public static void CopyDirectory(this FileSystemManager fs, string sourcePath, string destPath, CreateFileOptions options = CreateFileOptions.None, IProgressReport logger = null) { using (DirectoryHandle sourceHandle = fs.OpenDirectory(sourcePath, OpenDirectoryMode.All)) { foreach (DirectoryEntry entry in fs.ReadDirectory(sourceHandle)) { string subSrcPath = PathTools.Normalize(PathTools.Combine(sourcePath, entry.Name)); string subDstPath = PathTools.Normalize(PathTools.Combine(destPath, entry.Name)); if (entry.Type == DirectoryEntryType.Directory) { fs.EnsureDirectoryExists(subDstPath); fs.CopyDirectory(subSrcPath, subDstPath, options, logger); } if (entry.Type == DirectoryEntryType.File) { logger?.LogMessage(subSrcPath); fs.CreateOrOverwriteFile(subDstPath, entry.Size, options); fs.CopyFile(subSrcPath, subDstPath, logger); } } } }
private void PopulateDirectory(string directory) { try { using (DirectoryHandle dhandle = new DirectoryHandle(directory, DirectoryAccess.Query)) { var objects = dhandle.GetObjects(); foreach (var obj in objects) { if (obj.TypeName != "Directory") { continue; } this.GetTreeNode(directory).Nodes.Add(obj.Name, obj.Name); this.PopulateDirectory(this.NormalizePath(directory + "\\" + obj.Name)); } } } catch (WindowsException) { } }
public static IEnumerable <DirectoryEntry> EnumerateEntries(this FileSystemManager fs, string path, string searchPattern, SearchOptions searchOptions) { bool ignoreCase = searchOptions.HasFlag(SearchOptions.CaseInsensitive); bool recurse = searchOptions.HasFlag(SearchOptions.RecurseSubdirectories); using (DirectoryHandle sourceHandle = fs.OpenDirectory(path, OpenDirectoryMode.All)) { foreach (DirectoryEntry entry in fs.ReadDirectory(sourceHandle)) { if (PathTools.MatchesPattern(searchPattern, entry.Name, ignoreCase)) { yield return(entry); } if (entry.Type != DirectoryEntryType.Directory || !recurse) { continue; } string subPath = PathTools.Normalize(PathTools.Combine(path, entry.Name)); IEnumerable <DirectoryEntry> subEntries = fs.EnumerateEntries(subPath, searchPattern, searchOptions); foreach (DirectoryEntry subEntry in subEntries) { subEntry.FullPath = PathTools.Combine(path, subEntry.Name); yield return(subEntry); } } } }
public void PrintsConfig() { const string simpleConfig = @"#comment key1=value1 key2=value2 "; // const string expectedOutputPattern = //@"Main config file\: .+\\config.cfg //Override config file\: N/A //Values\: //KEY1\=value1 //KEY2\=value2 //End"; using (DirectoryHandle tempDir1 = TempDirectoriesFactory.CreateEmpty()) { var localCfgPath = Path.Combine(tempDir1.AbsolutePath, "config.cfg"); File.WriteAllText(localCfgPath, simpleConfig); FileSimpleConfig localConfig = new FileSimpleConfig(localCfgPath); var result = localConfig.ToString(); //verify manually if needed } }
public static Result ReadDirectory(this FileSystemClient fs, out long entriesRead, Span <DirectoryEntry> entryBuffer, DirectoryHandle handle) { Result rc; if (fs.Impl.IsEnabledAccessLog() && fs.Impl.IsEnabledHandleAccessLog(handle)) { Tick start = fs.Hos.Os.GetSystemTick(); rc = Get(handle).Read(out entriesRead, entryBuffer); Tick end = fs.Hos.Os.GetSystemTick(); Span <byte> buffer = stackalloc byte[0x50]; var sb = new U8StringBuilder(buffer, true); sb.Append(LogEntryBufferCount).AppendFormat(entryBuffer.Length) .Append(LogEntryCount).AppendFormat(entriesRead); fs.Impl.OutputAccessLog(rc, start, end, handle, new U8Span(sb.Buffer)); } else { rc = Get(handle).Read(out entriesRead, entryBuffer); } fs.Impl.AbortIfNeeded(rc); return(rc); }
public void Setup() { testDir = TempDirectoriesFactory.CreateEmpty(); pathDaily = Path.Combine(testDir.AbsolutePath, "_event.2014-01-01.txt"); pathMonthly = Path.Combine(testDir.AbsolutePath, "_event.2014-01.txt"); monthlyWriter = new LogWriter(pathDaily, new DateTime(2014, 1, 1), false); dailyWriter = new LogWriter(pathMonthly, new DateTime(2014, 1, 1), false); }
public void Setup() { tempDir = TempDirectoriesFactory.CreateEmpty(); container = new MockingContainer <ChangelogManager>(); container.Arrange <IBinDirectory>(directory => directory.FullPath).Returns(tempDir.FullName); WriteSampleChangelog(); }
public void Setup() { sourceSoundsDir = TempDirectoriesFactory.CreateByUnzippingFile(Path.Combine("Resources", "sounds_wav.7z")); dataDir = TempDirectoriesFactory.CreateEmpty(); var waDataDir = Mock.Create <IWurmAssistantDataDirectory>(); waDataDir.Arrange(directory => directory.DirectoryPath).Returns(dataDir.FullName); Kernel.Bind <IWurmAssistantDataDirectory>().ToConstant(waDataDir); soundBankDir = Path.Combine(dataDir.FullName, SoundsLibrary.SoundbankDirName); }
public static Result OpenDirectory(this FileSystemClient fs, out DirectoryHandle handle, U8Span path, OpenDirectoryMode mode) { UnsafeHelpers.SkipParamInit(out handle); Result rc; U8Span subPath; FileSystemAccessor fileSystem; Span <byte> logBuffer = stackalloc byte[0x300]; if (fs.Impl.IsEnabledAccessLog()) { Tick start = fs.Hos.Os.GetSystemTick(); rc = fs.Impl.FindFileSystem(out fileSystem, out subPath, path); Tick end = fs.Hos.Os.GetSystemTick(); var sb = new U8StringBuilder(logBuffer, true); sb.Append(LogPath).Append(path).Append((byte)'"').Append(LogOpenMode).AppendFormat((int)mode, 'X'); logBuffer = sb.Buffer; fs.Impl.OutputAccessLogUnlessResultSuccess(rc, start, end, null, new U8Span(logBuffer)); } else { rc = fs.Impl.FindFileSystem(out fileSystem, out subPath, path); } fs.Impl.AbortIfNeeded(rc); if (rc.IsFailure()) { return(rc); } DirectoryAccessor accessor; if (fs.Impl.IsEnabledAccessLog() && fileSystem.IsEnabledAccessLog()) { Tick start = fs.Hos.Os.GetSystemTick(); rc = fileSystem.OpenDirectory(out accessor, subPath, mode); Tick end = fs.Hos.Os.GetSystemTick(); fs.Impl.OutputAccessLog(rc, start, end, accessor, new U8Span(logBuffer)); } else { rc = fileSystem.OpenDirectory(out accessor, subPath, mode); } fs.Impl.AbortIfNeeded(rc); if (rc.IsFailure()) { return(rc); } handle = new DirectoryHandle(accessor); return(Result.Success); }
private void ChangeDirectory() { listObjects.Items.Clear(); if (treeDirectories.SelectedNode != null) { listObjects.BeginUpdate(); try { using (DirectoryHandle dhandle = new DirectoryHandle(this.NormalizePath(treeDirectories.SelectedNode.FullPath), DirectoryAccess.Query)) { var objects = dhandle.GetObjects(); foreach (var obj in objects) { var item = listObjects.Items.Add(new ListViewItem(new string[] { obj.Name, obj.TypeName, "" })); if (imageList.Images.ContainsKey(obj.TypeName.ToLower())) { item.ImageKey = obj.TypeName.ToLower(); } else { item.ImageKey = "object"; } if (obj.TypeName == "SymbolicLink") { try { using (SymbolicLinkHandle shandle = new SymbolicLinkHandle( this.NormalizePath( treeDirectories.SelectedNode.FullPath + "\\" + obj.Name), SymbolicLinkAccess.Query)) item.SubItems[2].Text = shandle.GetTarget(); } catch { } } } } } catch (WindowsException) { } listObjects.EndUpdate(); } }
public DriverHandle(string name, ObjectFlags objectFlags, DirectoryHandle rootDirectory) { ObjectAttributes oa = new ObjectAttributes(name, objectFlags, rootDirectory); try { this.Handle = KProcessHacker.Instance.KphOpenDriver(oa).ToIntPtr(); } finally { oa.Dispose(); } }
public IEnumerable <DirectoryEntry> ReadDirectory(DirectoryHandle handle) { if (IsEnabledAccessLog() && IsEnabledHandleAccessLog(handle)) { TimeSpan startTime = Time.GetCurrent(); IEnumerable <DirectoryEntry> entries = handle.Directory.Read(); TimeSpan endTime = Time.GetCurrent(); OutputAccessLog(startTime, endTime, handle, string.Empty); return(entries); } return(handle.Directory.Read()); }
public virtual void Setup() { // gotcha: this will spam trace output with exceptions: Fixture.HttpWebRequestsMock.Arrange(requests => requests.GetResponseAsync(Arg.IsAny <string>())) .Throws <NotSupportedException>(); HtmlWebRequestsDir = TempDirectoriesFactory.CreateByUnzippingFile(Path.Combine(TestPaksZippedDirFullPath, "WurmServerTests-wurmdir-webrequests.7z")); ClientMock.PopulateFromZip(Path.Combine(TestPaksZippedDirFullPath, "WurmServerTests-wurmdir.7z")); Timescope = TimeStub.CreateStubbedScope(); Timescope.SetAllLocalTimes(MockedNow); }
public static void CloseDirectory(this FileSystemClient fs, DirectoryHandle handle) { if (fs.Impl.IsEnabledAccessLog() && fs.Impl.IsEnabledHandleAccessLog(handle)) { Tick start = fs.Hos.Os.GetSystemTick(); Get(handle).Dispose(); Tick end = fs.Hos.Os.GetSystemTick(); fs.Impl.OutputAccessLog(Result.Success, start, end, handle, U8Span.Empty); } else { Get(handle).Dispose(); } }
public void CloseDirectory(DirectoryHandle handle) { if (IsEnabledAccessLog() && IsEnabledHandleAccessLog(handle)) { TimeSpan startTime = Time.GetCurrent(); handle.Directory.Dispose(); TimeSpan endTime = Time.GetCurrent(); OutputAccessLog(startTime, endTime, handle, string.Empty); } else { handle.Directory.Dispose(); } }
public void Setup() { //logsDir = TempDirectoriesFactory.CreateByCopy(Path.Combine(TestPaksDirFullPath, "MonthlyHeuristicsExtractor-sample-logs")); logsDir = TempDirectoriesFactory.CreateByUnzippingFile(Path.Combine(TestPaksZippedDirFullPath, "MonthlyHeuristicsExtractor-sample-logs.7z")); string basePath = logsDir.AbsolutePath; testFile = new FileInfo(Path.Combine(basePath, "Village.2013-03.txt")); emptyTestFile = new FileInfo(Path.Combine(basePath, "Village.2013-03.empty.txt")); invalidTestFile = new FileInfo(Path.Combine(basePath, "Village.2013-03.invaliddata.txt")); unrecognizedTestFile = new FileInfo(Path.Combine(basePath, "unrecognized.txt")); dailyLogFile = new FileInfo(Path.Combine(basePath, "Village.2012-10-24.txt")); fileWithBadStamp = new FileInfo(Path.Combine(basePath, "_Skills.2012-08.txt")); fileThatGoesBeyondMonthDays = new FileInfo(Path.Combine(basePath, "Village.2013-04.txt")); fileEvent201412 = new FileInfo(Path.Combine(basePath, "_Event.2014-12.txt")); }
public void ReadsOverridesFromDifferentLocation() { using (DirectoryHandle tempDir1 = TempDirectoriesFactory.CreateEmpty()) { using (DirectoryHandle tempDir2 = TempDirectoriesFactory.CreateEmpty()) { var localCfgPath = Path.Combine(tempDir1.AbsolutePath, "config.cfg"); var localCfgUsrPath = Path.Combine(tempDir2.AbsolutePath, "config.cfg.usr"); File.WriteAllText(localCfgPath, SampleConfig); File.WriteAllText(localCfgUsrPath, OverrideConfig); FileSimpleConfig localConfig = new FileSimpleConfig(localCfgPath, localCfgUsrPath); Expect(localConfig.HasValue("key to be overriden")); Expect(localConfig.GetValue("key to be overriden"), EqualTo("overriden value")); } } }
public void Setup() { wurmApiConfig = new WurmApiConfig { Platform = Platform.Linux }; system = new LogFileStreamReaderFactory(wurmApiConfig); ubuntuDir = TempDirectoriesFactory.CreateByUnzippingFile(Path.Combine(TestPaksZippedDirFullPath, "ubuntu-wurm-dir.7z")); sampleLogFilePath = Path.Combine(ubuntuDir.AbsolutePath, "players", "aldur", "logs", "_Event.2015-08.txt"); }
public WurmClientMock([NotNull] DirectoryHandle dir, bool createBasicDirs, Platform targetPlatform) { if (dir == null) { throw new ArgumentNullException(nameof(dir)); } this.dir = dir; this.targetPlatform = targetPlatform; var dirinfo = new DirectoryInfo(dir.AbsolutePath); WurmDir = dirinfo.CreateSubdirectory("wurm"); if (createBasicDirs) { CreateBasicDirectories(); } InstallDirectory = Mock.Create <IWurmClientInstallDirectory>(); InstallDirectory.Arrange(directory => directory.FullPath).Returns(Path.Combine(dir.AbsolutePath, "wurm")); }
private void PopulateDirectory(string directory) { try { using (DirectoryHandle dhandle = new DirectoryHandle(directory, DirectoryAccess.Query)) { var objects = dhandle.GetObjects(); foreach (var obj in objects) { if (obj.TypeName != "Directory") continue; this.GetTreeNode(directory).Nodes.Add(obj.Name, obj.Name); this.PopulateDirectory(this.NormalizePath(directory + "\\" + obj.Name)); } } } catch (WindowsException) { } }
public static bool ObjectExists(string name) { if (string.IsNullOrEmpty(name)) { return(false); } if (name == "\\") { return(true); } string[] s = name.Split('\\'); string lastPart = s[s.Length - 1]; string dirPart = name.Substring(0, name.Length - lastPart.Length - 1); // -1 char to leave out the trailing backslash try { using (var dhandle = new DirectoryHandle(dirPart, DirectoryAccess.Query)) { var objects = dhandle.GetObjects(); foreach (var obj in objects) { if (obj.Name.Equals(lastPart, StringComparison.OrdinalIgnoreCase)) { return(true); } } return(false); } } catch (WindowsException) { return(false); } }
public DirectoryHandle OpenDirectory(string path, OpenDirectoryMode mode) { FindFileSystem(path.AsSpan(), out FileSystemAccessor fileSystem, out ReadOnlySpan <char> subPath) .ThrowIfFailure(); DirectoryHandle handle; if (IsEnabledAccessLog() && fileSystem.IsAccessLogEnabled) { TimeSpan startTime = Time.GetCurrent(); DirectoryAccessor dir = fileSystem.OpenDirectory(subPath.ToString(), mode); handle = new DirectoryHandle(dir); TimeSpan endTime = Time.GetCurrent(); OutputAccessLog(startTime, endTime, handle, $", path: \"{path}\", open_mode: {mode}"); } else { DirectoryAccessor dir = fileSystem.OpenDirectory(subPath.ToString(), mode); handle = new DirectoryHandle(dir); } return(handle); }
public void Setup() { dir = TempDirectoriesFactory.CreateEmpty(); sqLiteDataStorage = new SqLiteDataStorage(dir.FullName); }
private void unloadMenuItem_Click(object sender, EventArgs e) { if (!PhUtils.ShowConfirmMessage( "Unload", _pid != 4 ? "the selected module" : "the selected driver", _pid != 4 ? "Unloading a module may cause the process to crash." : "Unloading a driver may cause system instability.", true )) { return; } if (_pid == 4) { try { var moduleItem = (ModuleItem)listModules.SelectedItems[0].Tag; string serviceName = null; // Try to find the name of the service key for the driver by // looping through the objects in the Driver directory and // opening each one. using (var dhandle = new DirectoryHandle("\\Driver", DirectoryAccess.Query)) { foreach (var obj in dhandle.GetObjects()) { try { using (var driverHandle = new DriverHandle("\\Driver\\" + obj.Name)) { if (driverHandle.GetBasicInformation().DriverStart == moduleItem.BaseAddress) { serviceName = driverHandle.GetServiceKeyName(); break; } } } catch { } } } // If we didn't find the service name, use the driver base name. if (serviceName == null) { if (moduleItem.Name.ToLower().EndsWith(".sys")) { serviceName = moduleItem.Name.Remove(moduleItem.Name.Length - 4, 4); } else { serviceName = moduleItem.Name; } } RegistryKey servicesKey = Registry.LocalMachine.OpenSubKey("SYSTEM\\CurrentControlSet\\Services", true); bool serviceKeyCreated; RegistryKey serviceKey; // Check if the service key exists so that we don't delete it // later if it does. if (Array.Exists <string>(servicesKey.GetSubKeyNames(), (keyName) => (string.Compare(keyName, serviceName, true) == 0))) { serviceKeyCreated = false; } else { serviceKeyCreated = true; // Create the service key. serviceKey = servicesKey.CreateSubKey(serviceName); serviceKey.SetValue("ErrorControl", 1, RegistryValueKind.DWord); serviceKey.SetValue("ImagePath", "\\??\\" + moduleItem.FileName, RegistryValueKind.ExpandString); serviceKey.SetValue("Start", 1, RegistryValueKind.DWord); serviceKey.SetValue("Type", 1, RegistryValueKind.DWord); serviceKey.Close(); servicesKey.Flush(); } try { Windows.UnloadDriver(serviceName); } finally { if (serviceKeyCreated) { servicesKey.DeleteSubKeyTree(serviceName); } servicesKey.Close(); } listModules.SelectedItems.Clear(); } catch (Exception ex) { MessageBox.Show("Unable to unload the driver. Make sure Process Hacker " + "is running with administrative privileges. Error:\n\n" + ex.Message, "Process Hacker", MessageBoxButtons.OK, MessageBoxIcon.Error); } } else { try { using (ProcessHandle phandle = new ProcessHandle(_pid, Program.MinProcessQueryRights | ProcessAccess.VmOperation | ProcessAccess.VmRead | ProcessAccess.VmWrite | ProcessAccess.CreateThread)) { IntPtr baseAddress = ((ModuleItem)listModules.SelectedItems[0].Tag).BaseAddress; phandle.SetModuleReferenceCount(baseAddress, 1); ThreadHandle thread; if (OSVersion.IsAboveOrEqual(WindowsVersion.Vista)) { // Use RtlCreateUserThread to bypass session boundaries. Since // LdrUnloadDll is a native function we don't need to notify CSR. thread = phandle.CreateThread( Loader.GetProcedure("ntdll.dll", "LdrUnloadDll"), baseAddress ); } else { // On XP it seems we need to notify CSR... thread = phandle.CreateThreadWin32( Loader.GetProcedure("kernel32.dll", "FreeLibrary"), baseAddress ); } thread.Wait(1000 * Win32.TimeMsTo100Ns); NtStatus exitStatus = thread.GetExitStatus(); if (exitStatus == NtStatus.DllNotFound) { if (IntPtr.Size == 8) { PhUtils.ShowError("Unable to find the module to unload. This may be caused " + "by an attempt to unload a mapped file or a 32-bit module."); } else { PhUtils.ShowError("Unable to find the module to unload. This may be caused " + "by an attempt to unload a mapped file."); } } else { exitStatus.ThrowIf(); } thread.Dispose(); } listModules.SelectedItems.Clear(); } catch (Exception ex) { PhUtils.ShowException("Unable to unload the module", ex); } } }
public void BaseSetup() { directoryHandle = TempDirectoriesFactory.CreateEmpty(); }
// ========================== // Operations on directory handles // ========================== public int GetDirectoryEntryCount(DirectoryHandle handle) { return(handle.Directory.GetEntryCount()); }
private void ChangeDirectory() { listObjects.Items.Clear(); if (treeDirectories.SelectedNode != null) { listObjects.BeginUpdate(); try { using (DirectoryHandle dhandle = new DirectoryHandle(this.NormalizePath(treeDirectories.SelectedNode.FullPath), DirectoryAccess.Query)) { var objects = dhandle.GetObjects(); foreach (var obj in objects) { var item = listObjects.Items.Add(new ListViewItem(new string[] { obj.Name, obj.TypeName, "" })); if (imageList.Images.ContainsKey(obj.TypeName.ToLower())) item.ImageKey = obj.TypeName.ToLower(); else item.ImageKey = "object"; if (obj.TypeName == "SymbolicLink") { try { using (SymbolicLinkHandle shandle = new SymbolicLinkHandle( this.NormalizePath( treeDirectories.SelectedNode.FullPath + "\\" + obj.Name), SymbolicLinkAccess.Query)) item.SubItems[2].Text = shandle.GetTarget(); } catch { } } } } } catch (WindowsException) { } listObjects.EndUpdate(); } }
private void unloadMenuItem_Click(object sender, EventArgs e) { if (!PhUtils.ShowConfirmMessage( "Unload", _pid != 4 ? "the selected module" : "the selected driver", _pid != 4 ? "Unloading a module may cause the process to crash." : "Unloading a driver may cause system instability.", true )) return; if (_pid == 4) { try { ModuleItem moduleItem = listModules.SelectedItems[0].Tag as ModuleItem; string serviceName = null; // Try to find the name of the service key for the driver by // looping through the objects in the Driver directory and // opening each one. using (DirectoryHandle dhandle = new DirectoryHandle("\\Driver", DirectoryAccess.Query)) { foreach (DirectoryHandle.ObjectEntry obj in dhandle.GetObjects()) { try { using (DriverHandle driverHandle = new DriverHandle("\\Driver\\" + obj.Name)) { if (driverHandle.BasicInformation.DriverStart == moduleItem.BaseAddress.ToIntPtr()) { serviceName = driverHandle.ServiceKeyName; break; } } } catch { } } } // If we didn't find the service name, use the driver base name. if (string.IsNullOrEmpty(serviceName)) { if (moduleItem.Name.EndsWith(".sys", StringComparison.OrdinalIgnoreCase)) serviceName = moduleItem.Name.Remove(moduleItem.Name.Length - 4, 4); else serviceName = moduleItem.Name; } RegistryKey servicesKey = Registry.LocalMachine.OpenSubKey("SYSTEM\\CurrentControlSet\\Services", true); bool serviceKeyCreated; RegistryKey serviceKey; // Check if the service key exists so that we don't delete it // later if it does. if (Array.Exists(servicesKey.GetSubKeyNames(), keyName => string.Compare(keyName, serviceName, true) == 0)) { serviceKeyCreated = false; } else { serviceKeyCreated = true; // Create the service key. serviceKey = servicesKey.CreateSubKey(serviceName); serviceKey.SetValue("ErrorControl", 1, RegistryValueKind.DWord); serviceKey.SetValue("ImagePath", "\\??\\" + moduleItem.FileName, RegistryValueKind.ExpandString); serviceKey.SetValue("Start", 1, RegistryValueKind.DWord); serviceKey.SetValue("Type", 1, RegistryValueKind.DWord); serviceKey.Close(); servicesKey.Flush(); } try { Windows.UnloadDriver(serviceName); } finally { if (serviceKeyCreated) servicesKey.DeleteSubKeyTree(serviceName); servicesKey.Close(); } listModules.SelectedItems.Clear(); } catch (Exception ex) { MessageBox.Show("Unable to unload the driver. Make sure Process Hacker " + "is running with administrative privileges. Error:\n\n" + ex.Message, "Process Hacker", MessageBoxButtons.OK, MessageBoxIcon.Error); } } else { try { using (ProcessHandle phandle = new ProcessHandle(_pid, Program.MinProcessQueryRights | ProcessAccess.VmOperation | ProcessAccess.VmRead | ProcessAccess.VmWrite | ProcessAccess.CreateThread)) { IntPtr baseAddress = (listModules.SelectedItems[0].Tag as ModuleItem).BaseAddress.ToIntPtr(); phandle.SetModuleReferenceCount(baseAddress, 1); ThreadHandle thread; if (OSVersion.IsAboveOrEqual(WindowsVersion.Vista)) { // Use RtlCreateUserThread to bypass session boundaries. Since // LdrUnloadDll is a native function we don't need to notify CSR. thread = phandle.CreateThread( Loader.GetProcedure("ntdll.dll", "LdrUnloadDll"), baseAddress ); } else { // On XP it seems we need to notify CSR... thread = phandle.CreateThreadWin32( Loader.GetProcedure("kernel32.dll", "FreeLibrary"), baseAddress ); } thread.Wait(1000 * Win32.TimeMsTo100Ns); NtStatus exitStatus = thread.GetExitStatus(); if (exitStatus == NtStatus.DllNotFound) { if (OSVersion.Architecture == OSArch.Amd64) { PhUtils.ShowError("Unable to find the module to unload. This may be caused by an attempt to unload a mapped file or a 32-bit module."); } else { PhUtils.ShowError("Unable to find the module to unload. This may be caused by an attempt to unload a mapped file."); } } else { exitStatus.ThrowIf(); } thread.Dispose(); } listModules.SelectedItems.Clear(); } catch (Exception ex) { PhUtils.ShowException("Unable to unload the module", ex); } } }
public virtual void Setup() { dir = TempDirectoriesFactory.CreateEmpty(); }
public void Setup() { DataDir = TempDirectoriesFactory.CreateEmpty(); var lib = new PersistentCollectionsLibrary(new FlatFilesPersistenceStrategy(DataDir.AbsolutePath)); System = new SortedServerHistory(lib.DefaultCollection.GetObject<WurmApi.Modules.Wurm.ServerHistory.PersistentModel.ServerHistory>("default")); }
public void Setup() { dirHandle = TempDirectoriesFactory.CreateEmpty(); strategy = CreatePersistenceStrategy(); }
private void unloadMenuItem_Click(object sender, EventArgs e) { if (!PhUtils.ShowConfirmMessage( "Unload", _pid != 4 ? "the selected module" : "the selected driver", _pid != 4 ? "Unloading a module may cause the process to crash." : "Unloading a driver may cause system instability.", true )) return; if (_pid == 4) { try { var moduleItem = (ModuleItem)listModules.SelectedItems[0].Tag; string serviceName = null; using (var dhandle = new DirectoryHandle("\\Driver", DirectoryAccess.Query)) { foreach (var obj in dhandle.GetObjects()) { try { using (var driverHandle = new DriverHandle("\\Driver\\" + obj.Name)) { if (driverHandle.GetBasicInformation().DriverStart == moduleItem.BaseAddress) { serviceName = driverHandle.GetServiceKeyName(); break; } } } catch { } } } if (serviceName == null) { if (moduleItem.Name.ToLower().EndsWith(".sys")) serviceName = moduleItem.Name.Remove(moduleItem.Name.Length - 4, 4); else serviceName = moduleItem.Name; } RegistryKey servicesKey = Registry.LocalMachine.OpenSubKey("SYSTEM\\CurrentControlSet\\Services", true); bool serviceKeyCreated; RegistryKey serviceKey; if (Array.Exists<string>(servicesKey.GetSubKeyNames(), (keyName) => (string.Compare(keyName, serviceName, true) == 0))) { serviceKeyCreated = false; } else { serviceKeyCreated = true; serviceKey = servicesKey.CreateSubKey(serviceName); serviceKey.SetValue("ErrorControl", 1, RegistryValueKind.DWord); serviceKey.SetValue("ImagePath", "\\??\\" + moduleItem.FileName, RegistryValueKind.ExpandString); serviceKey.SetValue("Start", 1, RegistryValueKind.DWord); serviceKey.SetValue("Type", 1, RegistryValueKind.DWord); serviceKey.Close(); servicesKey.Flush(); } try { Windows.UnloadDriver(serviceName); } finally { if (serviceKeyCreated) servicesKey.DeleteSubKeyTree(serviceName); servicesKey.Close(); } listModules.SelectedItems.Clear(); } catch (Exception ex) { MessageBox.Show("Unable to unload the driver. Make sure Process Hacker " + "is running with administrative privileges. Error:\n\n" + ex.Message, "Process Hacker", MessageBoxButtons.OK, MessageBoxIcon.Error); } } else { try { using (ProcessHandle phandle = new ProcessHandle(_pid, Program.MinProcessQueryRights | ProcessAccess.VmOperation | ProcessAccess.VmRead | ProcessAccess.VmWrite | ProcessAccess.CreateThread)) { IntPtr baseAddress = ((ModuleItem)listModules.SelectedItems[0].Tag).BaseAddress; phandle.SetModuleReferenceCount(baseAddress, 1); ThreadHandle thread; if (OSVersion.IsAboveOrEqual(WindowsVersion.Vista)) { thread = phandle.CreateThread( Loader.GetProcedure("ntdll.dll", "LdrUnloadDll"), baseAddress ); } else { thread = phandle.CreateThreadWin32( Loader.GetProcedure("kernel32.dll", "FreeLibrary"), baseAddress ); } thread.Wait(1000 * Win32.TimeMsTo100Ns); NtStatus exitStatus = thread.GetExitStatus(); if (exitStatus == NtStatus.DllNotFound) { if (IntPtr.Size == 8) { PhUtils.ShowError("Unable to find the module to unload. This may be caused " + "by an attempt to unload a mapped file or a 32-bit module."); } else { PhUtils.ShowError("Unable to find the module to unload. This may be caused " + "by an attempt to unload a mapped file."); } } else { exitStatus.ThrowIf(); } thread.Dispose(); } listModules.SelectedItems.Clear(); } catch (Exception ex) { PhUtils.ShowException("Unable to unload the module", ex); } } }
internal bool IsEnabledHandleAccessLog(DirectoryHandle handle) { return(handle.Directory.Parent.IsAccessLogEnabled); }
public void Setup() { dir = TempDirectoriesFactory.CreateEmpty(); flatFilesDataStorage = new FlatFilesDataStorage(dir.FullName); }
public static bool ObjectExists(string name) { if (string.IsNullOrEmpty(name)) return false; if (name == "\\") return true; string[] s = name.Split('\\'); string lastPart = s[s.Length - 1]; string dirPart = name.Substring(0, name.Length - lastPart.Length - 1); // -1 char to leave out the trailing backslash try { using (var dhandle = new DirectoryHandle(dirPart, ProcessHacker.Native.Security.DirectoryAccess.Query)) { var objects = dhandle.GetObjects(); foreach (var obj in objects) { if (obj.Name.Equals(lastPart, StringComparison.OrdinalIgnoreCase)) return true; } return false; } } catch (WindowsException) { return false; } }
internal void OutputAccessLog(TimeSpan startTime, TimeSpan endTime, DirectoryHandle handle, string message, [CallerMemberName] string caller = "") { AccessLog.Log(startTime, endTime, handle.GetId(), message, caller); }