.CreateProperty <ConversationFlow>(nameof(ConversationFlow));
processDetails = new ProcessDetails();
AddDialog(new TextPrompt(nameof(TextPrompt)));
AddDialog(new ChoicePrompt(nameof(ChoicePrompt)));
AddDialog(new StartProcessDialog(_conversationFlow));
AddDialog(new StatusDialog());
AddDialog(new EndConversationDialog());
AddDialog(new StopProcessDialog());
AddDialog(new SupportDialog());
AddDialog(new OpenURLDialog());
AddDialog(new WaterfallDialog(nameof(WaterfallDialog), new WaterfallStep[]
{
IntroStepAsync,
ActStepAsync,
FinalStepAsync,
ContinueStepAsync,
RPASupportStepAsync
}));
// The initial child Dialog to run.
InitialDialogId = nameof(WaterfallDialog);
}
/// <summary>
/// adds the currently selected process to the favorites (by window title text)
/// </summary>
private void byTheWindowTitleTextregexToolStripMenuItem_Click(object sender, EventArgs e)
{
if (this.lstProcesses.SelectedItem == null)
{
return;
}
ProcessDetails pd = ((ProcessDetails)this.lstProcesses.SelectedItem);
if (!pd.Manageable)
{
return;
}
//TODO move to controller
if (controller.Favorites.CanAdd(pd.WindowTitle))
{
InputText it = new InputText();
it.Text = "Add to favorites by regex string";
it.Input = pd.WindowTitle;
it.Instructions = "Regex string (reference is in the Help menu)";
it.ShowDialog();
if (it.DialogResult != DialogResult.OK)
{
return;
}
Favorites.Favorite fav = new Favorites.Favorite();
fav.Kind = Favorites.Favorite.FavoriteKinds.ByRegexString;
fav.SearchText = it.Input;
controller.Favorites.Add(fav);
}
}
void ILoggerFactory.UserCloseInfoLogged(ProcessDetails processDetails)
{
var appendInfo = string.Format("{0:dd.MM.yy hh:mm:ss}\tuser close", DateTime.Now);
string[] process = GetProcessDetailsStrings(processDetails);
WriteInfo(appendInfo, process);
}
/// <summary>
/// Sets up the Process-ContextMenu according to the current state
/// </summary>
private void processContext_Opening(object sender, CancelEventArgs e)
{
if (lstProcesses.SelectedItem == null)
{
e.Cancel = true;
return;
}
ProcessDetails pd = ((ProcessDetails)lstProcesses.SelectedItem);
if (!pd.Manageable)
{
e.Cancel = true;
return;
}
contextAddToFavs.Enabled = controller.Favorites.CanAdd(pd.BinaryName) && controller.Favorites.CanAdd(pd.WindowTitle);
if (Screen.AllScreens.Length < 2)
{
contextBorderlessOn.Visible = false;
}
else
{
contextBorderlessOn.Visible = true;
if (contextBorderlessOn.HasDropDownItems)
{
contextBorderlessOn.DropDownItems.Clear();
}
Rectangle superSize = Screen.PrimaryScreen.Bounds;
foreach (Screen screen in Screen.AllScreens)
{
superSize = Tools.GetContainingRectangle(superSize, screen.Bounds);
// fix for a .net-bug on Windows XP
int idx = screen.DeviceName.IndexOf('\0');
string fixedDeviceName = (idx > 0) ? screen.DeviceName.Substring(0, idx) : screen.DeviceName;
string label = fixedDeviceName + ((screen.Primary) ? " (P)" : string.Empty);
ToolStripMenuItem tsi = new ToolStripMenuItem(label);
tsi.Click += (s, ea) => { controller.RemoveBorder_ToSpecificScreen(pd, screen); };
contextBorderlessOn.DropDownItems.Add(tsi);
}
// add supersize Option
ToolStripMenuItem superSizeItem = new ToolStripMenuItem("SuperSize!");
superSizeItem.Click += (s, ea) => { controller.RemoveBorder_ToSpecificRect(pd, superSize); };
contextBorderlessOn.DropDownItems.Add(superSizeItem);
}
}
private void CheckAccess(TokenEntry token, ProcessDetails process, ThreadDetails thread, NtType type, AccessMask access_rights, SecurityDescriptor sd)
{
AccessMask granted_access = NtSecurity.GetMaximumAccess(sd, token.Token, type.GenericMapping);
if (IsAccessGranted(granted_access, access_rights))
{
WriteAccessCheckResult(process, thread, granted_access, type.GenericMapping, sd.ToSddl(), token.Information);
}
}
/// <summary>
/// remove the menu, resize the window, remove border, and maximize
/// </summary>
public void RemoveBorder(ProcessDetails pd, Favorites.Favorite favDetails = null, Boolean overrideTimeout = false)
{
if (favDetails != null && favDetails.DelayBorderless == true && overrideTimeout == false)
{
//Wait 10 seconds before removing the border.
Task task = new Task(() => RemoveBorder(pd, favDetails, true));
task.Wait(TimeSpan.FromSeconds(10));
}
Manipulation.MakeWindowBorderless(pd, window, pd.WindowHandle, new Rectangle(), favDetails ?? _favorites.FromProcessDetails(pd));
}
private void HandleProcessChange(ProcessDetails process, bool remove)
{
if (remove)
{
this.PerformSafely(() => lstProcesses.Items.Remove(process));
}
else
{
this.PerformSafely(() => lstProcesses.Items.Add(process));
}
this.PerformSafely(() => statusLabel.Text = $@"{LanguageManager.Data("moreOptionsLabel")} {DateTime.Now}");
}
private void HandleProcessChange(ProcessDetails process, bool remove)
{
if (remove)
{
this.PerformSafely(() => lstProcesses.Items.Remove(process));
}
else
{
this.PerformSafely(() => lstProcesses.Items.Add(process));
}
this.PerformSafely(() => lblUpdateStatus.Text = $@"Right-click for more options. Last updated {DateTime.Now}");
}
/// <summary>
/// Creates a new <see cref="ProcessDetails" /> from the executing context.
/// </summary>
/// <returns>New <see cref="ProcessDetails" />.</returns>
public static ProcessDetails CreateProcessDetails()
{
var process = ProcessHelper.GetRunningProcess();
var result = new ProcessDetails(
process.GetName(),
process.GetFilePath(),
process.GetFileVersion(),
process.GetProductVersion(),
ProcessHelper.IsCurrentlyRunningAsAdmin());
return(result);
}
private void DoAccessCheck(IEnumerable <TokenEntry> tokens,
IEnumerable <NtProcess> processes, AccessMask access_rights, AccessMask thread_access_rights)
{
foreach (NtProcess process in processes)
{
ProcessDetails proc_details = ProcessDetails.FromProcess(process);
if (CheckProcess())
{
var sd = GetSecurityDescriptorReOpen(process);
if (sd.IsSuccess)
{
foreach (TokenEntry token in tokens)
{
CheckAccess(token, proc_details, null, _process_type, access_rights, sd.Result);
}
}
else
{
// Try and open process when under impersonation.
foreach (TokenEntry token in tokens)
{
using (var new_process = token.Token.RunUnderImpersonate(() => ReOpen(process)))
{
if (new_process.IsSuccess && IsAccessGranted(new_process.Result.GrantedAccessMask, access_rights))
{
WriteAccessCheckResult(proc_details, null, new_process.Result.GrantedAccessMask,
_process_type.GenericMapping, null, token.Information);
}
}
}
}
}
if (CheckThread())
{
using (var new_process = process.ReOpen(ProcessAccessRights.QueryInformation, false))
{
if (new_process.IsSuccess)
{
using (var threads = new_process.Result.GetThreads(ThreadAccessRights.QueryLimitedInformation).ToDisposableList())
{
foreach (var thread in threads)
{
DoAccessCheck(tokens, proc_details, thread, thread_access_rights);
}
}
}
}
}
}
}
private void lstProcesses_SelectedIndexChanged(object sender, EventArgs e)
{
bool valid_selection = false;
if (lstProcesses.SelectedItem != null)
{
ProcessDetails pd = ((ProcessDetails)lstProcesses.SelectedItem);
valid_selection = pd.Manageable;
}
btnMakeBorderless.Enabled = btnRestoreWindow.Enabled = addSelectedItem.Enabled = valid_selection;
}
private ProcessDetails[] LoadProcesses()
{
_processesInfosUtility.LoadProcessesNames();
var processCount = _processesInfosUtility.Length;
var newProcess = new ProcessDetails[processCount];
for (int i = 0; i < processCount; i++)
{
newProcess[i] = _processesInfosUtility[i];
}
return(newProcess);
}
private static void BringProcessToFront(ProcessDetails process)
{
const int SW_RESTORE = 9;
IntPtr handle = process.MainWindowHandle;
if (Win32Api.IsIconic(handle))
{
Win32Api.ShowWindow(handle, SW_RESTORE);
}
Win32Api.SetForegroundWindow(handle);
}
private void addSelectedItem_Click(object sender, EventArgs e)
{
/*
* Rectangle rect = new Rectangle(0, 0, 0, 0);
*
* if (true)
* {
* rect = Screen.PrimaryScreen.Bounds;
* }
* else
* {
* foreach (Screen screen in Screen.AllScreens)
* rect = Tools.GetContainingRectangle(rect, screen.Bounds);
* }
*
* Form frm = new Form();
* frm.Text = "Borderless Gaming Background";
* frm.FormBorderStyle = System.Windows.Forms.FormBorderStyle.None;
* frm.BackColor = Color.Black;
* frm.Show();
* frm.Location = new Point(rect.X, rect.Y);
* frm.Size = new System.Drawing.Size(rect.Width, rect.Height);
* frm.DoubleClick += (Fs, Fe) => { try { ((Form)(Fs)).Close(); } catch { } };
* //frm.Shown += (Fs, Fe) => { Cursor.Hide(); };
* //frm.FormClosing += (Fs, Fe) => { Cursor.Show(); };
* return;
*/
// assume that the button press to add to favorites will do so by window title (unless it's blank, then go by process name)
if (lstProcesses.SelectedItem == null)
{
return;
}
ProcessDetails pd = ((ProcessDetails)lstProcesses.SelectedItem);
if (!pd.Manageable)
{
return;
}
if (!string.IsNullOrEmpty(pd.WindowTitle))
{
byTheWindowTitleTextToolStripMenuItem_Click(sender, e);
}
else
{
byTheProcessBinaryNameToolStripMenuItem_Click(sender, e);
}
}
private void WriteAccessCheckResult(ProcessDetails process, ThreadDetails thread, AccessMask granted_access,
GenericMapping generic_mapping, string sddl, TokenInformation token)
{
if (thread == null)
{
WriteObject(new ProcessAccessCheckResult(process.Name, process.ImagePath, process.ProcessId, process.SessionId,
process.CommandLine, granted_access, _process_type, sddl, token));
}
else
{
WriteObject(new ThreadAccessCheckResult(process.Name, process.ImagePath, thread.ThreadId,
thread.Description, process.ProcessId, process.SessionId, process.CommandLine, granted_access, _process_type, sddl, token));
}
}
public static void RestoreWindow(ProcessDetails pd)
{
if ((pd == null) || (!pd.MadeBorderless) || (pd.OriginalStyleFlags_Standard == 0))
{
return;
}
Native.SetWindowLong(pd.WindowHandle, WindowLongIndex.Style, pd.OriginalStyleFlags_Standard);
Native.SetWindowLong(pd.WindowHandle, WindowLongIndex.ExtendedStyle, pd.OriginalStyleFlags_Extended);
Native.SetWindowPos(pd.WindowHandle, IntPtr.Zero, pd.OriginalLocation.X, pd.OriginalLocation.Y, pd.OriginalLocation.Width, pd.OriginalLocation.Height, SetWindowPosFlags.ShowWindow | SetWindowPosFlags.NoZOrder);
Native.SetWindowPos(pd.WindowHandle, Native.HWND_NOTTOPMOST, 0, 0, 0, 0, SetWindowPosFlags.NoActivate | SetWindowPosFlags.NoMove | SetWindowPosFlags.NoSize);
pd.MadeBorderless = false;
pd.MadeBorderlessAttempts = 0;
}
internal void GetUserRunningProcess(ProcessDetails processDetails)
{
var rpaService = new RPAService();
var result = rpaService.GetApiResult("getUserRunningProcess", processDetails.User.UserId);
if (!result.IsSuccess)
{
processDetails.Error = JsonConvert.DeserializeObject <ProcessModel>(result.Content).Error;
processDetails.Processes = new List <ProcessModel>();
}
else
{
var processes = JsonConvert.DeserializeObject <List <ProcessModel> >(result.Content);
processDetails.Processes = processes;
}
}
private void setWindowTitleToolStripMenuItem_Click(object sender, EventArgs e)
{
if (lstProcesses.SelectedItem == null)
{
return;
}
ProcessDetails pd = ((ProcessDetails)lstProcesses.SelectedItem);
if (!pd.Manageable)
{
return;
}
Native.SetWindowText(pd.WindowHandle, Tools.Input_Text("Set Window Title", "Set the new window title text:", Native.GetWindowTitle(pd.WindowHandle)));
}
/// <summary>
/// Makes the currently selected process borderless
/// </summary>
private void btnMakeBorderless_Click(object sender, EventArgs e)
{
if (lstProcesses.SelectedItem == null)
{
return;
}
ProcessDetails pd = ((ProcessDetails)lstProcesses.SelectedItem);
if (!pd.Manageable)
{
return;
}
controller.RemoveBorder(pd);
}
private void btnRestoreWindow_Click(object sender, EventArgs e)
{
if (lstProcesses.SelectedItem == null)
{
return;
}
ProcessDetails pd = ((ProcessDetails)lstProcesses.SelectedItem);
if (!pd.Manageable)
{
return;
}
Manipulation.RestoreWindow(pd);
}
internal void GetUserProcess(ProcessDetails processDetails)
{
var rpaService = new RPAService();
var result = rpaService.GetApiResult("userProcesses", processDetails.User.UserId);
if (!result.IsSuccess)
{
processDetails.Error = JsonConvert.DeserializeObject <ProcessModel>(result.Content).Error;
}
else
{
var processes = JsonConvert.DeserializeObject <List <ProcessModel> >(result.Content);
//sort the process
processes = processes.OrderBy(p => p.Name).ToList();
processDetails.Processes = processes;
}
}
public ProcessOutput Execute(ProcessDetails processDetails, string waitForMessage = null, bool kill = true)
{
pr = new ProcessRunner(processDetails.ProcessName, processDetails.WorkingDir, processDetails.Arguments);
pr.ExecuteTheCheck(waitForMessage, kill);
var a = pr.procinfo;
var evidence = new ProcessOutput
{
Output = pr.Output,
ErrorOutput = pr.ErrorOutput
};
if (pr.TimedOut)
{
return(default(ProcessOutput));
}
return(evidence);
}
/// <summary>
/// remove the menu, resize the window, remove border, and maximize
/// </summary>
public void RemoveBorder(ProcessDetails pd, Favorites.Favorite favDetails = null, Boolean overrideTimeout = false)
{
if (favDetails != null && favDetails.DelayBorderless == true && overrideTimeout == false)
{
//Wait 10 seconds before removing the border.
Task task = new Task(() => RemoveBorder(pd, favDetails, true));
task.Wait(TimeSpan.FromSeconds(10));
}
// If a Favorite screen exists, use the Rect from that, instead
if (null != favDetails && null != favDetails.favScreen)
{
RemoveBorder_ToSpecificRect(pd, favDetails.favScreen, favDetails, overrideTimeout);
return;
}
Manipulation.MakeWindowBorderless(pd, window, pd.WindowHandle, new Rectangle(), favDetails ?? _favorites.FromProcessDetails(pd));
}
private async void hideThisProcessToolStripMenuItem_Click(object sender, EventArgs e)
{
if (lstProcesses.SelectedItem == null)
{
return;
}
ProcessDetails pd = ((ProcessDetails)lstProcesses.SelectedItem);
if (!pd.Manageable)
{
return;
}
controller.HiddenProcesses.Add(pd.BinaryName.Trim().ToLower());
await controller.RefreshProcesses();
}
