private void UpdaterDownload_Load(object sender, EventArgs e)
{
string currentVersion = Application.ProductVersion;
string version = this._updateItem.Version.Major + "." + this._updateItem.Version.Minor;
_fileName = Path.GetTempPath() + "processhacker-" + version + "-setup.exe";
labelTitle.Text = "Downloading: Process Hacker " + version;
labelReleased.Text = "Released: " + _updateItem.Date.ToString();
_webClient = new WebClient();
_webClient.DownloadProgressChanged += this.webClient_DownloadProgressChanged;
_webClient.DownloadFileCompleted += this.webClient_DownloadFileCompleted;
_webClient.Headers.Add("User-Agent", "PH/" + currentVersion + " (compatible; PH " +
currentVersion + "; PH " + currentVersion + "; .NET CLR " + Environment.Version + ";)");
try
{
_webClient.DownloadFileAsync(new Uri(_updateItem.Url), _fileName);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to download Process Hacker", ex);
this.Close();
}
}
public static bool ShowProperties(IWin32Window window, int pid, string name)
{
ElevationAction result;
// If we're viewing System, don't prompt for elevation since we can view
// thread and module information without it.
if (pid != 4)
{
result = PromptForElevation(
window,
new int[] { pid },
new string[] { name },
Program.MinProcessQueryRights,
"restart Process Hacker elevated",
"show properties for"
);
}
else
{
result = ElevationAction.NotRequired;
}
if (result == ElevationAction.Elevate)
{
Program.StartProcessHackerAdmin("-v -ip " + pid.ToString(), () =>
{
Program.HackerWindow.Exit();
}, window.Handle);
return(false);
}
else if (result == ElevationAction.Cancel)
{
return(false);
}
if (Program.ProcessProvider.Dictionary.ContainsKey(pid))
{
try
{
ProcessWindow pForm = Program.GetProcessWindow(Program.ProcessProvider.Dictionary[pid],
new Program.PWindowInvokeAction(delegate(ProcessWindow f)
{
Program.FocusWindow(f);
}));
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to inspect the process", ex);
return(false);
}
}
else
{
PhUtils.ShowError("Unable to inspect the process because it does not exist.");
}
return(true);
}
private void openContainingFolderMenuItem_Click(object sender, EventArgs e)
{
try
{
Utils.ShowFileInExplorer(listModules.SelectedItems[0].ToolTipText);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to show the file", ex);
}
}
private void buttonProperties_Click(object sender, EventArgs e)
{
try
{
FileUtils.ShowProperties(textFileName.Text);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to show properties for the file", ex);
}
}
private void buttonInstall_Click(object sender, EventArgs e)
{
// We need to close our handle to the PH mutex in order to
// let the installer continue.
if (Program.GlobalMutex != null)
{
Program.GlobalMutex.Dispose();
Program.GlobalMutex = null;
}
bool success = false;
// Force elevation if required to prevent an exception if the user
// clicks no. Otherwise, start it normally.
if (OSVersion.HasUac && Program.ElevationType == TokenElevationType.Limited)
{
Program.StartProgramAdmin(
_fileName,
"",
new MethodInvoker(() => success = true),
ShowWindowType.Normal,
this.Handle
);
}
else
{
try
{
System.Diagnostics.Process.Start(_fileName);
success = true;
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to start the installer", ex);
}
}
if (success)
{
Program.HackerWindow.Exit();
}
else
{
// User canceled. Re-open the mutex.
try
{
Program.GlobalMutex = new ProcessHacker.Native.Threading.Mutant(Program.GlobalMutexName);
}
catch (Exception ex)
{
Logging.Log(ex);
}
}
}
private void buttonHandleDetails_Click(object sender, EventArgs e)
{
try
{
(new HandleStatisticsWindow(_pid)).ShowDialog();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to show handle statistics", ex);
}
}
private void TryExecute(MethodInvoker action)
{
try
{
action();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to perform the operation", ex);
}
}
private void buttonSetLow_Click(object sender, EventArgs e)
{
try
{
_eventPairHandle.SetLow();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to set the low event", ex);
}
}
private void writeMenuItem_Click(object sender, EventArgs e)
{
try
{
WriteMemory();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to write to process memory", ex);
}
}
private void buttonExplore_Click(object sender, EventArgs e)
{
try
{
Utils.ShowFileInExplorer(textFileName.Text);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to show the file", ex);
}
}
public static void Update(Form form, bool interactive)
{
if (PhUtils.IsInternetConnected)
{
XmlDocument xDoc = new XmlDocument();
try
{
xDoc.Load(Properties.Settings.Default.AppUpdateUrl);
}
catch (Exception ex)
{
if (interactive)
{
PhUtils.ShowException("Unable to download update information", ex);
}
else
{
Program.HackerWindow.QueueMessage("Unable to download update information: " + ex.Message);
}
return;
}
UpdateItem currentVersion = new UpdateItem();
UpdateItem bestUpdate = currentVersion;
XmlNodeList nodes = xDoc.SelectNodes("//update");
foreach (XmlNode node in nodes)
{
try
{
UpdateItem update = new UpdateItem(node);
// Check if this update is better than the one we already have.
if (update.IsBetterThan(bestUpdate, (AppUpdateLevel)Properties.Settings.Default.AppUpdateLevel))
{
bestUpdate = update;
}
}
catch (Exception ex)
{
Logging.Log(ex);
}
}
PromptWithUpdate(form, bestUpdate, currentVersion, interactive);
}
else if (interactive)
{
PhUtils.ShowWarning("An Internet session could not be established. Please verify connectivity.");
}
}
private void searchModuleMenuItem_Click(object sender, EventArgs e)
{
try
{
Process.Start(Properties.Settings.Default.SearchEngine.Replace("%s",
listModules.SelectedItems[0].Text));
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to search for the module", ex);
}
}
private void menuItem6_Click(object sender, EventArgs e)
{
try
{
_data = null;
ReadMemory();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to read process memory", ex);
}
}
private void buttonCancel_Click(object sender, EventArgs e)
{
try
{
_timerHandle.ChangeAccess(TimerAccess.QueryState | TimerAccess.ModifyState);
_timerHandle.Cancel();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to cancel the timer", ex);
}
}
private void buttonRelease_Click(object sender, EventArgs e)
{
try
{
_semaphoreHandle.ChangeAccess(SemaphoreAccess.QueryState | SemaphoreAccess.ModifyState);
_semaphoreHandle.Release();
this.UpdateInfo();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to release the semaphore", ex);
}
}
public ThreadWindow(int PID, int TID, SymbolProvider symbols, ProcessHandle processHandle)
{
InitializeComponent();
this.AddEscapeToClose();
this.SetTopMost();
listViewCallStack_SelectedIndexChanged(null, null);
_pid = PID;
_tid = TID;
_symbols = symbols;
this.Text = Program.ProcessProvider.Dictionary[_pid].Name + " (PID " + _pid.ToString() +
") - Thread " + _tid.ToString();
listViewCallStack.ContextMenu = listViewCallStack.GetCopyMenu();
try
{
if (processHandle != null)
{
_phandle = processHandle;
_processHandleOwned = false;
}
else
{
_phandle = new ProcessHandle(_pid, ProcessAccess.QueryInformation | ProcessAccess.VmRead);
}
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to open the process", ex);
this.Close();
return;
}
try
{
_thandle = new ThreadHandle(_tid, ThreadAccess.GetContext | ThreadAccess.SuspendResume);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to open the thread", ex);
this.Close();
return;
}
}
private void filterMenuItem_Clicked(object sender, EventArgs e)
{
MenuItem item = (MenuItem)sender;
int index = (int)item.Parent.Tag;
try
{
Filter(index, (Matcher)item.Tag);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to filter the search results", ex);
}
}
private void buttonChangelog_Click(object sender, EventArgs e)
{
try
{
InformationBox box = new InformationBox(System.IO.File.ReadAllText(Application.StartupPath + "\\CHANGELOG.txt"));
box.ShowSaveButton = false;
box.Title = "Process Hacker Changelog";
box.ShowDialog();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to view the changelog", ex);
}
}
private void buttonProperties_Click(object sender, EventArgs e)
{
try
{
Program.GetProcessWindow(Program.ProcessProvider.Dictionary[processPid], f =>
{
Settings.Instance.ProcessWindowSelectedTab = "tabThreads";
f.Show();
f.Activate();
});
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to inspect the process", ex);
}
}
private void buttonPermissions_Click(object sender, EventArgs e)
{
try
{
SecurityEditor.EditSecurity(
this,
SecurityEditor.GetSecurableWrapper((access) => _object.GetToken((TokenAccess)access)),
"Token",
NativeTypeFactory.GetAccessEntries(NativeTypeFactory.ObjectType.Token)
);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to edit security", ex);
}
}
private void buttonProperties_Click(object sender, EventArgs e)
{
try
{
ProcessWindow pForm = Program.GetProcessWindow(Program.HackerWindow.processP.Dictionary[processPid],
new Program.PWindowInvokeAction(delegate(ProcessWindow f)
{
Properties.Settings.Default.ProcessWindowSelectedTab = "tabThreads";
f.Show();
f.Activate();
}));
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to inspect the process", ex);
}
}
private void propertiesHandleMenuItem_Click(object sender, EventArgs e)
{
if (listHandles.SelectedItems.Count != 1)
{
return;
}
var handleInfo = ((HandleItem)listHandles.SelectedItems[0].Tag).Handle;
try
{
ShowHandleProperties(handleInfo);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to show handle properties", ex);
}
}
private void buttonPermissions_Click(object sender, EventArgs e)
{
try
{
SecurityEditor.EditSecurity(
this,
SecurityEditor.GetSecurableWrapper(
(access) => new ServiceHandle(listServices.SelectedItems[0].Name, (ServiceAccess)access)
),
listServices.SelectedItems[0].Name,
NativeTypeFactory.GetAccessEntries(NativeTypeFactory.ObjectType.Service)
);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to edit security", ex);
}
}
private void inspectModuleMenuItem_Click(object sender, EventArgs e)
{
try
{
Program.GetPEWindow(this.GetItemFileName(listModules.SelectedItems[0]), f =>
{
if (!f.IsDisposed)
{
f.Show();
f.Activate();
}
});
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to inspect the module", ex);
}
}
private void buttonAcquire_Click(object sender, EventArgs e)
{
try
{
_semaphoreHandle.ChangeAccess((SemaphoreAccess)StandardRights.Synchronize);
// Try to acquire the semaphore. We don't want to wait on it though,
// so we specify a timeout of 0.
if (_semaphoreHandle.Wait(0) != NtStatus.Success)
{
throw new Exception("Could not acquire the semaphore.");
}
this.UpdateInfo();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to acquire the semaphore", ex);
}
}
private void buttonTerminate_Click(object sender, EventArgs e)
{
if (OSVersion.HasTaskDialogs)
{
TaskDialog td = new TaskDialog
{
WindowTitle = "Process Hacker",
MainInstruction = "Do you want to terminate the job?",
Content = "Terminating a job will terminate all processes assigned to it. Are you sure " + "you want to continue?",
MainIcon = TaskDialogIcon.Warning,
DefaultButton = (int)DialogResult.No,
Buttons = new TaskDialogButton[]
{
new TaskDialogButton((int)DialogResult.Yes, "Terminate"),
new TaskDialogButton((int)DialogResult.No, "Cancel")
}
};
if (td.Show(this) == (int)DialogResult.No)
{
return;
}
}
else
{
if (MessageBox.Show(
"Are you sure you want to terminate the job? This action will " +
"terminate all processes associated with the job.", "Process Hacker",
MessageBoxButtons.YesNo, MessageBoxIcon.Exclamation) == DialogResult.No)
{
return;
}
}
try
{
using (NativeHandle <JobObjectAccess> jhandle2 = _jobObject.Duplicate(JobObjectAccess.Terminate))
JobObjectHandle.FromHandle(jhandle2).Terminate();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to terminate the job", ex);
}
}
private void buttonOK_Click(object sender, EventArgs e)
{
try
{
using (ServiceManagerHandle scmhandle = new ServiceManagerHandle(ScManagerAccess.CreateService))
{
ServiceType serviceType;
if (comboType.SelectedItem.ToString() == "Win32OwnProcess, InteractiveProcess")
{
serviceType = ServiceType.Win32OwnProcess |
ServiceType.InteractiveProcess;
}
else
{
serviceType = (ServiceType)Enum.Parse(typeof(ServiceType), comboType.SelectedItem.ToString());
}
var startType = (ServiceStartType)
Enum.Parse(typeof(ServiceStartType), comboStartType.SelectedItem.ToString());
var errorControl = (ServiceErrorControl)
Enum.Parse(typeof(ServiceErrorControl), comboErrorControl.SelectedItem.ToString());
scmhandle.CreateService(
textName.Text,
textDisplayName.Text,
serviceType,
startType,
errorControl,
textBinaryPath.Text,
null,
null,
null
).Dispose();
this.Close();
}
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to create the service", ex);
}
}
public ProcessAffinity(int pid)
{
InitializeComponent();
this.AddEscapeToClose();
this.SetTopMost();
_pid = pid;
try
{
using (ProcessHandle phandle = new ProcessHandle(pid, ProcessAccess.QueryInformation))
{
long systemMask;
long processMask;
processMask = phandle.GetAffinityMask(out systemMask);
for (int i = 0; (systemMask & (1 << i)) != 0; i++)
{
CheckBox c = new CheckBox();
c.Name = "cpu" + i.ToString();
c.Text = "CPU " + i.ToString();
c.Tag = i;
c.FlatStyle = FlatStyle.System;
c.Checked = (processMask & (1 << i)) != 0;
c.Margin = new Padding(3, 3, 3, 0);
flowPanel.Controls.Add(c);
}
}
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to get process affinity", ex);
this.Close();
return;
}
}
private void SetDepStatusKph()
{
DepStatus depStatus;
switch (this.comboStatus.SelectedItem.ToString())
{
case "Disabled":
depStatus = 0;
break;
case "Enabled":
depStatus = DepStatus.Enabled;
break;
case "Enabled, DEP-ATL thunk emulation disabled":
depStatus = DepStatus.Enabled | DepStatus.AtlThunkEmulationDisabled;
break;
default:
PhUtils.ShowError("Invalid value.");
return;
}
if (checkPermanent.Checked)
{
depStatus |= DepStatus.Permanent;
}
try
{
using (ProcessHandle phandle = new ProcessHandle(_pid, Program.MinProcessQueryRights))
phandle.DepStatus = depStatus;
this.DialogResult = DialogResult.OK;
this.Close();
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to set the DEP status", ex);
}
}
private void propertiesMenuItem_Click(object sender, EventArgs e)
{
string type = listHandles.SelectedItems[0].SubItems[1].Text;
if (type == "DLL" || type == "Mapped File")
{
FileUtils.ShowProperties(listHandles.SelectedItems[0].SubItems[2].Text);
return;
}
try
{
HandleList.ShowHandleProperties(
(SystemHandleEntry)listHandles.SelectedItems[0].Tag
);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to show handle properties", ex);
}
}
