-
Notifications
You must be signed in to change notification settings - Fork 15
Expand file tree
/
Copy pathuseful.cpp
More file actions
116 lines (101 loc) · 2.29 KB
/
useful.cpp
File metadata and controls
116 lines (101 loc) · 2.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
#include <windows.h>
#include <stdio.h>
#include <TlHelp32.h>
#include "useful.h"
/*
* Sets debug privileges to current process.
*/
bool SetDebugPrivileges()
{
HANDLE hToken;
LUID LuidValue;
TOKEN_PRIVILEGES tp;
bool fResult = false;
if (OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
{
if (LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &LuidValue))
{
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid = LuidValue;
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
if (AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(tp), NULL, NULL))
{
fResult = true;
}
}
CloseHandle(hToken);
}
return fResult;
}
/*
* Returns true if Process ID is found.
*/
bool GetProcessName(DWORD dwProcessId, wchar_t* szProcessName, size_t nMaxProcessName)
{
bool fResult = false;
HANDLE hSnapshot = NULL;
PROCESSENTRY32 pe32 = { 0 };
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0 );
if ( hSnapshot != INVALID_HANDLE_VALUE )
{
pe32.dwSize = sizeof(PROCESSENTRY32);
if (Process32First(hSnapshot, &pe32))
{
do
{
if ( pe32.th32ProcessID == dwProcessId)
{
memset(szProcessName, 0, nMaxProcessName);
wcsncpy_s(szProcessName, nMaxProcessName, pe32.szExeFile, __min(nMaxProcessName, wcslen(pe32.szExeFile)));
fResult = true;
break;
}
} while (Process32Next(hSnapshot, &pe32));
}
CloseHandle(hSnapshot);
}
return fResult;
}
/*
* Returns true if process id has been found.
*/
bool ProcessExist(DWORD dwProcessId)
{
bool fResult = false;
HANDLE hSnapshot = NULL;
PROCESSENTRY32 pe32 = { 0 };
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0 );
if ( hSnapshot != INVALID_HANDLE_VALUE )
{
pe32.dwSize = sizeof(PROCESSENTRY32);
if (Process32First(hSnapshot, &pe32))
{
do
{
if ( pe32.th32ProcessID == dwProcessId)
{
//
// process found, abort
//
fResult = true;
break;
}
} while (Process32Next(hSnapshot, &pe32));
}
CloseHandle(hSnapshot);
}
return fResult;
}
/*
* Returns true if process name is csrss.exe
*/
bool IsCSRSSProcess(DWORD dwProcessId)
{
wchar_t szName[ 0x100 ]= { 0 };
if (GetProcessName(dwProcessId, szName, sizeof(szName)/sizeof(szName[0])))
{
if (_wcsicmp(L"csrss.exe", szName) == 0 )
return true;
}
return false;
}