NTSTATUS KphInstall(
_In_opt_ PWSTR DeviceName,
_In_ PWSTR FileName
)
{
return KphInstallEx(DeviceName, FileName, NULL);
}
VOID PhpProcessStartupParameters(
VOID
)
{
static PH_COMMAND_LINE_OPTION options[] =
{
{ PH_ARG_SETTINGS, L"settings", MandatoryArgumentType },
{ PH_ARG_NOSETTINGS, L"nosettings", NoArgumentType },
{ PH_ARG_SHOWVISIBLE, L"v", NoArgumentType },
{ PH_ARG_SHOWHIDDEN, L"hide", NoArgumentType },
{ PH_ARG_COMMANDMODE, L"c", NoArgumentType },
{ PH_ARG_COMMANDTYPE, L"ctype", MandatoryArgumentType },
{ PH_ARG_COMMANDOBJECT, L"cobject", MandatoryArgumentType },
{ PH_ARG_COMMANDACTION, L"caction", MandatoryArgumentType },
{ PH_ARG_COMMANDVALUE, L"cvalue", MandatoryArgumentType },
{ PH_ARG_RUNASSERVICEMODE, L"ras", MandatoryArgumentType },
{ PH_ARG_NOKPH, L"nokph", NoArgumentType },
{ PH_ARG_INSTALLKPH, L"installkph", NoArgumentType },
{ PH_ARG_UNINSTALLKPH, L"uninstallkph", NoArgumentType },
{ PH_ARG_DEBUG, L"debug", NoArgumentType },
{ PH_ARG_HWND, L"hwnd", MandatoryArgumentType },
{ PH_ARG_POINT, L"point", MandatoryArgumentType },
{ PH_ARG_SHOWOPTIONS, L"showoptions", NoArgumentType },
{ PH_ARG_PHSVC, L"phsvc", NoArgumentType },
{ PH_ARG_NOPLUGINS, L"noplugins", NoArgumentType },
{ PH_ARG_NEWINSTANCE, L"newinstance", NoArgumentType },
{ PH_ARG_ELEVATE, L"elevate", NoArgumentType },
{ PH_ARG_SILENT, L"s", NoArgumentType },
{ PH_ARG_HELP, L"help", NoArgumentType },
{ PH_ARG_SELECTPID, L"selectpid", MandatoryArgumentType },
{ PH_ARG_PRIORITY, L"priority", MandatoryArgumentType },
{ PH_ARG_PLUGIN, L"plugin", MandatoryArgumentType },
{ PH_ARG_SELECTTAB, L"selecttab", MandatoryArgumentType }
};
PH_STRINGREF commandLine;
PhUnicodeStringToStringRef(&NtCurrentPeb()->ProcessParameters->CommandLine, &commandLine);
memset(&PhStartupParameters, 0, sizeof(PH_STARTUP_PARAMETERS));
if (!PhParseCommandLine(
&commandLine,
options,
sizeof(options) / sizeof(PH_COMMAND_LINE_OPTION),
PH_COMMAND_LINE_IGNORE_UNKNOWN_OPTIONS | PH_COMMAND_LINE_IGNORE_FIRST_PART,
PhpCommandLineOptionCallback,
NULL
) || PhStartupParameters.Help)
{
PhShowInformation(
NULL,
L"Command line options:\n\n"
L"-c\n"
L"-ctype command-type\n"
L"-cobject command-object\n"
L"-caction command-action\n"
L"-cvalue command-value\n"
L"-debug\n"
L"-elevate\n"
L"-help\n"
L"-hide\n"
L"-installkph\n"
L"-newinstance\n"
L"-nokph\n"
L"-noplugins\n"
L"-nosettings\n"
L"-plugin pluginname:value\n"
L"-priority r|h|n|l\n"
L"-s\n"
L"-selectpid pid-to-select\n"
L"-selecttab name-of-tab-to-select\n"
L"-settings filename\n"
L"-uninstallkph\n"
L"-v\n"
);
if (PhStartupParameters.Help)
RtlExitUserProcess(STATUS_SUCCESS);
}
if (PhStartupParameters.InstallKph)
{
NTSTATUS status;
PPH_STRING kprocesshackerFileName;
KPH_PARAMETERS parameters;
kprocesshackerFileName = PhConcatStrings2(PhApplicationDirectory->Buffer, L"\\kprocesshacker.sys");
parameters.SecurityLevel = KphSecurityNone;
parameters.CreateDynamicConfiguration = TRUE;
status = KphInstallEx(L"KProcessHacker2", kprocesshackerFileName->Buffer, ¶meters);
if (!NT_SUCCESS(status) && !PhStartupParameters.Silent)
PhShowStatus(NULL, L"Unable to install KProcessHacker", status, 0);
RtlExitUserProcess(status);
}
if (PhStartupParameters.UninstallKph)
{
NTSTATUS status;
status = KphUninstall(L"KProcessHacker2");
if (!NT_SUCCESS(status) && !PhStartupParameters.Silent)
PhShowStatus(NULL, L"Unable to uninstall KProcessHacker", status, 0);
RtlExitUserProcess(status);
}
if (PhStartupParameters.Elevate && !PhElevated)
{
PhShellProcessHacker(
NULL,
NULL,
SW_SHOW,
PH_SHELL_EXECUTE_ADMIN,
PH_SHELL_APP_PROPAGATE_PARAMETERS | PH_SHELL_APP_PROPAGATE_PARAMETERS_FORCE_SETTINGS,
0,
NULL
);
RtlExitUserProcess(STATUS_SUCCESS);
}
if (PhStartupParameters.Debug)
{
// The symbol provider won't work if this is chosen.
PhShowDebugConsole();
}
}
