/// <summary>
/// Creates a connection to KProcessHacker.
/// </summary>
/// <param name="deviceName">The name of the KProcessHacker service and device.</param>
public KProcessHacker2(string deviceName)
{
_deviceName = deviceName;
try
{
_fileHandle = new FileHandle(
@"\Device\" + deviceName,
0,
FileAccess.GenericRead | FileAccess.GenericWrite
);
}
catch (WindowsException ex)
{
if (
ex.Status == NtStatus.NoSuchDevice ||
ex.Status == NtStatus.NoSuchFile ||
ex.Status == NtStatus.ObjectNameNotFound
)
{
LoadService();
}
else
{
throw ex;
}
}
_fileHandle.SetHandleFlags(Win32HandleFlags.ProtectFromClose, Win32HandleFlags.ProtectFromClose);
_features = this.KphGetFeatures();
}
public KProcessHacker(string deviceName, string fileName)
{
_deviceName = deviceName;
if (IntPtr.Size != 4)
throw new NotSupportedException("KProcessHacker does not support 64-bit Windows.");
try
{
_fileHandle = new FileHandle(
@"\Device\" + deviceName,
0,
FileAccess.GenericRead | FileAccess.GenericWrite
);
}
catch (WindowsException ex)
{
if (
ex.Status == NtStatus.NoSuchDevice ||
ex.Status == NtStatus.NoSuchFile ||
ex.Status == NtStatus.ObjectNameNotFound
)
{
ServiceHandle shandle;
using (var scm = new ServiceManagerHandle(ScManagerAccess.CreateService))
{
shandle = scm.CreateService(
deviceName,
deviceName,
ServiceType.KernelDriver,
fileName
);
shandle.Start();
}
try
{
_fileHandle = new FileHandle(
@"\Device\" + deviceName,
0,
FileAccess.GenericRead | FileAccess.GenericWrite
);
}
finally
{
shandle.Delete();
}
}
else
{
throw ex;
}
}
_fileHandle.SetHandleFlags(Win32HandleFlags.ProtectFromClose, Win32HandleFlags.ProtectFromClose);
byte[] bytes = _fileHandle.Read(4);
fixed (byte* bytesPtr = bytes)
_baseControlNumber = *(uint*)bytesPtr;
try
{
_features = this.GetFeatures();
}
catch
{ }
}
/// <summary>
/// Creates a connection to KProcessHacker.
/// </summary>
/// <param name="deviceName">The name of the KProcessHacker service and device.</param>
/// <param name="fileName">The file name of the KProcessHacker driver.</param>
public KProcessHacker(string deviceName, string fileName)
{
_deviceName = deviceName;
if (OSVersion.Architecture != OSArch.I386)
throw new NotSupportedException("KProcessHacker does not support 64-bit Windows.");
try
{
_fileHandle = new FileHandle(
@"\Device\" + deviceName,
0,
FileAccess.GenericRead | FileAccess.GenericWrite
);
}
catch (WindowsException ex)
{
if (
ex.Status == NtStatus.NoSuchDevice ||
ex.Status == NtStatus.NoSuchFile ||
ex.Status == NtStatus.ObjectNameNotFound
)
{
// Attempt to load the driver, then try again.
ServiceHandle shandle;
bool created = false;
try
{
using (shandle = new ServiceHandle("KProcessHacker", ServiceAccess.Start))
{
shandle.Start();
}
}
catch
{
using (var scm = new ServiceManagerHandle(ScManagerAccess.CreateService))
{
shandle = scm.CreateService(
deviceName,
deviceName,
ServiceType.KernelDriver,
fileName
);
shandle.Start();
created = true;
}
}
try
{
_fileHandle = new FileHandle(
@"\Device\" + deviceName,
0,
FileAccess.GenericRead | FileAccess.GenericWrite
);
}
finally
{
if (shandle != null)
{
if (created)
{
// The SCM will delete the service when it is stopped.
shandle.Delete();
}
shandle.Dispose();
}
}
}
else
{
throw ex;
}
}
_fileHandle.SetHandleFlags(Win32HandleFlags.ProtectFromClose, Win32HandleFlags.ProtectFromClose);
byte[] bytes = _fileHandle.Read(4);
fixed (byte* bytesPtr = bytes)
_baseControlNumber = *(uint*)bytesPtr;
try
{
_features = this.GetFeatures();
}
catch
{ }
}
/// <summary>
/// Creates a connection to KProcessHacker.
/// </summary>
/// <param name="deviceName">The name of the KProcessHacker service and device.</param>
public KProcessHacker2(string deviceName)
{
_deviceName = deviceName;
try
{
_fileHandle = new FileHandle(
@"\Device\" + deviceName,
0,
FileAccess.GenericRead | FileAccess.GenericWrite
);
}
catch (WindowsException ex)
{
if (
ex.Status == NtStatus.NoSuchDevice ||
ex.Status == NtStatus.NoSuchFile ||
ex.Status == NtStatus.ObjectNameNotFound
)
{
LoadService();
}
else
{
throw ex;
}
}
_fileHandle.SetHandleFlags(Win32HandleFlags.ProtectFromClose, Win32HandleFlags.ProtectFromClose);
_features = this.KphGetFeatures();
}
/// <summary>
/// Creates a connection to KProcessHacker.
/// </summary>
/// <param name="deviceName">The name of the KProcessHacker service and device.</param>
/// <param name="fileName">The file name of the KProcessHacker driver.</param>
public KProcessHacker(string deviceName, string fileName)
{
_deviceName = deviceName;
if (IntPtr.Size != 4)
{
throw new NotSupportedException("KProcessHacker does not support 64-bit Windows.");
}
try
{
_fileHandle = new FileHandle(
@"\Device\" + deviceName,
0,
FileAccess.GenericRead | FileAccess.GenericWrite
);
}
catch (WindowsException ex)
{
if (
ex.Status == NtStatus.NoSuchDevice ||
ex.Status == NtStatus.NoSuchFile ||
ex.Status == NtStatus.ObjectNameNotFound
)
{
// Attempt to load the driver, then try again.
ServiceHandle shandle;
bool created = false;
try
{
using (shandle = new ServiceHandle("KProcessHacker", ServiceAccess.Start))
{
shandle.Start();
}
}
catch
{
using (var scm = new ServiceManagerHandle(ScManagerAccess.CreateService))
{
shandle = scm.CreateService(
deviceName,
deviceName,
ServiceType.KernelDriver,
fileName
);
shandle.Start();
created = true;
}
}
try
{
_fileHandle = new FileHandle(
@"\Device\" + deviceName,
0,
FileAccess.GenericRead | FileAccess.GenericWrite
);
}
finally
{
if (shandle != null)
{
if (created)
{
// The SCM will delete the service when it is stopped.
shandle.Delete();
}
shandle.Dispose();
}
}
}
else
{
throw ex;
}
}
_fileHandle.SetHandleFlags(Win32HandleFlags.ProtectFromClose, Win32HandleFlags.ProtectFromClose);
byte[] bytes = _fileHandle.Read(4);
fixed(byte *bytesPtr = bytes)
_baseControlNumber = *(uint *)bytesPtr;
try
{
_features = this.GetFeatures();
}
catch
{ }
}
