/// <summary> /// Close a handle. /// </summary> /// <param name="handle">The handle to close.</param> /// <returns>The NT status code.</returns> public static NtStatus CloseHandle(IntPtr handle) { if (handle == IntPtr.Zero) { return(NtStatus.STATUS_INVALID_HANDLE); } return(NtSystemCalls.NtClose(handle)); }
protected override bool ReleaseHandle() { if (NtSystemCalls.NtClose(this.handle).IsSuccess()) { this.handle = IntPtr.Zero; return(true); } return(false); }
/// <summary> /// Start the new process /// </summary> /// <param name="image_path">The image path to the file to execute</param> /// <returns>The result of the process creation</returns> public CreateUserProcessResult Start(string image_path) { if (image_path == null) { throw new ArgumentNullException("image_path"); } using (var process_params = SafeProcessParametersBuffer.Create(ConfigImagePath ?? image_path, DllPath, CurrentDirectory, CommandLine, Environment, WindowTitle, DesktopInfo, ShellInfo, RuntimeData, CreateProcessParametersFlags.Normalize)) { using (var attrs = new DisposableList <ProcessAttribute>()) { ProcessCreateInfo create_info = new ProcessCreateInfo(); attrs.Add(ProcessAttribute.ImageName(image_path)); SafeStructureInOutBuffer <SectionImageInformation> image_info = new SafeStructureInOutBuffer <SectionImageInformation>(); attrs.Add(ProcessAttribute.ImageInfo(image_info)); SafeStructureInOutBuffer <ClientId> client_id = new SafeStructureInOutBuffer <ClientId>(); attrs.Add(ProcessAttribute.ClientId(client_id)); attrs.AddRange(AdditionalAttributes); if (ParentProcess != null) { attrs.Add(ProcessAttribute.ParentProcess(ParentProcess.Handle)); } if (RestrictChildProcess || OverrideRestrictChildProcess) { attrs.Add(ProcessAttribute.ChildProcess(RestrictChildProcess, OverrideRestrictChildProcess)); } if (Token != null) { attrs.Add(ProcessAttribute.Token(Token.Handle)); } using (ProcessAttributeList attr_list = ProcessAttributeList.Create(attrs)) { create_info.Data.InitFlags = InitFlags | ProcessCreateInitFlag.WriteOutputOnExit; create_info.Data.ProhibitedImageCharacteristics = ProhibitedImageCharacteristics; create_info.Data.AdditionalFileAccess = AdditionalFileAccess; using (ObjectAttributes proc_attr = new ObjectAttributes(null, AttributeFlags.None, SafeKernelObjectHandle.Null, null, ProcessSecurityDescriptor), thread_attr = new ObjectAttributes(null, AttributeFlags.None, SafeKernelObjectHandle.Null, null, ThreadSecurityDescriptor)) { NtStatus status = NtSystemCalls.NtCreateUserProcess( out SafeKernelObjectHandle process_handle, out SafeKernelObjectHandle thread_handle, ProcessDesiredAccess, ThreadDesiredAccess, proc_attr, thread_attr, ProcessFlags, ThreadFlags, process_params.DangerousGetHandle(), create_info, attr_list); if (!status.IsSuccess() && !ReturnOnError) { // Close handles which come from errors switch (create_info.State) { case ProcessCreateState.FailOnSectionCreate: NtSystemCalls.NtClose(create_info.Data.FileHandle); break; case ProcessCreateState.FailExeName: NtSystemCalls.NtClose(create_info.Data.IFEOKey); break; } status.ToNtException(); } if (create_info.State == ProcessCreateState.Success) { return(new CreateUserProcessResult(process_handle, thread_handle, create_info.Data, image_info.Result, client_id.Result, TerminateOnDispose)); } else { return(new CreateUserProcessResult(status, create_info.Data, create_info.State)); } } } } } }
/// <summary> /// Start the new process /// </summary> /// <param name="image_path">The image path to the file to execute</param> /// <returns>The result of the process creation</returns> public CreateUserProcessResult Start(string image_path) { if (image_path == null) { throw new System.ArgumentNullException("image_path"); } IntPtr process_params = CreateProcessParameters(ImagePath ?? image_path, DllPath, CurrentDirectory, CommandLine, Environment, WindowTitle, DesktopInfo, ShellInfo, RuntimeData, 1); List <ProcessAttribute> attrs = new List <ProcessAttribute>(); try { ProcessCreateInfo create_info = new ProcessCreateInfo(); SafeKernelObjectHandle process_handle; SafeKernelObjectHandle thread_handle; attrs.Add(ProcessAttribute.ImageName(image_path)); SafeStructureInOutBuffer <SectionImageInformation> image_info = new SafeStructureInOutBuffer <SectionImageInformation>(); attrs.Add(ProcessAttribute.ImageInfo(image_info)); SafeStructureInOutBuffer <ClientId> client_id = new SafeStructureInOutBuffer <ClientId>(); attrs.Add(ProcessAttribute.ClientId(client_id)); attrs.AddRange(AdditionalAttributes); if (ParentProcess != null) { attrs.Add(ProcessAttribute.ParentProcess(ParentProcess.Handle)); } if (RestrictChildProcess || OverrideRestrictChildProcess) { attrs.Add(ProcessAttribute.ChildProcess(RestrictChildProcess, OverrideRestrictChildProcess)); } ProcessAttributeList attr_list = new ProcessAttributeList(attrs); create_info.Data.InitFlags = InitFlags | ProcessCreateInitFlag.WriteOutputOnExit; create_info.Data.ProhibitedImageCharacteristics = ProhibitedImageCharacteristics; create_info.Data.AdditionalFileAccess = AdditionalFileAccess; NtStatus status = NtSystemCalls.NtCreateUserProcess( out process_handle, out thread_handle, ProcessAccessRights.MaximumAllowed, ThreadAccessRights.MaximumAllowed, null, null, ProcessFlags, ThreadFlags, process_params, create_info, attr_list); if (!status.IsSuccess() && !ReturnOnError) { // Close handles which come from errors switch (create_info.State) { case ProcessCreateState.FailOnSectionCreate: NtSystemCalls.NtClose(create_info.Data.FileHandle); break; case ProcessCreateState.FailExeName: NtSystemCalls.NtClose(create_info.Data.IFEOKey); break; } status.ToNtException(); } if (create_info.State == ProcessCreateState.Success) { return(new CreateUserProcessResult(process_handle, thread_handle, create_info.Data, image_info.Result, client_id.Result, TerminateOnDispose)); } else { return(new CreateUserProcessResult(status, create_info.Data, create_info.State)); } } finally { NtRtl.RtlDestroyProcessParameters(process_params); foreach (ProcessAttribute attr in attrs) { attr.Dispose(); } } }