public static void ListProcesses()
{
var processes = TMProcess.GetAllProcesses();
foreach (var p in processes)
{
try
{
var pHandle = TMProcessHandle.FromProcess(p, ProcessAccessFlags.QueryInformation);
var hToken = AccessTokenHandle.FromProcessHandle(pHandle, TokenAccess.TOKEN_QUERY);
var userInfo = AccessTokenUser.FromTokenHandle(hToken);
Console.WriteLine($"{p.ProcessId}, {p.ProcessName}, {userInfo.Username}");
} catch (Exception)
{
continue;
}
}
}
public void Execute()
{
if (options.ListTokens)
{
var processes = TMProcess.GetAllProcesses();
this.InnerPrintProcesses(processes);
}
if (this.options.Privilege != null)
{
var processes = TMProcess.GetAllProcesses();
var found = new List <TMProcess>();
foreach (var proc in processes)
{
try
{
var hProc = TMProcessHandle.FromProcess(proc, ProcessAccessFlags.QueryInformation);
var hToken = AccessTokenHandle.FromProcessHandle(hProc, TokenAccess.TOKEN_QUERY);
var privileges = AccessTokenPrivileges.FromTokenHandle(hToken);
foreach (var priv in privileges.GetPrivileges())
{
if (priv.Name.ToLower().Contains(this.options.Privilege.ToLower()))
{
if (this.options.Disabled)
{
if (priv.IsDisabled())
{
found.Add(proc);
}
}
else
{
if (priv.IsEnabled())
{
found.Add(proc);
}
}
}
}
}
catch (Exception e)
{
console.Error("Failed to retrieve privilege information: " + e.Message);
}
}
this.InnerPrintProcesses(found);
}
if (this.options.Term != null && this.options.Term != "")
{
var processes = TMProcess.GetProcessByName(this.options.Term);
this.InnerPrintProcesses(processes);
}
if (this.options.User != null && this.options.User != "")
{
var processes = TMProcess.GetAllProcesses();
var found = new List <TMProcess>();
foreach (var proc in processes)
{
try
{
var hProc = TMProcessHandle.FromProcess(proc, ProcessAccessFlags.QueryInformation);
var hToken = AccessTokenHandle.FromProcessHandle(hProc, TokenAccess.TOKEN_QUERY);
var user = AccessTokenUser.FromTokenHandle(hToken);
if (user.Username.ToLower().Contains(this.options.User.ToLower()))
{
found.Add(proc);
}
}
catch
{
}
}
this.InnerPrintProcesses(found);
}
}