public static extern bool CreateProcess(string lpApplicationName,
string lpCommandLine, IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles, ProcessCreationFlags dwCreationFlags,
IntPtr lpEnvironment, string lpCurrentDirectory,
ref STARTUPINFO lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
public static extern bool CreateProcess(string lpApplicationName,
string lpCommandLine, IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles, ProcessCreationFlags dwCreationFlags,
IntPtr lpEnvironment, string lpCurrentDirectory,
ref StartupInfo lpStartupInfo,
out ProcessInfo lpProcessInformation);
private void InitializeMemoryManager(ProcessCreationFlags flags)
{
int addrSpaceBits = (flags & ProcessCreationFlags.AddressSpaceMask) switch
{
ProcessCreationFlags.AddressSpace32Bit => 32,
ProcessCreationFlags.AddressSpace64BitDeprecated => 36,
ProcessCreationFlags.AddressSpace32BitWithoutAlias => 32,
ProcessCreationFlags.AddressSpace64Bit => 39,
_ => 39
};
Context = _contextFactory.Create(1UL << addrSpaceBits, InvalidAccessHandler);
// TODO: This should eventually be removed.
// The GPU shouldn't depend on the CPU memory manager at all.
if (flags.HasFlag(ProcessCreationFlags.IsApplication))
{
KernelContext.Device.Gpu.SetVmm((IVirtualMemoryManagerTracked)CpuMemory);
}
if (Context.AddressSpace is MemoryManagerHostMapped)
{
MemoryManager = new KPageTableHostMapped(KernelContext, CpuMemory);
}
else
{
MemoryManager = new KPageTable(KernelContext, CpuMemory);
}
}
// thanks PH
public static ProcessInformation CreateWin32(IntPtr TokenHandle,
string ApplicationName,
string CommandLine,
bool InheritHandles,
ProcessCreationFlags CreationFlags,
IntPtr Environment,
string CurrentDirectory,
StartupInfo StartupInfo,
out WinAPI.ClientId ClientId)
{
ProcessInformation processInformation;
StartupInfo.Size = Marshal.SizeOf(typeof(StartupInfo));
if (!CreateProcessAsUser(
TokenHandle,
ApplicationName,
CommandLine,
IntPtr.Zero,
IntPtr.Zero,
InheritHandles,
CreationFlags,
Environment,
CurrentDirectory,
ref StartupInfo,
out processInformation
))
{
ClientId = new ClientId();
return(processInformation);
}
ClientId = new ClientId(processInformation.ProcessId, processInformation.ThreadId);
return(processInformation);
}
public static ProcessInfo Create(
string applicationName,
string arguments)
{
var startupInfo = new StartupInfo();
var sec = new SecurityAttributes();
sec.nLength = sec.Size;
ProcessInformation processInfo;
const ProcessCreationFlags CreateFlags =
ProcessCreationFlags.CREATE_NO_WINDOW
| ProcessCreationFlags.CREATE_SUSPENDED;
if (true == CreateProcess(
applicationName,
arguments,
ref sec,
ref sec,
false,
(uint)CreateFlags,
IntPtr.Zero,
null,
ref startupInfo,
out processInfo))
{
return(new ProcessInfo(
Process.GetProcessById(processInfo.dwProcessId),
processInfo));
}
return(null);
}
/// <summary>
/// Runs a program on a remote device. It creates a new process and its primary thread. The new process executes the specified executable file.
/// </summary>
/// <param name="applicationName">String that specifies the module to execute. <para>The string can specify the full path and file name of the module to execute or it can specify just the module name. In the case of a partial name, the function uses the current drive and current directory to complete the specification.</para></param>
/// <param name="commandLine">String that specifies the command line arguments with which the application will be executed.
/// <para>The commandLine parameter can be NULL. In that case, the method uses the string pointed to by applicationName as the command line.</para>
/// <para>If commandLine is non-NULL, applicationName specifies the module to execute, and commandLine specifies the command line arguments.</para></param>
/// <param name="creationFlags">Optional conditions for creating the process.</param>
public void CreateProcess(string applicationName, string commandLine, ProcessCreationFlags creationFlags)
{
if (0 == ISession.CeCreateProcess(applicationName, commandLine, 0, 0, 0, (int)creationFlags, 0, 0, 0, out _))
{
ThrowRAPIException();
}
}
private static ProcessManipulator Start(string fileName, string args, ProcessCreationFlags creationFlags, string currentDirectory, IntPtr hOutRedirection)
{
var startupInfo = new STARTUPINFO
{
cb = Marshal.SizeOf(typeof(STARTUPINFO)),
hStdError = hOutRedirection,
hStdOutput = hOutRedirection,
dwFlags = hOutRedirection != IntPtr.Zero ? (int)STARTF.STARTF_USESTDHANDLES : 0
};
var processInfo = new PROCESS_INFORMATION();
if (!CreateProcess(fileName,
String.Format("{0} {1}", Path.GetFileName(fileName), args),
IntPtr.Zero,
IntPtr.Zero,
hOutRedirection != IntPtr.Zero,
(uint)creationFlags,
IntPtr.Zero,
currentDirectory,
ref startupInfo,
out processInfo))
{
throw new Exception(string.Format("Unable to create a process. Error: {0}", Marshal.GetLastWin32Error()));
}
//GetProcessById() open new handle for the process so current must be closed as useless
if (!CloseHandle(processInfo.hProcess))
{
throw new Exception(string.Format("Unable to close the process handle. Error: {0}", Marshal.GetLastWin32Error()));
}
return(new ProcessManipulator(processInfo.hThread)
{
ManipulatedProcess = Process.GetProcessById(processInfo.dwProcessId)
});
}
private static extern bool CreateProcess(string lpApplicationName,
string lpCommandLine, IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles, ProcessCreationFlags dwCreationFlags,
IntPtr lpEnvironment, string lpCurrentDirectory,
ref Startupinfo lpStartupInfo,
out ProcessInformation lpProcessInformation);
/// <summary>
/// Creates a new process and its primary thread.
/// </summary>
/// <param name="commandLine"></param>
/// <param name="creationFlags"></param>
/// <param name="currentDirectory"></param>
/// <param name="startupInfo"></param>
/// <param name="processInformation"></param>
/// <exception cref="Win32Exception"></exception>
public static void CreateProcess(string commandLine, ProcessCreationFlags creationFlags,
string currentDirectory, ref ProcessStartupInfo startupInfo, out ProcessInformation processInformation)
{
if (!UnmanagedCreateProcess(null, commandLine, IntPtr.Zero, IntPtr.Zero, false, creationFlags, IntPtr.Zero, currentDirectory, ref startupInfo, out processInformation))
{
throw new Win32Exception();
}
}
public static extern bool CreateProcessWithTokenW(
SafeNativeHandle token,
LogonFlags logonFlags,
[MarshalAs(UnmanagedType.LPWStr)] string applicationName,
[MarshalAs(UnmanagedType.LPWStr)] string commandLine,
ProcessCreationFlags creationFlags,
IntPtr environment,
[MarshalAs(UnmanagedType.LPWStr)] string currentDirectory,
[In] ref StartupInfo startupInfo,
out ProcessInformation processInformation);
internal static extern bool CreateProcess(string applicationPath, string commandLineArgs, ref SecurityAttributes processSecurityAttributes, ref SecurityAttributes threadSecurityAttributes, bool inheritHandle, ProcessCreationFlags creationFlags, IntPtr environment, string currentDirectory, ref StartupInfo startupInfo, out ProcessInformation processInformation);
internal static extern bool CreateProcessWithTokenW(
IntPtr hToken,
IntPtr dwLogonFlags,
string lpApplicationName,
string lpCommandLine,
ProcessCreationFlags dwCreationFlags,
IntPtr lpEnvironment,
string lpCurrentDirectory,
[In] ref STARTUPINFO lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
internal static extern bool CreateProcess(string applicationPath,
string commandLineArgs,
ref SecurityAttributes processSecurityAttributes,
ref SecurityAttributes threadSecurityAttributes,
bool inheritHandle,
ProcessCreationFlags creationFlags,
IntPtr environment,
string currentDirectory,
ref StartupInfo startupInfo,
out ProcessInformation processInformation);
public static (bool, PROCESS_INFORMATION) StartProcess(string path, ProcessCreationFlags creationFlags)
{
STARTUPINFO si = new STARTUPINFO();
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
bool success = NativeMethods.CreateProcess(path, null,
IntPtr.Zero, IntPtr.Zero, false,
creationFlags,
IntPtr.Zero, null, ref si, out pi);
return(success, pi);
}
internal static extern bool CreateProcessA(
string lpApplicationName,
StringBuilder lpCommandLine,
SECURITY_ATTRIBUTES lpProcessAttributes,
SECURITY_ATTRIBUTES lpThreadAttributes,
bool bInheritHandles,
ProcessCreationFlags dwCreationFlags,
IntPtr lpEnvironment,
string lpCurrentDirectory,
STARTUPINFO lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
public static uint StartProcess(string directory, string application, ProcessCreationFlags flags, params string[] parameters)
{
StartupInfo si = new StartupInfo();
ProcessInformation pi = new ProcessInformation();
if (CreateProcess(application, String.Concat(application, String.Concat(parameters)), IntPtr.Zero, IntPtr.Zero, false, (uint)flags, IntPtr.Zero, directory, ref si, out pi))
{
return(pi.ProcessId);
}
return(uint.MaxValue);
}
public ProcessInfo CreateProcessWithTokenAndDll(IntPtr token, int logonFlags, string applicationName,
string commandLine, ProcessCreationFlags creationFlags,
string environment, string currentDirectory,
Nullable <STARTUPINFO> startupInfo, string dllName,
IntPtr signalCompletedEvent, string initFunctionName)
{
ProcessInfo pi = new ProcessInfo();
IntPtr stInfo = IntPtr.Zero;
if (startupInfo.HasValue)
{
stInfo = Marshal.AllocHGlobal(Marshal.SizeOf(startupInfo.Value));
Marshal.StructureToPtr(startupInfo.Value, stInfo, false);
}
if (applicationName == null)
{
applicationName = "";
}
if (commandLine == null)
{
commandLine = "";
}
if (environment == null)
{
environment = "";
}
if (currentDirectory == null)
{
currentDirectory = "";
}
try
{
object o = this.Invoke(this.hookLib, "CreateProcessWithTokenAndDll",
new object[] { IntPtr2Obj(token), logonFlags, applicationName, commandLine,
creationFlags, environment, currentDirectory, IntPtr2Obj(stInfo),
dllName, IntPtr2Obj(signalCompletedEvent), initFunctionName });
pi.procHandle = DuplicateAndConvertToSafeWaitHandle(Obj2IntPtr(this.GetProperty(o, "ProcessHandle")));
pi.threadHandle = DuplicateAndConvertToSafeWaitHandle(Obj2IntPtr(this.GetProperty(o, "ThreadHandle")));
pi.procId = (int)(this.GetProperty(o, "ProcessId"));
pi.threadId = (int)(this.GetProperty(o, "ThreadId"));
}
catch (Exception)
{
throw;
}
finally
{
if (stInfo != IntPtr.Zero)
{
Marshal.FreeHGlobal(stInfo);
}
}
return(pi);
}
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)] string lpApplicationName,
[MarshalAs(UnmanagedType.LPWStr)] StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
ProcessCreationFlags dwCreationFlags,
IntPtr lpEnvironment,
string lpCurrentDirectory,
ref STARTUPINFO lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
public static extern bool CreateProcessW(
[MarshalAs(UnmanagedType.LPWStr)] string lpApplicationName,
StringBuilder lpCommandLine,
SafeMemoryBuffer lpProcessAttributes,
SafeMemoryBuffer lpThreadAttributes,
bool bInheritHandles,
ProcessCreationFlags dwCreationFlags,
SafeMemoryBuffer lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)] string lpCurrentDirectory,
NativeHelpers.STARTUPINFOEX lpStartupInfo,
out NativeHelpers.PROCESS_INFORMATION lpProcessInformation);
public static extern Bool CreateProcess(
string applicationName,
StringBuilder commandLine,
IntPtr processAttributes,
IntPtr threadAttributes,
Bool canInheritHandles,
ProcessCreationFlags creationFlags,
IntPtr environmentHandle,
string currentDirectory,
ref StartupInfo startupInfo,
out ProcessInformation processInformation);
static extern bool CreateProcessW(
[MarshalAs(UnmanagedType.LPWStr)] string lpApplicationName,
[MarshalAs(UnmanagedType.LPWStr)] string lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
ProcessCreationFlags dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)] string lpCurrentDirectory,
ref STARTUPINFOW lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
public static extern bool CreateProcess(
[In, Optional] string lpApplicationName,
[In, Out, Optional] string lpCommandLine,
[In, Optional] IntPtr lpProcessAttributes,
[In, Optional] IntPtr lpThreadAttributes,
[In, MarshalAs(UnmanagedType.Bool)] bool bInheritHandles,
[In] ProcessCreationFlags dwCreationFlags,
[In, Optional] string lpEnvironment,
[In, Optional] string lpCurrentDirectory,
[In] ref STARTUPINFO lpStartupInfo,
[Out] out PROCESS_INFORMATION lpProcessInformation);
public static extern bool CreateProcessAsUserW(
SafeNativeHandle token,
[MarshalAs(UnmanagedType.LPWStr)] string applicationName,
[MarshalAs(UnmanagedType.LPWStr)] string commandLine,
IntPtr processAttributes,
IntPtr threadAttributes,
bool inheritHandles,
ProcessCreationFlags creationFlags,
IntPtr environment,
[MarshalAs(UnmanagedType.LPWStr)] string currentDirectory,
[In] ref StartupInfo startupInfo,
out ProcessInformation processInformation);
public static Process CreateProcess(string Pth, string CmdLine, ProcessCreationFlags Flags)
{
STARTUPINFO SInf = new STARTUPINFO();
PROCESS_INFORMATION PInfo = new PROCESS_INFORMATION();
if (!Kernel32.CreateProcess(Pth, CmdLine, IntPtr.Zero, IntPtr.Zero, false, Flags,
IntPtr.Zero, null, ref SInf, out PInfo))
{
new Win32Exception();
}
return(Process.GetProcessById((int)PInfo.ClientId.ProcessID));
}
public static extern bool CreateProcessAsUser(
[In][Optional] IntPtr TokenHandle,
[In][Optional] string ApplicationName,
[Optional] string CommandLine,
[In][Optional] IntPtr ProcessAttributes,
[In][Optional] IntPtr ThreadAttributes,
[In] bool InheritHandles,
[In] ProcessCreationFlags CreationFlags,
[In][Optional] IntPtr Environment,
[In][Optional] string CurrentDirectory,
[In] ref StartupInfo StartupInfo,
[Out] out ProcessInformation ProcessInformation);
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
string lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
ProcessCreationFlags dwCreationFlags,
IntPtr lpEnvironment,
string lpCurrentDirectory,
ref StartupInfo lpStartupInfo,
out ProcessInformation lpProcessInformation);
internal static extern bool CreateProcessWithLogonW(
string lpUsername,
string lpDomain,
IntPtr lpPassword,
LogonFlags dwLogonFlags,
string lpApplicationName,
StringBuilder lpCommandLine,
ProcessCreationFlags dwCreationFlags,
IntPtr lpEnvironment,
string lpCurrentDirectory,
STARTUPINFO lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
internal static extern bool CreateProcessAsUser(
IntPtr hToken,
string lpApplicationName,
string lpCommandLine,
[In, Out] _SecurityAttributes lpProcessAttributes,
[In, Out] _SecurityAttributes lpThreadAttributes,
bool bInheritHandles,
ProcessCreationFlags dwCreationFlags,
IntPtr lpEnvironment,
string lpCurrentDirectory,
[In, Out] _StartupInfo lpStartupInfo,
[Out] _ProcessInformation lpProcessInformation);
private static extern bool CreateProcessW(
string lpApplicationName,
[In] string lpCommandLine,
IntPtr procSecAttrs,
IntPtr threadSecAttrs,
bool bInheritHandles,
ProcessCreationFlags dwCreationFlags,
IntPtr lpEnvironment,
string lpCurrentDirectory,
ref STARTUPINFO lpStartupInfo,
ref PROCESS_INFORMATION lpProcessInformation
);
public static extern bool CreateProcessWithLogonW(
[In] string lpUsername,
[In, Optional] string lpDomain,
[In] string lpPassword,
[In] LogonFlags dwLogonFlags,
[In] string lpApplicationName,
[In, Out, Optional] string lpCommandLine,
[In] ProcessCreationFlags dwCreationFlags,
[In, Optional] string lpEnvironment,
[In, Optional] string lpCurrentDirectory,
[In] ref STARTUPINFO lpStartupInfo,
[Out] out PROCESS_INFORMATION lpProcessInfo);
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPTStr)] string lpApplicationName,
StringBuilder lpCommandLine,
SecurityAttributes lpProcessAttributes,
SecurityAttributes lpThreadAttributes,
bool bInheritHandles,
ProcessCreationFlags dwCreationFlags,
StringBuilder lpEnvironment,
[MarshalAs(UnmanagedType.LPTStr)] string lpCurrentDirectory,
STARTUPINFO lpStartupInfo,
[In, Out]
PROCESS_INFORMATION lpProcessInformation);
/// <summary>
/// Creates a process based on the CreateProcess API call and wait for it to complete.
/// </summary>
/// <param name="lpApplicationName">The name of the executable or batch file to execute</param>
/// <param name="lpCommandLine">The command line to execute, typically this includes lpApplication as the first argument</param>
/// <param name="lpCurrentDirectory">The full path to the current directory for the process, null will have the same cwd as the calling process</param>
/// <param name="environment">A dictionary of key/value pairs to define the new process environment</param>
/// <param name="stdin">A byte array to send over the stdin pipe</param>
/// <param name="outputEncoding">The character encoding for decoding stdout/stderr output of the process.</param>
/// <param name="waitChildren">Whether to wait for any children spawned by the process to finished (Server2012 +).</param>
/// <returns>Result object that contains the command output and return code</returns>
public static Result CreateProcess(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory,
IDictionary environment, byte[] stdin, string outputEncoding, bool waitChildren)
{
ProcessCreationFlags creationFlags = ProcessCreationFlags.CreateSuspended |
ProcessCreationFlags.CreateUnicodeEnvironment;
StartupInfo si = new StartupInfo();
ProcessInformation pi = null;
SafeFileHandle stdoutRead, stdoutWrite, stderrRead, stderrWrite, stdinRead, stdinWrite;
CreateStdioPipes(si, out stdoutRead, out stdoutWrite, out stderrRead, out stderrWrite, out stdinRead,
out stdinWrite);
using (stdoutRead)
using (stdoutWrite)
using (stderrRead)
using (stderrWrite)
using (stdinRead)
using (stdinWrite)
{
FileStream stdinStream = new FileStream(stdinWrite, FileAccess.Write);
bool isConsole = false;
if (NativeMethods.GetConsoleWindow() == IntPtr.Zero)
{
isConsole = NativeMethods.AllocConsole();
// Set console input/output codepage to UTF-8
NativeMethods.SetConsoleCP(65001);
NativeMethods.SetConsoleOutputCP(65001);
}
try
{
pi = NativeCreateProcess(lpApplicationName, lpCommandLine, null, null, true, creationFlags,
environment, lpCurrentDirectory, si);
}
finally
{
if (isConsole)
{
NativeMethods.FreeConsole();
}
}
using (pi)
{
return(WaitProcess(stdoutRead, stdoutWrite, stderrRead, stderrWrite, stdinStream, stdin, pi,
outputEncoding, waitChildren));
}
}
}
public static extern bool CreateProcessAsUser(
[In, Optional] IntPtr hToken,
[In, Optional] string lpApplicationName,
[In, Out, Optional] string lpCommandLine,
[In, Optional] ref SECURITY_ATTRIBUTES lpProcessAttributes,
[In, Optional] ref SECURITY_ATTRIBUTES lpThreadAttributes,
[In] bool bInheritHandles,
[In] ProcessCreationFlags dwCreationFlags,
[In, Optional] string lpEnvironment,
[In, Optional] string lpCurrentDirectory,
[In] ref STARTUPINFO lpStartupInfo,
[Out] out PROCESS_INFORMATION lpProcessInformation
);
public static ProcessInformation CreateAsUser(TokenHandle tokenHandle, string applicationName, string commandLine, bool inheritHandles, ProcessCreationFlags creationFlags, EnvironmentBlockHandle environmentHandle, string currentDirectory, ProcessStartInfo startInfo, ProcessSecurity processSecurity = null, ThreadSecurity threadSecurity = null)
{
using (var processSecurityAttributes = processSecurity == null ? new SecurityAttributes() : new SecurityAttributes(processSecurity))
{
using (var threadSecurityAttributes = threadSecurity == null ? new SecurityAttributes() : new SecurityAttributes(threadSecurity))
{
ProcessInformationOut processInformation;
if (!NativeMethods.CreateProcessAsUser(tokenHandle, applicationName, commandLine, processSecurityAttributes, threadSecurityAttributes, inheritHandles, creationFlags, environmentHandle ?? new EnvironmentBlockHandle(), currentDirectory, startInfo, out processInformation) || processInformation.ProcessHandle == IntPtr.Zero || processInformation.ThreadHandle == IntPtr.Zero)
{
ErrorHelper.ThrowCustomWin32Exception();
}
return new ProcessInformation(processInformation.ProcessHandle, processInformation.ProcessId, processInformation.ThreadHandle, processInformation.ThreadId);
}
}
}
public static Process CreateProcessWithFlags(this ProcessStartInfo startInfo, ProcessCreationFlags creationFlags)
{
if (string.IsNullOrEmpty(startInfo.FileName))
throw new ArgumentException("No FileName was specified in ProcessStartInfo", "startInfo");
if (!File.Exists(startInfo.FileName))
throw new FileNotFoundException("Unable to find the specified the process file", startInfo.FileName);
var startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(startupInfo);
var args = string.IsNullOrEmpty(startInfo.Arguments) ? null : new StringBuilder(startInfo.Arguments);
var workingDirectory = string.IsNullOrEmpty(startInfo.WorkingDirectory) ? null : startInfo.WorkingDirectory;
var procInfo = new PROCESS_INFORMATION();
if (!Imports.CreateProcess(startInfo.FileName, args, IntPtr.Zero, IntPtr.Zero, false, creationFlags, IntPtr.Zero, workingDirectory, ref startupInfo, out procInfo))
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
var ret = Process.GetProcessById(procInfo.dwProcessId);
ProcessMemoryManager.ForProcess(ret).MainThreadId = procInfo.dwThreadId;
return ret;
}
public ProcessInfo CreateProcessWithTokenAndDll(IntPtr token, int logonFlags, string applicationName,
string commandLine, ProcessCreationFlags creationFlags,
string environment, string currentDirectory,
Nullable<STARTUPINFO> startupInfo, string dllName,
IntPtr signalCompletedEvent, string initFunctionName)
{
ProcessInfo pi = new ProcessInfo();
IntPtr stInfo = IntPtr.Zero;
if (startupInfo.HasValue)
{
stInfo = Marshal.AllocHGlobal(Marshal.SizeOf(startupInfo.Value));
Marshal.StructureToPtr(startupInfo.Value, stInfo, false);
}
if (applicationName == null)
applicationName = "";
if (commandLine == null)
commandLine = "";
if (environment == null)
environment = "";
if (currentDirectory == null)
currentDirectory = "";
try
{
object o = this.Invoke(this.hookLib, "CreateProcessWithTokenAndDll",
new object[] { IntPtr2Obj(token), logonFlags, applicationName, commandLine,
creationFlags, environment, currentDirectory, IntPtr2Obj(stInfo),
dllName, IntPtr2Obj(signalCompletedEvent), initFunctionName });
pi.procHandle = DuplicateAndConvertToSafeWaitHandle(Obj2IntPtr(this.GetProperty(o, "ProcessHandle")));
pi.threadHandle = DuplicateAndConvertToSafeWaitHandle(Obj2IntPtr(this.GetProperty(o, "ThreadHandle")));
pi.procId = (int)(this.GetProperty(o, "ProcessId"));
pi.threadId = (int)(this.GetProperty(o, "ThreadId"));
}
catch (Exception)
{
throw;
}
finally
{
if (stInfo != IntPtr.Zero)
Marshal.FreeHGlobal(stInfo);
}
return pi;
}
public ProcessInfo CreateProcess(string applicationName, string commandLine,
Nullable<SECURITY_ATTRIBUTES> processAttributes,
Nullable<SECURITY_ATTRIBUTES> threadAttributes,
bool inheritHandles, ProcessCreationFlags creationFlags,
string environment, string currentDirectory,
Nullable<STARTUPINFO> startupInfo)
{
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
IntPtr procAttr = IntPtr.Zero;
IntPtr threadAttr = IntPtr.Zero;
IntPtr stInfo = IntPtr.Zero;
if (processAttributes.HasValue)
{
procAttr = Marshal.AllocHGlobal(Marshal.SizeOf(processAttributes.Value));
Marshal.StructureToPtr(processAttributes.Value, procAttr, false);
}
if (threadAttributes.HasValue)
{
threadAttr = Marshal.AllocHGlobal(Marshal.SizeOf(threadAttributes.Value));
Marshal.StructureToPtr(threadAttributes.Value, threadAttr, false);
}
if (startupInfo.HasValue)
{
stInfo = Marshal.AllocHGlobal(Marshal.SizeOf(startupInfo.Value));
Marshal.StructureToPtr(startupInfo.Value, stInfo, false);
}
if (NativeCreateProcess(applicationName, commandLine, procAttr, threadAttr, inheritHandles,
(uint)creationFlags, environment, currentDirectory, stInfo, out pi) == false)
{
Marshal.ThrowExceptionForHR(Marshal.GetHRForLastWin32Error());
}
ProcessInfo _pi = new ProcessInfo();
_pi.procHandle = new SafeWaitHandle(pi.procHandle, true);
_pi.threadHandle = new SafeWaitHandle(pi.threadHandle, true);
_pi.procId = pi.procId;
_pi.threadId = pi.threadId;
return _pi;
}
public ProcessInfo CreateProcessWithDll(string applicationName, string commandLine,
Nullable<SECURITY_ATTRIBUTES> processAttributes,
Nullable<SECURITY_ATTRIBUTES> threadAttributes,
bool inheritHandles, ProcessCreationFlags creationFlags,
string environment, string currentDirectory,
Nullable<STARTUPINFO> startupInfo, string dllName,
IntPtr signalCompletedEvent, string initFunctionName)
{
ProcessInfo pi = new ProcessInfo();
IntPtr procAttr = IntPtr.Zero;
IntPtr threadAttr = IntPtr.Zero;
IntPtr stInfo = IntPtr.Zero;
int ih = (inheritHandles) ? -1 : 0;
if (processAttributes.HasValue)
{
procAttr = Marshal.AllocHGlobal(Marshal.SizeOf(processAttributes.Value));
Marshal.StructureToPtr(processAttributes.Value, procAttr, false);
}
if (threadAttributes.HasValue)
{
threadAttr = Marshal.AllocHGlobal(Marshal.SizeOf(threadAttributes.Value));
Marshal.StructureToPtr(threadAttributes.Value, threadAttr, false);
}
if (startupInfo.HasValue)
{
stInfo = Marshal.AllocHGlobal(Marshal.SizeOf(startupInfo.Value));
Marshal.StructureToPtr(startupInfo.Value, stInfo, false);
}
if (applicationName == null)
applicationName = "";
if (commandLine == null)
commandLine = "";
if (environment == null)
environment = "";
if (currentDirectory == null)
currentDirectory = "";
try
{
object o = this.Invoke(this.hookLib, "CreateProcessWithDll",
new object[] { applicationName, commandLine, IntPtr2Obj(procAttr),
IntPtr2Obj(threadAttr), ih, creationFlags, environment,
currentDirectory, IntPtr2Obj(stInfo), dllName,
IntPtr2Obj(signalCompletedEvent), initFunctionName });
pi.procHandle = DuplicateAndConvertToSafeWaitHandle(Obj2IntPtr(this.GetProperty(o, "ProcessHandle")));
pi.threadHandle = DuplicateAndConvertToSafeWaitHandle(Obj2IntPtr(this.GetProperty(o, "ThreadHandle")));
pi.procId = (int)(this.GetProperty(o, "ProcessId"));
pi.threadId = (int)(this.GetProperty(o, "ThreadId"));
}
catch (Exception)
{
throw;
}
finally
{
if (stInfo != IntPtr.Zero)
Marshal.FreeHGlobal(stInfo);
if (threadAttr != IntPtr.Zero)
Marshal.FreeHGlobal(threadAttr);
if (procAttr != IntPtr.Zero)
Marshal.FreeHGlobal(procAttr);
}
return pi;
}
public static ProcessInformation CreateWithToken(TokenHandle tokenHandle, ProcessLogonFlags logonFlags, string applicationName, string commandLine, ProcessCreationFlags creationFlags, EnvironmentBlockHandle environment, string currentDirectory, ProcessStartInfo startupInfo)
{
ProcessInformationOut processInformation;
if (!NativeMethods.CreateProcessWithTokenW(tokenHandle, logonFlags, applicationName, commandLine, creationFlags, environment, currentDirectory, startupInfo, out processInformation) || processInformation.ProcessHandle == IntPtr.Zero || processInformation.ThreadHandle == IntPtr.Zero)
{
ErrorHelper.ThrowCustomWin32Exception();
}
return new ProcessInformation(processInformation.ProcessHandle, processInformation.ProcessId, processInformation.ThreadHandle, processInformation.ThreadId);
}
public static extern bool CreateProcess(string applicationName, string commandLine, IntPtr processAttributes, IntPtr threadAttributes, bool inheritHandles, ProcessCreationFlags creationFlags, IntPtr environment, string currentDirectory, ref StartupInfo startupInfo, out ProcessInformation processInfo);
public static extern bool CreateProcessAsUser(TokenHandle tokenHandle, string applicationName, string commandLine, SecurityAttributes processAttributes, SecurityAttributes threadAttributes, bool inheritHandles, ProcessCreationFlags creationFlags, EnvironmentBlockHandle environment, string currentDirectory, ProcessStartInfo startInfo, out ProcessInformationOut processInformation);
public static extern bool CreateProcessWithLogonW(string username, string domain, string password, ProcessLogonFlags logonFlags, string applicationName, string commandLine, ProcessCreationFlags creationFlags, EnvironmentBlockHandle environment, string currentDirectory, ProcessStartInfo startupInfo, out ProcessInformationOut processInformation);
/// <summary>
/// Creates a new process and its primary thread.
/// </summary>
/// <param name="commandLine"></param>
/// <param name="creationFlags"></param>
/// <param name="currentDirectory"></param>
/// <param name="startupInfo"></param>
/// <param name="processInformation"></param>
/// <exception cref="Win32Exception"></exception>
public static void CreateProcess(string commandLine, ProcessCreationFlags creationFlags,
string currentDirectory, ref ProcessStartupInfo startupInfo, out ProcessInformation processInformation)
{
if (!UnmanagedCreateProcess(null, commandLine, IntPtr.Zero, IntPtr.Zero, false, creationFlags, IntPtr.Zero, currentDirectory, ref startupInfo, out processInformation))
{
throw new Win32Exception();
}
}
public IProcessInformation CreateWithToken(TokenHandle token, ProcessLogonFlags logonFlags, string applicationName, string commandLine, ProcessCreationFlags creationFlags, EnvironmentBlockHandle environment, string currentDirectory, ProcessStartInfo startupInfo)
{
return ProcessHandle.CreateWithToken(token, logonFlags, applicationName, commandLine, creationFlags, environment, currentDirectory, startupInfo);
}
public static extern bool CreateProcessWithTokenW(TokenHandle tokenHandle, ProcessLogonFlags logonFlags, string applicationName, string commandLine, ProcessCreationFlags creationFlags, EnvironmentBlockHandle environment, string currentDirectory, ProcessStartInfo startupInfo, out ProcessInformationOut processInformation);
public unsafe static void CopyProcessParameters(
ProcessHandle processHandle,
IntPtr peb,
ProcessCreationFlags creationFlags,
string imagePathName,
string dllPath,
string currentDirectory,
string commandLine,
EnvironmentBlock environment,
string windowTitle,
string desktopInfo,
string shellInfo,
string runtimeInfo,
ref StartupInfo startupInfo
)
{
UnicodeString imagePathNameStr;
UnicodeString dllPathStr;
UnicodeString currentDirectoryStr;
UnicodeString commandLineStr;
UnicodeString windowTitleStr;
UnicodeString desktopInfoStr;
UnicodeString shellInfoStr;
UnicodeString runtimeInfoStr;
// Create the unicode strings.
imagePathNameStr = new UnicodeString(imagePathName);
dllPathStr = new UnicodeString(dllPath);
currentDirectoryStr = new UnicodeString(currentDirectory);
commandLineStr = new UnicodeString(commandLine);
windowTitleStr = new UnicodeString(windowTitle);
desktopInfoStr = new UnicodeString(desktopInfo);
shellInfoStr = new UnicodeString(shellInfo);
runtimeInfoStr = new UnicodeString(runtimeInfo);
try
{
NtStatus status;
IntPtr processParameters;
// Create the process parameter block.
status = Win32.RtlCreateProcessParameters(
out processParameters,
ref imagePathNameStr,
ref dllPathStr,
ref currentDirectoryStr,
ref commandLineStr,
environment,
ref windowTitleStr,
ref desktopInfoStr,
ref shellInfoStr,
ref runtimeInfoStr
);
if (status >= NtStatus.Error)
Win32.Throw(status);
try
{
// Allocate a new memory region in the remote process for
// the environment block and copy it over.
int environmentLength;
IntPtr newEnvironment;
environmentLength = environment.GetLength();
newEnvironment = processHandle.AllocateMemory(
environmentLength,
MemoryProtection.ReadWrite
);
processHandle.WriteMemory(
newEnvironment,
environment,
environmentLength
);
// Copy over the startup info data.
RtlUserProcessParameters* paramsStruct = (RtlUserProcessParameters*)processParameters;
paramsStruct->Environment = newEnvironment;
paramsStruct->StartingX = startupInfo.X;
paramsStruct->StartingY = startupInfo.Y;
paramsStruct->CountX = startupInfo.XSize;
paramsStruct->CountY = startupInfo.YSize;
paramsStruct->CountCharsX = startupInfo.XCountChars;
paramsStruct->CountCharsY = startupInfo.YCountChars;
paramsStruct->FillAttribute = startupInfo.FillAttribute;
paramsStruct->WindowFlags = startupInfo.Flags;
paramsStruct->ShowWindowFlags = startupInfo.ShowWindow;
if ((startupInfo.Flags & StartupFlags.UseStdHandles) == StartupFlags.UseStdHandles)
{
paramsStruct->StandardInput = startupInfo.StdInputHandle;
paramsStruct->StandardOutput = startupInfo.StdOutputHandle;
paramsStruct->StandardError = startupInfo.StdErrorHandle;
}
// TODO: Add console support.
// Allocate a new memory region in the remote process for
// the process parameters.
IntPtr newProcessParameters;
IntPtr regionSize = paramsStruct->Length.ToIntPtr();
newProcessParameters = processHandle.AllocateMemory(
IntPtr.Zero,
ref regionSize,
MemoryFlags.Commit,
MemoryProtection.ReadWrite
);
paramsStruct->MaximumLength = regionSize.ToInt32();
processHandle.WriteMemory(newProcessParameters, processParameters, paramsStruct->Length);
// Modify the process parameters pointer in the PEB.
processHandle.WriteMemory(
peb.Increment(Peb.ProcessParametersOffset),
&newProcessParameters,
IntPtr.Size
);
}
finally
{
Win32.RtlDestroyProcessParameters(processParameters);
}
}
finally
{
imagePathNameStr.Dispose();
dllPathStr.Dispose();
currentDirectoryStr.Dispose();
commandLineStr.Dispose();
windowTitleStr.Dispose();
desktopInfoStr.Dispose();
shellInfoStr.Dispose();
runtimeInfoStr.Dispose();
}
}
public IProcessInformation Create(string applicationName, string commandLine, bool inheritHandles, ProcessCreationFlags creationFlags, IEnvironmentBlock environment, string currentDirectory, ProcessStartInfo startInfo, ProcessSecurity processSecurity = null, ThreadSecurity threadSecurity = null)
{
return Create(applicationName, commandLine, inheritHandles, creationFlags, environment == null ? null : environment.Handle, currentDirectory, startInfo, processSecurity, threadSecurity);
}
public IProcessInformation CreateAsUser(TokenHandle token, string applicationName, string commandLine, bool inheritHandles, ProcessCreationFlags creationFlags, EnvironmentBlockHandle environment, string currentDirectory, ProcessStartInfo startInfo, ProcessSecurity processSecurity = null, ThreadSecurity threadSecurity = null)
{
return ProcessHandle.CreateAsUser(token, applicationName, commandLine, inheritHandles, creationFlags, environment, currentDirectory, startInfo, processSecurity, threadSecurity);
}
public IProcessInformation CreateWithLogin(string username, string domain, string password, ProcessLogonFlags logonFlags, string applicationName, string commandLine, ProcessCreationFlags creationFlags, EnvironmentBlockHandle environment, string currentDirectory, ProcessStartInfo startupInfo)
{
return ProcessHandle.CreateWithLogin(username, domain, password, logonFlags, applicationName, commandLine, creationFlags, environment, currentDirectory, startupInfo);
}
public static extern bool CreateProcess(
string lpApplicationName,
string lpCommandLine,
ref SECURITY_ATTRIBUTES lpProcessAttributes,
ref SECURITY_ATTRIBUTES lpThreadAttributes,
bool bInheritHandles,
ProcessCreationFlags dwCreationFlags,
IntPtr lpEnvironment,
string lpCurrentDirectory,
[In] ref STARTUPINFO lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
public static ProcessInformation CreateWithLogin(string username, string domain, string password, ProcessLogonFlags logonFlags, string applicationName, string commandLine, ProcessCreationFlags creationFlags, EnvironmentBlockHandle environmentHandle, string currentDirectory, ProcessStartInfo startupInfo)
{
ProcessInformationOut processInformation;
if (!NativeMethods.CreateProcessWithLogonW(username, domain, password, logonFlags, applicationName, commandLine, creationFlags, environmentHandle ?? new EnvironmentBlockHandle(), currentDirectory, startupInfo, out processInformation) || processInformation.ProcessHandle == IntPtr.Zero || processInformation.ThreadHandle == IntPtr.Zero)
{
ErrorHelper.ThrowCustomWin32Exception();
}
return new ProcessInformation(processInformation.ProcessHandle, processInformation.ProcessId, processInformation.ThreadHandle, processInformation.ThreadId);
}
