public HackerWindow()
{
Program.HackerWindow = this;
processP = Program.ProcessProvider;
serviceP = Program.ServiceProvider;
networkP = Program.NetworkProvider;
InitializeComponent();
{ var handle = this.Handle; }
Program.HackerWindowHandle = this.Handle;
if (OSVersion.HasExtendedTaskbar)
{
Windows7Taskbar.AllowWindowMessagesThroughUipi();
Windows7Taskbar.AppId = "ProcessHacker";
Windows7Taskbar.ProcessAppId = "ProcessHacker";
thumbButtonManager = new ThumbButtonManager(this);
thumbButtonManager.TaskbarButtonCreated += new EventHandler(thumbButtonManager_TaskbarButtonCreated);
}
this.AddEscapeToClose();
Logging.Logged += this.QueueMessage;
Settings.Refresh();
this.LoadWindowSettings();
this.LoadOtherSettings();
this.LoadControls();
this.LoadNotificationIcons();
Program.AppInstance = new ApplicationInstance();
Program.AppInstance.MainMenu = new MainMenuManager(mainMenu.MenuItems);
Program.AppInstance.MainMenu.Hacker = new MenuItemManager(hackerMenuItem.MenuItems);
Program.AppInstance.MainMenu.View = new MenuItemManager(viewMenuItem.MenuItems);
Program.AppInstance.MainMenu.Tools = new MenuItemManager(toolsMenuItem.MenuItems);
Program.AppInstance.MainMenu.Help = new MenuItemManager(helpMenu.MenuItems);
this.LoadPlugins();
if ((!Properties.Settings.Default.StartHidden && !Program.StartHidden) ||
Program.StartVisible)
{
this.Visible = true;
}
if (tabControl.SelectedTab == tabProcesses)
treeProcesses.Tree.Select();
this.LoadOther();
this.LoadStructs();
vistaMenu.DelaySetImageCalls = false;
vistaMenu.PerformPendingSetImageCalls();
serviceP.RunOnceAsync();
serviceP.Enabled = true;
_dontCalculate = false;
}
public static void DumpProcesses(MemoryFileSystem mfs, ProcessSystemProvider provider)
{
using (var processes = mfs.RootObject.GetChild("Processes"))
{
var p = Windows.GetProcesses();
foreach (var process in p.Values)
{
using (var processChild = processes.CreateChild(process.Process.ProcessId.ToString("x")))
{
ProcessItem item = null;
if (provider != null)
{
if (provider.Dictionary.ContainsKey(process.Process.ProcessId))
{
item = provider.Dictionary[process.Process.ProcessId];
}
}
DumpProcess(processChild, process, item, p, Windows.GetHandles());
}
}
if (provider != null)
{
int dpcsPid = provider.DpcsProcess.Process.ProcessId;
int interruptsPid = provider.InterruptsProcess.Process.ProcessId;
using (var dpcsChild = processes.CreateChild(dpcsPid.ToString("x")))
{
DumpProcess(dpcsChild, provider.DpcsProcess, provider.Dictionary[dpcsPid], null, null);
}
using (var interruptsChild = processes.CreateChild(interruptsPid.ToString("x")))
{
DumpProcess(interruptsChild, provider.InterruptsProcess, provider.Dictionary[interruptsPid], null, null);
}
}
}
}
private static bool ProcessCommandLine(Dictionary<string, string> pArgs)
{
if (pArgs.ContainsKey("-assistant"))
{
Assistant.Main(pArgs);
return true;
}
if (pArgs.ContainsKey("-e"))
{
try
{
ExtendedCmd.Run(pArgs);
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to complete the operation", ex);
}
return true;
}
if (pArgs.ContainsKey("-installkph"))
{
try
{
using (ServiceManagerHandle scm = new ServiceManagerHandle(ScManagerAccess.CreateService))
{
using (ServiceHandle shandle = scm.CreateService(
"KProcessHacker2",
"KProcessHacker2",
ServiceType.KernelDriver,
ServiceStartType.SystemStart,
ServiceErrorControl.Ignore,
Application.StartupPath + "\\kprocesshacker.sys",
null,
null,
null
))
{
shandle.Start();
}
}
}
catch (WindowsException ex)
{
// Need to pass status back.
Environment.Exit((int)ex.ErrorCode);
}
return true;
}
if (pArgs.ContainsKey("-uninstallkph"))
{
try
{
using (ServiceHandle shandle = new ServiceHandle("KProcessHacker2", ServiceAccess.Stop | (ServiceAccess)StandardRights.Delete))
{
try { shandle.Control(ServiceControl.Stop); }
catch { }
shandle.Delete();
}
}
catch (WindowsException ex)
{
// Need to pass status back.
Environment.Exit((int)ex.ErrorCode);
}
return true;
}
if (pArgs.ContainsKey("-ip"))
InspectPid = int.Parse(pArgs["-ip"]);
if (pArgs.ContainsKey("-pw"))
{
int pid = int.Parse(pArgs["-pw"]);
PrimaryProviderThread = new ProviderThread(Settings.Instance.RefreshInterval);
SecondaryProviderThread = new ProviderThread(Settings.Instance.RefreshInterval);
ProcessProvider = new ProcessSystemProvider();
ServiceProvider = new ServiceProvider();
PrimaryProviderThread.Add(ProcessProvider);
PrimaryProviderThread.Add(ServiceProvider);
ProcessProvider.Boost();
ServiceProvider.Boost();
ProcessProvider.Enabled = true;
ServiceProvider.Enabled = true;
Win32.LoadLibrary(Settings.Instance.DbgHelpPath);
if (!ProcessProvider.Dictionary.ContainsKey(pid))
{
PhUtils.ShowError("The process (PID " + pid.ToString() + ") does not exist.");
Environment.Exit(0);
return true;
}
ProcessWindow pw = new ProcessWindow(ProcessProvider.Dictionary[pid]);
Application.Run(pw);
PrimaryProviderThread.Dispose();
ProcessProvider.Dispose();
ServiceProvider.Dispose();
Environment.Exit(0);
return true;
}
if (pArgs.ContainsKey("-pt"))
{
int pid = int.Parse(pArgs["-pt"]);
try
{
using (var phandle = new ProcessHandle(pid, Program.MinProcessQueryRights))
Application.Run(new TokenWindow(phandle));
}
catch (Exception ex)
{
PhUtils.ShowException("Unable to show token properties", ex);
}
return true;
}
if (pArgs.ContainsKey("-o"))
{
OptionsWindow options = new OptionsWindow(true)
{
StartPosition = FormStartPosition.CenterScreen
};
IWin32Window window;
if (pArgs.ContainsKey("-hwnd"))
window = new WindowFromHandle(new IntPtr(int.Parse(pArgs["-hwnd"])));
else
window = new WindowFromHandle(IntPtr.Zero);
if (pArgs.ContainsKey("-rect"))
{
Rectangle rect = Utils.GetRectangle(pArgs["-rect"]);
options.Location = new Point(rect.X + 20, rect.Y + 20);
options.StartPosition = FormStartPosition.Manual;
}
options.SelectedTab = options.TabPages["tabAdvanced"];
options.ShowDialog(window);
return true;
}
if (pArgs.ContainsKey(string.Empty))
if (pArgs[string.Empty].Replace("\"", string.Empty).Trim().EndsWith("taskmgr.exe", StringComparison.OrdinalIgnoreCase))
StartVisible = true;
if (pArgs.ContainsKey("-m"))
StartHidden = true;
if (pArgs.ContainsKey("-v"))
StartVisible = true;
if (pArgs.ContainsKey("-a"))
{
try { Unhook(); }
catch { }
try { NProcessHacker.KphHookInit(); }
catch { }
}
if (pArgs.ContainsKey("-t"))
{
if (pArgs["-t"] == "0")
SelectTab = "Processes";
else if (pArgs["-t"] == "1")
SelectTab = "Services";
else if (pArgs["-t"] == "2")
SelectTab = "Network";
}
return false;
}
private static void LoadProviders()
{
ProcessProvider = new ProcessSystemProvider();
ServiceProvider = new ServiceProvider();
NetworkProvider = new NetworkProvider();
Program.PrimaryProviderThread = new ProviderThread(Settings.Instance.RefreshInterval)
{
ProcessProvider,
ServiceProvider,
NetworkProvider
};
Program.SecondaryProviderThread = new ProviderThread(Settings.Instance.RefreshInterval);
}
private static void LoadProviders()
{
ProcessProvider = new ProcessSystemProvider();
ServiceProvider = new ServiceProvider();
NetworkProvider = new NetworkProvider();
Program.SharedThreadProvider =
new SharedThreadProvider(Properties.Settings.Default.RefreshInterval);
Program.SharedThreadProvider.Add(ProcessProvider);
Program.SharedThreadProvider.Add(ServiceProvider);
Program.SharedThreadProvider.Add(NetworkProvider);
Program.SecondarySharedThreadProvider =
new SharedThreadProvider(Properties.Settings.Default.RefreshInterval);
}
