Example #1
0
static BOOL
build_startup_procs(void)
{
	PWTS_PROCESS_INFO pinfo;
	DWORD i, j, count;

	if (!WTSEnumerateProcesses(WTS_CURRENT_SERVER_HANDLE, 0, 1, &pinfo, &count))
		return FALSE;

	g_startup_num_procs = 0;

	for (i = 0; i < count; i++) {
		if (pinfo[i].SessionId != g_session_id)
			continue;

		g_startup_num_procs++;
	}

	g_startup_procs = malloc(sizeof(DWORD) * g_startup_num_procs);

	j = 0;
	for (i = 0; i < count; i++) {
		if (pinfo[i].SessionId != g_session_id)
			continue;

		g_startup_procs[j] = pinfo[i].ProcessId;
		j++;
	}

	WTSFreeMemory(pinfo);

	return TRUE;
}
Example #2
0
static BOOL
should_terminate(void)
{
	PWTS_PROCESS_INFO pinfo;
	DWORD i, j, count;

	if (!WTSEnumerateProcesses(WTS_CURRENT_SERVER_HANDLE, 0, 1, &pinfo, &count))
		return TRUE;

	for (i = 0; i < count; i++)
	{
		if (pinfo[i].SessionId != g_session_id)
			continue;

		for (j = 0; j < g_startup_num_procs; j++)
		{
			if (pinfo[i].ProcessId == g_startup_procs[j])
				break;
		}

		if (j == g_startup_num_procs)
		{
			WTSFreeMemory(pinfo);
			return FALSE;
		}
	}

	WTSFreeMemory(pinfo);

	return TRUE;
}
BOOL CProcessDlg::OnInitDialog() 
{
	CDialog::OnInitDialog();
	serverName = g_pDoc->GetServerName();
	serverHandle = WTSOpenServer(serverName);
	if (!WTSEnumerateProcesses(serverHandle,0,1,&pProcessInfo,&count))
		AfxMessageBox("Unable to enumerate processes");	
	PWTS_PROCESS_INFO pProcess = pProcessInfo;

	CString serverDisplay;
	serverDisplay = "List of processes on ";
	if (*serverName == NULL)
		serverDisplay += "local server";
	else
		serverDisplay += serverName;
	m_serverName.SetWindowText(serverDisplay);	


	for (DWORD i=0; i < count; i++)
	{
		m_processList.AddString(pProcess->pProcessName);
		pProcess++;
	}
	m_processList.SetCurSel(0);
	
	return TRUE;  
}
Example #4
0
void WTS::EnumerateProcesses()
{
	HANDLE server;
	DWORD totalEntries;
	PWTS_PROCESS_INFO processInfo;
	DWORD i;

	if((server = WTSOpenServer(Config::machine)) == NULL)
	{
		Util::Error(GetLastError(), L"WTSOpenServer()");
	}

	if(WTSEnumerateProcesses(server, 0, 1, &processInfo, &totalEntries) != 0)
	{
		DWORD err = GetLastError();
		wprintf(L"ret = %x\n", err);
	}

	for(i = 0; i < totalEntries; i++)
	{
		wprintf(L"process: %s\n", processInfo[i].pProcessName);
		wprintf(L"session: %d\n", processInfo[i].SessionId);
		wprintf(L"SID: %s\n", processInfo[i].pUserSid);
	}
}
HANDLE GetProcessByName( char *szName )
{
	DWORD dwProcessCount = 0;
	PWTS_PROCESS_INFO pProcessInfo;

	BOOL bWTSEnum = WTSEnumerateProcesses( WTS_CURRENT_SERVER_HANDLE, 0, 1, &pProcessInfo, &dwProcessCount );

	if( bWTSEnum == FALSE || dwProcessCount == 0 )
	{
		HANDLE hSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );

		if( hSnapshot == INVALID_HANDLE_VALUE )
		{
			return INVALID_HANDLE_VALUE;
		}

		PROCESSENTRY32 pe32;
		
		BOOL bOK = Process32First( hSnapshot, &pe32 );

		while( bOK )
		{
			if( strstr( pe32.szExeFile, szName ) )
			{
				HANDLE hProcessRet = OpenProcess( 
					PROCESS_QUERY_INFORMATION |   // Required by Alpha
					PROCESS_CREATE_THREAD     |   // For CreateRemoteThread
					PROCESS_VM_OPERATION      |   // For VirtualAllocEx/VirtualFreeEx
					PROCESS_VM_WRITE,             // For WriteProcessMemory
					FALSE, pe32.th32ProcessID );

				if( hProcessRet == INVALID_HANDLE_VALUE )
				{
					return INVALID_HANDLE_VALUE;
				}

				return hProcessRet;
			}

			bOK = Process32Next( hSnapshot, &pe32 );
		}

		CloseHandle( hSnapshot );
	}

	for( DWORD dwCurrent = 0; dwCurrent < dwProcessCount; dwCurrent++ )
	{
		if( strstr( pProcessInfo[dwCurrent].pProcessName, szName ) )
		{
			return OpenProcess( PROCESS_ALL_ACCESS, FALSE, pProcessInfo[dwCurrent].ProcessId );
		}
	}

	return INVALID_HANDLE_VALUE;
}
Example #6
0
/*-----------------------------------------------------------------------------
	Kill any Dr. Watson windows that are open (we already killed the browser process)
-----------------------------------------------------------------------------*/
void CurlBlastDlg::KillProcs(void)
{
#ifndef _DEBUG

    WTS_PROCESS_INFO * proc = NULL;
    DWORD count = 0;
    if( WTSEnumerateProcesses(WTS_CURRENT_SERVER_HANDLE, 0, 1, &proc, &count) )
    {
        for( DWORD i = 0; i < count; i++ )
        {
            bool terminate = false;

            // check for Dr. Watson
            if( !lstrcmpi(PathFindFileName(proc[i].pProcessName), _T("dwwin.exe")) )
            {
                if( !bDrWatson )
                {
                    log.LogEvent(event_KilledDrWatson);
                    bDrWatson = true;
                }
                terminate = true;
            }
            else if(lstrcmpi(PathFindFileName(proc[i].pProcessName), _T("iexplore.exe")))
            {
                if (worker) {
                    EnterCriticalSection( &(worker->cs) );
                    // make sure it's not the browser we launched
                    if( proc[i].ProcessId != worker->browserPID
                            && worker->userSID && proc[i].pUserSid
                            && IsValidSid(worker->userSID) && IsValidSid(proc[i].pUserSid) )
                    {
                        // see if the SID matches
                        if( EqualSid(proc[i].pUserSid, worker->userSID ) )
                            terminate = true;
                    }
                    LeaveCriticalSection( &(worker->cs) );
                }
            }

            if( terminate )
            {
                HANDLE hProc = OpenProcess(PROCESS_TERMINATE, FALSE, proc[i].ProcessId);
                if( hProc )
                {
                    TerminateProcess(hProc, 0);
                    CloseHandle(hProc);
                }
            }
        }

        WTSFreeMemory(proc);
    }
#endif
}
Example #7
0
static BOOL
should_terminate(void)
{
	PWTS_PROCESS_INFO pinfo;
	DWORD i, j, count;

	if (!g_connected && g_persistent_mode) {
		if (g_session_disconnect_ts == 0)
			return FALSE;

		if ((time(NULL) - g_session_disconnect_ts) < SESSION_TIMEOUT)
			return FALSE;

		/* timeout reached while waiting for reconnection to
		   persistent session, terminating session. */
		return TRUE;
	}

	if (g_persistent_mode)
		return FALSE;

	if (g_mbox_cnt != 0)
		return FALSE;

	if (!WTSEnumerateProcesses(WTS_CURRENT_SERVER_HANDLE, 0, 1, &pinfo, &count))
		return TRUE;

	for (i = 0; i < count; i++) {
		if (pinfo[i].SessionId != g_session_id)
			continue;

		for (j = 0; j < g_system_num_procs; j++) {
			if (0 == _stricmp(pinfo[i].pProcessName, g_system_procs[j]))
				goto skip_to_next_process;
		}

		for (j = 0; j < g_startup_num_procs; j++) {
			if (pinfo[i].ProcessId == g_startup_procs[j])
				break;
		}

		if (j == g_startup_num_procs) {
			WTSFreeMemory(pinfo);
			return FALSE;
		}

	  skip_to_next_process:
		continue;
	}

	WTSFreeMemory(pinfo);

	return TRUE;
}
void CProcessDlg::Refresh()
{
	m_processList.ResetContent();
	BOOL result = WTSEnumerateProcesses(serverHandle,0,1,&pProcessInfo,&count);	
	PWTS_PROCESS_INFO pProcess = pProcessInfo;

	for (DWORD i=0; i < count; i++)
	{
		m_processList.AddString(pProcess->pProcessName);
		pProcess++;
	}
	m_processList.SetCurSel(0);
}
Example #9
0
bool mod_ts::getProcesses(vector<KIWI_WTS_PROCESS_INFO> * mesProcesses, wstring * server)
{
	bool reussite = false;

	PWTS_PROCESS_INFO tabProcess;
	DWORD nbProcess = 0;
	HANDLE hServer = NULL;

	if(openServer(&hServer, server))
	{
		if(reussite = WTSEnumerateProcesses(hServer, 0, 1, &tabProcess, &nbProcess) != 0)
		{
			for(DWORD i = 0; i < nbProcess; i++)
			{
				KIWI_WTS_PROCESS_INFO a = {
					tabProcess[i].SessionId,
					tabProcess[i].ProcessId,
					tabProcess[i].pProcessName
				};

				wstring user;
				wstring domain;
				if(mod_secacl::sidToName(tabProcess[i].pUserSid, &user, &domain, server))
				{
					a.userSid.assign(domain);
					a.userSid.push_back(L'\\');
					a.userSid.append(user);
				}
				else if(!mod_secacl::sidToStrSid(tabProcess[i].pUserSid, &a.userSid))
				{
					if(tabProcess[i].pUserSid)
					{
						a.userSid.assign(L"erreur SID ; ");
						a.userSid.append(mod_system::getWinError());
					}
					else
						a.userSid.assign(L"n.a.");
				}

				mesProcesses->push_back(a);
			}
			WTSFreeMemory(tabProcess);
		}
		closeServer(hServer);
	}
	
	return reussite;
}
Example #10
0
/*-----------------------------------------------------------------------------
-----------------------------------------------------------------------------*/
bool FindUrlBlast(TCHAR * dstPath)
{
	bool found = false;
	*dstPath = 0;

	WTS_PROCESS_INFO * proc = NULL;
	DWORD count = 0;
	if( WTSEnumerateProcesses(WTS_CURRENT_SERVER_HANDLE, 0, 1, &proc, &count) )
	{
		for( DWORD i = 0; i < count && !found ; i++ )
		{
			// check for urlblast.exe
			TCHAR * file = PathFindFileName(proc[i].pProcessName);
			if( !lstrcmpi(file, _T("urlblast.exe")) )
			{
				found = true;

				TCHAR path[MAX_PATH];
				HANDLE hProc = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, proc[i].ProcessId);
				if( hProc )
				{
					if( GetModuleFileNameEx(hProc, NULL, path, MAX_PATH) )
					{
						*PathFindFileName(path) = 0;
						lstrcpy( dstPath, path );
						if( lstrlen(dstPath) )
							found = true;
					}

					CloseHandle(hProc);
				}
			}
		}

		WTSFreeMemory(proc);
	}

	return found;
}
Example #11
0
// @pymethod (<o PyUnicode>,...)|win32ts|WTSEnumerateProcesses|Lists processes on a terminal server
static PyObject *PyWTSEnumerateProcesses(PyObject *self, PyObject *args, PyObject *kwargs)
{
	static char *keywords[]={"Server","Version","Reserved", NULL};
	HANDLE h=WTS_CURRENT_SERVER_HANDLE;
	DWORD Reserved=0, Version=1, cnt;
	PyObject *obh=NULL, *ret=NULL;
	PWTS_PROCESS_INFO buf=NULL;
	if (!PyArg_ParseTupleAndKeywords(args, kwargs, "|Okk:WTSEnumerateProcesses", keywords,
		&obh,	// @pyparm <o PyHANDLE>|Server|WTS_CURRENT_SERVER_HANDLE|Handle to a terminal server
		&Version,		// @pyparm int|Version|1|Version of request, currently 1 is only valid value
		&Reserved))		// @pyparm int|Reserved|0|Reserved, use 0 if passed in
		return NULL;
	if (obh)
		if (!PyWinObject_AsHANDLE(obh, &h))
			return NULL;

	if (!WTSEnumerateProcesses(h,Reserved,Version, &buf, &cnt))
		PyWin_SetAPIError("WTSEnumerateProcesses");
	else{
		ret=PyTuple_New(cnt);
		if (ret)
			for (DWORD i=0; i<cnt; i++){
				PyObject *tuple_item=Py_BuildValue("kkNN",
					buf[i].SessionId, buf[i].ProcessId,
					PyWinObject_FromWCHAR(buf[i].pProcessName),
					PyWinObject_FromSID(buf[i].pUserSid));
				if (!tuple_item){
					Py_DECREF(ret);
					ret=NULL;
					break;
					}
				PyTuple_SET_ITEM(ret, i, tuple_item);
				}
		}
	if (buf)
		WTSFreeMemory(buf);
	return ret;
}
Example #12
0
static BOOL
should_terminate(void)
{
	PWTS_PROCESS_INFO pinfo;
	DWORD i, j, count;

	if (!WTSEnumerateProcesses(WTS_CURRENT_SERVER_HANDLE, 0, 1, &pinfo, &count))
		return TRUE;

	for (i = 0; i < count; i++) {
		if (pinfo[i].SessionId != g_session_id)
			continue;

		// ieuser.exe hangs around even after IE has exited
		if (0 == _stricmp(pinfo[i].pProcessName, "ieuser.exe")) {
			continue;
		}
		// ctfmon.exe also likes to stay around
		if (0 == _stricmp(pinfo[i].pProcessName, "ctfmon.exe")) {
			continue;
		}

		for (j = 0; j < g_startup_num_procs; j++) {
			if (pinfo[i].ProcessId == g_startup_procs[j])
				break;
		}

		if (j == g_startup_num_procs) {
			WTSFreeMemory(pinfo);
			return FALSE;
		}
	}

	WTSFreeMemory(pinfo);

	return TRUE;
}
Example #13
0
/*-----------------------------------------------------------------------------
	Kill any processes that we need closed
-----------------------------------------------------------------------------*/
void TerminateProcs(void)
{
	HWND hDesktop = ::GetDesktopWindow();
	HWND hWnd = ::GetWindow(hDesktop, GW_CHILD);
	TCHAR szTitle[1025];
	const TCHAR * szClose[] = { 
		_T("urlblast")
		, _T("url blast")
		, _T("internet explorer")
		, _T("pagetest")
	};

	// Send close messages to everything
	while(hWnd)
	{
		if(::IsWindowVisible(hWnd))
		{
			if(::GetWindowText( hWnd, szTitle, 1024))
			{
				bool bKill = false;
				_tcslwr_s(szTitle, _countof(szTitle));
				for(int i = 0; i < _countof(szClose) && !bKill; i++)
				{
					if(_tcsstr(szTitle, szClose[i]))
						bKill = true;
				}
				
				if( bKill )
					::PostMessage(hWnd,WM_CLOSE,0,0);
			}
		}

		hWnd = ::GetWindow(hWnd, GW_HWNDNEXT);
	}

	// go through and kill any procs that are still running
	// (wait long enough for them to exit gracefully first)
	const TCHAR * procs[] = { 
		_T("urlblast.exe")
		, _T("iexplore.exe")
		, _T("pagetest.exe")
	};

	// let our process kill processes from other users
	HANDLE hToken;
	if( OpenProcessToken( GetCurrentProcess() , TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY , &hToken) )
	{
		TOKEN_PRIVILEGES tp;
		
		if( LookupPrivilegeValue( NULL , SE_DEBUG_NAME, &tp.Privileges[0].Luid ) )
		{
			tp.PrivilegeCount = 1;
			tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
			AdjustTokenPrivileges( hToken , FALSE , &tp , 0 , (PTOKEN_PRIVILEGES) 0 , 0 ) ;
		}
		
		CloseHandle(hToken);
	}

	// go through and kill any matching procs
	WTS_PROCESS_INFO * proc = NULL;
	DWORD count = 0;
	if( WTSEnumerateProcesses(WTS_CURRENT_SERVER_HANDLE, 0, 1, &proc, &count) )
	{
		for( DWORD i = 0; i < count; i++ )
		{
			TCHAR * file = proc[i].pProcessName;
			bool kill = false;

			for(int j = 0; j < _countof(procs) && !kill; j++)
			{
				if( !lstrcmpi(PathFindFileName(proc[i].pProcessName), procs[j]) )
					kill = true;
			}

			if( kill )
			{
				HANDLE hProc = OpenProcess(SYNCHRONIZE | PROCESS_TERMINATE, FALSE, proc[i].ProcessId);
				if( hProc )
				{
					// give it 2 minutes to exit on it's own
					if( WaitForSingleObject(hProc, 120000) != WAIT_OBJECT_0 )
						TerminateProcess(hProc, 0);
					CloseHandle(hProc);
				}
			}
		}

		WTSFreeMemory(proc);
	}
}