public void OpenProcess(Process process, ProcessAccessRights access = DEFAULT_PROCESS_ACCESS) { if (process == null) { throw new Exception("Process pointer is null-reference"); } if (Process != null) { CloseProcess(); } _processPtr = OpenProcess((uint)access, false, (uint)process.Id); Process = process; }
public ProcessMemoryEditor(Process process, ProcessAccessRights access = DEFAULT_PROCESS_ACCESS) : this() { OpenProcess(process, access); }
public IProcess OpenProcess(int processId, ProcessAccessRights desiredAccess = ProcessAccessRights.AllAccess, bool inheritHandle = false) { var handle = ProcessHandle.OpenProcess(processId, desiredAccess, inheritHandle); return new Process(handle); }
public static extern NtStatus NtCreateProcessEx(out SafeKernelObjectHandle ProcessHandle, ProcessAccessRights DesiredAccess, ObjectAttributes ObjectAttributes, SafeHandle InheritFromProcessHandle, ProcessCreateFlags Flags, SafeHandle SectionHandle, SafeHandle DebugPort, SafeHandle ExceptionPort, int Unused);
public static extern NtStatus NtCreateProcess(out SafeKernelObjectHandle ProcessHandle, ProcessAccessRights DesiredAccess, ObjectAttributes ObjectAttributes, IntPtr InheritFromProcessHandle, [MarshalAs(UnmanagedType.U1)] bool InheritHandles, IntPtr SectionHandle, IntPtr DebugPort, IntPtr ExceptionPort);
/// <summary> /// Constructor. /// </summary> public GetNtProcessCmdlet() { Access = ProcessAccessRights.MaximumAllowed; ProcessId = -1; }
public static ProcessHandle OpenProcess(int processId, ProcessAccessRights desiredAccess = ProcessAccessRights.AllAccess, bool inheritHandle = false) { ProcessHandle handle = NativeMethods.OpenProcess(desiredAccess, inheritHandle, processId); if (handle.IsInvalid) { ErrorHelper.ThrowCustomWin32Exception(); } return handle; }
public void AddAuditRule(IdentityReference identityReference, ProcessAccessRights accessMask, AuditFlags flags) { AddAuditRule(new ProcessAuditRule(identityReference, accessMask, flags)); }
internal static extern SafeProcessHandle OpenProcess( [In] ProcessAccessRights dwDesiredAccess, [In, MarshalAs(UnmanagedType.Bool)] bool bInheritHandle, [In] int dwProcessId);
public static extern NtStatus NtOpenProcess( out SafeKernelObjectHandle ProcessHandle, ProcessAccessRights DesiredAccess, [In] ObjectAttributes ObjectAttributes, [In] ClientId ClientId );
private async void ExecuteRefreshCommand(object parameter) { Log("[MainWindowViewModel] - ExecuteRefresh Entered\r\n"); IsRefreshing = true; Status = "Refreshing processes"; ObservableCollection <MonoProcess> processes = new ObservableCollection <MonoProcess>(); Log("[MainWindowViewModel] - Setting Process Access Rights:\r\n\tPROCESS_QUERY_INFORMATION\r\n\tPROCESS_VM_READ\r\n"); Log("[MainWindowViewModel] - Checking Processes for Mono\r\n"); await Task.Run(() => { int cp = Process.GetCurrentProcess().Id; foreach (Process p in Process.GetProcesses()) { try { var t = GetProcessUser(p); if (t != null) { if (p.Id == cp) { continue; } const ProcessAccessRights flags = ProcessAccessRights.PROCESS_QUERY_INFORMATION | ProcessAccessRights.PROCESS_VM_READ; IntPtr handle; Log($"\tOpening {p.ProcessName}.exe - "); if ((handle = Native.OpenProcess(flags, false, p.Id)) != IntPtr.Zero) { Log($"OK\r\n"); if (ProcessUtils.GetMonoModule(handle, out IntPtr mono)) { Log($"\t\tMono found in process: {p.ProcessName}.exe\r\n"); processes.Add(new MonoProcess { MonoModule = mono, Id = p.Id, Name = p.ProcessName }); break; //Add J.E } Native.CloseHandle(handle); } } } catch (InjectorException ie) { Log($"\tERROR looking at {p.ProcessName}.exe: {ie.Message}\r\n"); } } }); Processes = processes; if (Processes.Count > 0) { Status = "Processes refreshed"; SelectedProcess = Processes[0]; } else { Status = "No Mono processess found!"; File.AppendAllText(AppDomain.CurrentDomain.BaseDirectory + "\\DebugLog.txt", "No Mono processess found:\r\n"); } IsRefreshing = false; }
public static extern IntPtr OpenProcess(ProcessAccessRights processAccess, bool bInheritHandle, int processId);
public static extern SafeProcessHandle OpenProcess( ProcessAccessRights dwDesiredAccess, bool bInheritHandle, uint dwProcessId);
private static extern IntPtr OpenProcess(ProcessAccessRights access, bool inherit, uint processId);
public static IntPtr OpenProcess(ProcessAccessRights dwDesiredAccess, bool bInheritHandle, int dwProcessId) => OpenProcess((uint)dwDesiredAccess, bInheritHandle, dwProcessId);
public void AddAccessRule(IdentityReference identityReference, ProcessAccessRights accessMask, AccessControlType type) { AddAccessRule(new ProcessAccessRule(identityReference, accessMask, type)); }
private static extern IntPtr OpenProcess(ProcessAccessRights dwDesiredAccess, [MarshalAs(UnmanagedType.Bool)] bool bInheritHandle, int dwProcessId);
public ProcessAuditRule(IdentityReference identity, ProcessAccessRights accessRights, AuditFlags type) : base(identity, (int)accessRights, false, InheritanceFlags.None, PropagationFlags.None, type) { }
private NtProcess OpenSpecificProcess(ProcessAccessRights desired_access) { return(Current ? GetCurrentProcess(desired_access) : NtProcess.Open(ProcessId, desired_access)); }
public static extern ProcessHandle OpenProcess(ProcessAccessRights desiredAccess, bool inheritHandle, int processId);