2022-05-04 03:09:23 +00:00
// process_util.h : include utilities for manage folders
//
// Author: Gongbing
//
// Date: 2016-09-25
# pragma once
# include <string>
# include <vector>
# ifndef _INCLUDED_REF_
# define _INCLUDED_REF_
# include "../ref/ref.h"
# endif
# define STATUS_SUCCESS 0x00000000
# define STATUS_BUFFER_OVERFLOW 0x80000005
# define STATUS_INFO_LENGTH_MISMATCH 0xC0000004
// process utils
namespace process_util
{
PORT_API ( int ) start_program ( const wchar_t * prog_file , const wchar_t * param , bool show_wnd , DWORD * pid = NULL , bool as_admin = false , const wchar_t * path_dll = NULL ) ;
PORT_API ( bool ) is_me_in_admin ( void ) ;
PORT_API ( int ) try_me_in_admin ( bool show_wnd , DWORD * pid = NULL , const wchar_t * append_param = NULL ) ;
PORT_API ( int ) start_program_as_current_user ( const wchar_t * prog_file , const wchar_t * param , bool show_wnd , unsigned * proc_id = NULL , bool merge_pe_2_param = true , const wchar_t * path_dll = NULL ) ;
PORT_API ( bool ) start_program_by_cmd ( const wchar_t * prog_file , const wchar_t * param ) ;
PORT_API ( bool ) query_acting_user_token ( HANDLE * aut ) ;
PORT_API ( int ) enable_privilege ( const wchar_t * privilege_name , bool enabled ) ;
PORT_API ( bool ) kill_process_by_name ( const wchar_t * proc_name , const wchar_t * taskkill_path = NULL ) ;
PORT_API ( bool ) is_process_living ( const wchar_t * proc_name , DWORD * pid = NULL ) ;
// parameter of result:
// data: (wchar_t*)pe_path_file
// len: process id
// total: parent process id
PORT_API ( void ) enum_processes ( inter_module_data : : set_data result , void * param ) ;
// parameter of result:
// data: (wchar_t*)module path file
// len: base address
// total: module size
PORT_API ( void ) enum_modules ( DWORD proc_id , inter_module_data : : set_data result , void * param ) ;
PORT_API ( bool ) module_pe_from_run_address ( void * addr , wchar_t path_name [ MAX_PATH ] , void * * base_addr = NULL ) ;
2023-09-13 04:45:10 +00:00
PORT_API ( bool ) module_pe_from_run_address ( void * addr , void * * base_addr = NULL ) ;
2022-05-04 03:09:23 +00:00
PORT_API ( int ) find_resource ( HINSTANCE inst , const wchar_t * res_type , UINT res_id , inter_module_data : : set_data result , void * param ) ;
PORT_API ( bool ) is_pe_checksum_ok ( const wchar_t * pe_path_file , DWORD * lppe_chksum = NULL , DWORD * lpfile_chksum = NULL ) ;
PORT_API ( bool ) get_module_info ( HMODULE module , void * * base , void * * entry , size_t * size ) ;
PORT_API ( bool ) get_process_time ( DWORD proc_id , LPFILETIME start = NULL , LPFILETIME kern = NULL , LPFILETIME user = NULL ) ;
PORT_API ( DWORD ) get_parent_process ( DWORD proc_id ) ;
PORT_API ( int ) get_process_name ( DWORD proc_id , wchar_t path_name [ MAX_PATH ] ) ;
PORT_API ( int ) get_self_pathname ( wchar_t path_name [ MAX_PATH ] , bool call_module = false /*default to get exe pathname*/ ) ;
PORT_API ( void ) quit_and_delete_self ( void ) ;
PORT_API ( char * ) set_command_lineA ( char * cmda ) ; // the return buffer need not free
PORT_API ( wchar_t * ) set_command_lineW ( wchar_t * cmda , bool is_setpeb ) ; // the return buffer need not free
PORT_API ( void ) set_peb_command_lineW ( wchar_t * cmda ) ;
PORT_API ( HANDLE ) get_file_handle_by_name ( const wchar_t * filename , ULONG * pid = NULL ) ;
PORT_API ( BOOL ) is_wow64_process ( DWORD proc_id ) ;
PORT_API ( HMODULE ) load_system_dll ( const wchar_t * dll ) ;
PORT_API ( void * ) write_to_process ( HANDLE proc , const void * src , int bytes ) ;
PORT_API ( void * ) write_to_process ( DWORD proc_id , const void * src , int bytes ) ;
PORT_API ( int ) read_process_memory ( DWORD proc_id , void * base_addr , int read_bytes , unsigned char * buf ) ; // read proc_id [base_addr, base_addr] contents into buf, return error code, 0 is success
// function: create a remote thread in given process
// proc_id: the target process ID
// code_bytes: remote thread code size in bytes
// susbend: whether to supspend this thread when create it
// parameter_size: remote thread parameter size
// tid: to receive the remote thread id
// thread: to receive the remote thread handle
// fill: to fill the thread code and parameter in this callback
// data: unused, always be NULL
// len: (LPVOID), the memory address in process proc_id
// total: (unsigned char*), to receive the content
// flag: write code when DATA_FLAG_REMOTE_THREAD_INSTRUCT, or parameter when DATA_FLAG_REMOTE_THREAD_PARAMETER if parameter_bytes was great than ZERO
// param: the same as 'param'
// param: parameter 'param' of callback fill
// return: error code, 0 is success
PORT_API ( int ) create_remote_thread ( DWORD proc_id , int code_bytes , inter_module_data : : set_data fill , void * param , bool suspend = false
, int parameter_bytes = 0 , DWORD * tid = NULL , HANDLE * thread = NULL ) ;
// code and param: [in] - the source code or parameter buffer; [out] - remote code or parameter buffer
PORT_API ( int ) create_remote_thread ( DWORD proc_id , const unsigned char * * code , int code_bytes , bool suspend = false
, const unsigned char * * param = NULL , int param_bytes = 0 , DWORD * tid = NULL , HANDLE * thread = NULL ) ;
PORT_API ( bool ) get_api_in_process ( DWORD proc_id , const wchar_t * dll , const char * apis /*GetTickCount\0CreateFileW\0\0*/ , FARPROC * api_addrs /*length as same as apis*/ ) ;
PORT_API ( HMODULE ) load_dll_in_process ( DWORD proc_id , const wchar_t * path_dll ) ; // return the loaded dll handle in the process
PORT_API ( HMODULE ) free_dll_in_process ( DWORD proc_id , const wchar_t * path_dll ) ; // return the dll in the process
enum _inst_statu
{
INST_STATU_FIRST = 0 , // 0 - I am the FIRST instance
INST_STATU_FAILED_CREATE , // 1 - no instance existing and failed to create the singleton instance
INST_STATU_INFO_FIRST , // 2 - an instance is already existing and informed my parameter
INST_STATU_FAILED_INFO_FIRST , // 3 - an instance is already existing and failed in informing my parameter
INST_STATU_ID_USED , // 4 - the name is used by other object
INST_STATU_UNKNOWN = 10 , // unknown error
} ;
__declspec ( novtable ) struct ISingleton : public ref_util : : IRef
{
COM_API_DECLARE ( _inst_statu , statu ( void ) ) ;
COM_API_DECLARE ( bool , set_max_run_seconds ( DWORD seconds = - 1 ) ) ; // quit after seconds when not -1
} ;
__declspec ( novtable ) struct ICmd : public ref_util : : IRef
{
COM_API_DECLARE ( void , reset ( const wchar_t * cmdline = NULL ) ) ; // reset command line string, use GetCommandLineW if cmd_line was NULL
COM_API_DECLARE ( long , count ( void ) ) ; // return parameter count, if has key-val pair, then count them as 2
// function: whether the command line has 'param'
// case_sens: is case sensitive
// ind: to receive the index in command line if has
COM_API_DECLARE ( bool , has ( const wchar_t * param , bool case_sens = false , int * ind = NULL ) ) ;
COM_API_DECLARE ( bool , is_first_main_pe ( void ) ) ; // return whether the first parameter is main-pe
COM_API_DECLARE ( const wchar_t * , parameter ( int index ) ) ; // ZERO-based index, should not free the return buffer but use it immediately
// key: the key for the parameter
// case_sens: whether the 'key' is case sensitive
// return: return im.exe of key '/im' in "taskkill /f /im im.exe", should not free but use it immediately
COM_API_DECLARE ( const wchar_t * , parameter ( const wchar_t * key , bool case_sens = false ) ) ;
COM_API_DECLARE ( const wchar_t * , main_pe ( void ) ) ; // DO NOT free the return buffer but use it immediately
COM_API_DECLARE ( int , add ( const wchar_t * param , bool case_sens = false , int index = - 1 ) ) ;
COM_API_DECLARE ( int , add ( const wchar_t * key , const wchar_t * val , bool case_sens = false , int index = - 1 ) ) ;
// if as_key was true, then remove param and the next item to it
COM_API_DECLARE ( int , remove ( const wchar_t * param , bool case_sens = false , bool as_key = false ) ) ;
COM_API_DECLARE ( int , remove ( int index ) ) ;
// function: convert to a command line string
// buf: to receive the string, can be NULL
// len: [in] - count of buf, [out] - content length in buf, if buf was NULL or len is small, then contains the minimum length and return ERROR_INSUFFICIENT_BUFFER
// return: ERROR_SUCCESS if buf is length enough, or ERROR_INSUFFICIENT_BUFFER if len was less than required,
COM_API_DECLARE ( int , to_command_line ( wchar_t * buf , int * len ) ) ;
// data: (const wchar_t*)
// len: bytes of 'data'
// total: unused, be ZERO
// flag: inter_module_data::DATA_FLAG_FINAL
// param: same as 'user'
COM_API_DECLARE ( int , to_command_line ( INTER_MODULE_CALLBACK_VAR ( got_result ) , void * user ) ) ;
} ;
PORT_API ( long ) invoke_api ( FARPROC func , bool stdcall_ , int param_count , void * * params , int * ret_val = NULL ) ;
PORT_API ( long ) invoke_api ( const wchar_t * path_module , const char * api , bool stdcall_ , int param_count , void * * params , int * ret_val = NULL ) ;
// parameter of result:
// data: (const wchar_t*)command line
// len: length of (const wchar_t*)data
// total: as same as len
// flag: DATA_FLAG_FINAL in commonplace, or DATA_FLAG_UNKNOWN to quit
// param: like 'param'
PORT_API ( ISingleton * ) create_singleton ( const wchar_t * inst_id , inter_module_data : : set_data result , void * param ) ;
PORT_API ( ICmd * ) create_command_line ( const wchar_t * cmd = NULL ) ;
enum _console_attr
{
CA_FOREGROUND_BLUE = FOREGROUND_BLUE ,
CA_FOREGROUND_GREEN = FOREGROUND_GREEN ,
CA_FOREGROUND_RED = FOREGROUND_RED ,
CA_FOREGROUND_INTENSITY = FOREGROUND_INTENSITY ,
CA_BACKGROUND_BLUE = BACKGROUND_BLUE ,
CA_BACKGROUND_GREEN = BACKGROUND_GREEN ,
CA_BACKGROUND_RED = BACKGROUND_RED ,
CA_BACKGROUND_INTENSITY = BACKGROUND_INTENSITY ,
} ;
PORT_API ( WORD ) set_console_attribute ( WORD attr ) ;
PORT_API ( ICmd * ) from_console ( const wchar_t * tips = L " input " ) ;
PORT_API ( ICmd * ) from_console ( const char * tips = " input " ) ;
2023-09-13 04:45:10 +00:00
__declspec ( novtable ) struct IDebugMemLeaker : public ref_util : : IRef
{
COM_API_DECLARE ( void , start ( void ) ) ;
// parameter of result:
// data: leaked memory address
// len: bytes of data
// total: unused, be ZERO
// flag: DATA_FLAG_FINAL
// param: like 'param'
COM_API_DECLARE ( void , report ( inter_module_data : : set_data result = NULL , void * param = NULL ) ) ;
} ;
PORT_API ( IDebugMemLeaker * ) create_debug_memory_leaking_reporter ( void ) ;
2022-05-04 03:09:23 +00:00
}