April 29, 2024, 09:27:45 AM

News:

IonicWind Snippit Manager 2.xx Released!  Install it on a memory stick and take it with you!  With or without IWBasic!

Playing with processes. (sort of works)

Started by Copex, January 27, 2010, 10:23:26 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Copex

January 27, 2010, 10:23:26 AM Last Edit: January 28, 2010, 04:18:29 AM by Copex

the code is very bugie on win7 x64, works better xp 32bit will not run on win 9x, so is win NT only.

the kill process sub works and will terminate a processes, though results very if the process is a system process, it will kill the explorer.exe  but the OS auto re-stares the explorer.exe process, (Privileges ????)

SetPrivilege - well it works i think, i don't understand what i should be setting to get thing to work.

there are two methods of getting the EXE name, one uses  EnumProcessModules & GetModuleBaseName and the other use's the CreateToolhelp32Snapshot both a in there own subroutines, the   findProcessIdByName() sub has problems with x64 processes, i am unsure if this is just down to Privileges/API/MYCode if there is anyway round this, it work alot better on win32 but sill kicks out "access denied" errors, as i never got it to work i never impmented the return of the pid for the killprocess sub.

oh.... sorry 4 the messy code.

Code Select

'
'requires Sapero's Windows include files
'---------------------------------------
'
'this code works better on Win32 than Win64 - can anyone fix it :-)
'
$ifndef WIN32
$define WIN32
$endif

$ifdef WIN32
$define WIN32_LEAN_AND_MEAN
$endif

$include "windowssdk.inc"
$include "Psapi.inc"
$include "TlHelp32.inc"

DWORD aProcesses[1024], cbNeeded, cProcesses, procId, bProcess[512]
handle hProcess, hTokenSelf, hProcSelf

OPENCONSOLE

'// Get PID (Process ID) From window name and kill process.
'//--------------------------------------------------------

/*
hWnd = FindWindowA(NULL,"Calculator")

if hWnd >0
_GetWindowThreadProcessId(hWnd, &procId)
killProcess(procId)
ENDIF
*/

'// Get number of running Processes used by findProcessIdByName()
'
'EnumProcesses( aProcesses, len(aProcesses), &cbNeeded )
'cProcesses = cbNeeded/len(DWORD)

'// set privilages ( Not sure i got this working 100% still getting "access denied" errors
hProcSelf = OpenProcess( PROCESS_ALL_ACCESS,FALSE,GetCurrentProcessId() )
OpenProcessToken(hProcSelf,TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY ,&hTokenSelf)

'SetPrivilege( hTokenSelf, SE_TCB_NAME, TRUE )
'SetPrivilege( hTokenSelf, SE_IMPERSONATE_NAME, TRUE )

SetPrivilege(hTokenSelf,"SeDebugPrivilege",true)

'//check each PID and get filename.
'for i = 0 to cProcesses
' findProcessIdByName(aProcesses[i])
'next i

'// find process id from exe using CreateToolhelp32Snapshot & Kill the process, some process auto restart.
'
'retval = findPIDByName("explorer.exe")
retval = findPIDByName("calc.exe")

if retval <>0
killProcess(retval)
ELSE
print "Process Not Found."
ENDIF

'// terminate this program


print "Press any key to get the hell out of here"
WAITCON

CLOSECONSOLE
END




sub findPIDByName(string fileNameToFindPID),int
'// required by fined PIDByName
const TH32CS_SNAPHEAPLIST =0x00000001
const TH32CS_SNAPPROCESS =0x00000002
const TH32CS_SNAPTHREAD =0x00000004
const TH32CS_SNAPMODULE =0x00000008
const TH32CS_SNAPMODULE32 =0x00000010
const TH32CS_SNAPALL =(TH32CS_SNAPHEAPLIST | TH32CS_SNAPPROCESS | TH32CS_SNAPTHREAD | TH32CS_SNAPMODULE)
const TH32CS_INHERIT =0x80000000
const PROCESS_ALL_ACCESS =0x1F0FFF


type PROCESSENTRY32
uint dwSize
uint cntUsage
uint th32ProcessID
uint th32DefaultHeapID
uint th32ModuleID
uint cntThreads
uint th32ParentProcessID
uint pcPriClassBase
uint dwFlags
istring szExeFile[259]
endtype

def pe:PROCESSENTRY32
string item,PID
int retval, x = 0


hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0)
pe.dwSize=len(pe)
retval=Process32First(hSnapshot,pe)

do

if LCASE$(pe.szExeFile) = LCASE$(fileNameToFindPID)
CloseHandle(hSnapshot)
return pe.th32ProcessID
ENDIF
item = pe.szExeFile
PID = STR$(pe.th32ProcessID)

print "["+pid+"] "+item

x++

dwPriorityClass = 0

  hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE,pe.th32ProcessID)

   if hProcess = NULL
     print error("Open Process Fail findpidbyname ")
   else
   
     dwPriorityClass = GetPriorityClass(hProcess)

     if dwPriorityClass <>0
'print dwPriorityClass
ELSE
print error("dwPriorityClass")
endif
CloseHandle(hProcess)

/*' Print process Info
   print "process ID        = ",pe.th32ProcessID
   print "thread count      = ",pe.cntThreads
   print "parent process ID = ",pe.th32ParentProcessID
   print "Priority Base     = ",pe.pcPriClassBase
print "Priority Class    = ",dwPriorityClass
*/
endif

pe.dwSize=len(PROCESSENTRY32)
retval=Process32Next(hSnapshot,pe)

until retval = false

CloseHandle(hSnapshot)
return 0
ENDSUB

sub findProcessIdByName(int processID),INT

int ret
string szProcessName

szProcessName = SPACE$(255)

hProcess = OpenProcess(PROCESS_QUERY_INFORMATION|PROCESS_VM_READ, FALSE,processID )

if hProcess <>0

ret = EnumProcessModules( hProcess, bProcess[0], len(bProcess), &cbNeeded)

if ret <>0
ret = GetModuleBaseName(hProcess, bProcess[0], szProcessName,len(szProcessName))
' ret = GetModuleFileNameEx(hProcess, bProcess[0], szProcessName,len(szProcessName))


if ret <>0
print szProcessName
ELSE
print error("GetModule")
ENDIF

ELSE
error("EnumProcessModules")
ENDIF
CloseHandle( hProcess )
ELSE
print error( "Openprocess Failed"+str$(processID))
ENDIF
return 0
ENDSUB

sub killProcess(int PID)

HANDLE hProc

hProc = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_TERMINATE, FALSE, PID)

         if hProc <>0

              if TerminateProcess(hProc, 0) <>0
                   MessageBox (NULL, "CLOSED", "CLOSED", @MB_ICONSTOP)
              else
                   MessageBox (NULL, error("SUB KillProcess "), "NOT CLOSED PID"+str$(procId), @MB_ICONSTOP)
                 CloseHandle(hProc)
  endif
         else
              MessageBox (NULL, error("SUB KillProcess "),"I CANT CLOSE "+str$(procId),@MB_ICONSTOP)
 ENDIF
ENDSUB


sub SetPrivilege(HANDLE hToken, string lpszPrivilege,INT bEnablePrivilege)

TYPE TOKEN_PRIVILEGES
DEF PrivilegeCount:INT
DEF LowPart:INT
DEF HighPart:INT
DEF Attributes:INT
ENDTYPE


def tp:TOKEN_PRIVILEGES
def luid:LUID

if LookupPrivilegeValue(NULL,lpszPrivilege,&luid ) = 0
error("LookupPrivilegeValue error: ")
return FALSE
ENDIF

tp.PrivilegeCount = 1
tp.Privileges[0].Luid = luid

   if bEnablePrivilege = true
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED
else
tp.Privileges[0].Attributes = 0
ENDIF

'// Enable the privilege or disable all privileges.

if AdjustTokenPrivileges(hToken,FALSE, &tp, LEN(TOKEN_PRIVILEGES), 0, 0) =0
error("AdjustTokenPrivileges error:")
 return FALSE
ENDIF

if GetLastError() = ERROR_NOT_ALL_ASSIGNED

 print "The token does not have the specified privilege."
 return FALSE
ENDIF

return TRUE

ENDSUB

SUB error(string errorCall),string  

  INT CodeErrorId, nBufferSize, flag
  STRING sBuffer,retError  

  nBufferSize = 1024
  sBuffer = String$(nBufferSize, Chr$(0))
  flag=FORMAT_MESSAGE_FROM_SYSTEM

  CodeErrorId=GetLastError()

  FormatMessage(flag, NULL,CodeErrorId,LANG_NEUTRAL, sBuffer, nBufferSize ,NULL )
retError = errorCall+" / "+sBuffer+" / ErrorID = "+str$(CodeErrorID)

return retError

endsub
-
I really should learn how to use a spell checker! though im not sure how it will help someone who can not spell?
-
Except where otherwise noted, content Posted By Copex is
licensed under a Creative Commons Attribution 3.0 License

http://creativecommons.org/licenses/by/3.0/
User actions
Print
Go Up Pages1