bool ProcessInfo::EnumCurrentUserProcess(PIDList& pids) { const char* UNIX_PROC_DIR = "/proc"; DIR* fdDir; struct dirent* dirData; if((fdDir = opendir(UNIX_PROC_DIR)) != NULL) { while((dirData = readdir(fdDir)) != NULL) { int pid = atoi(dirData->d_name); if(pid > 0) { PStatusMap status; if(GetProcessInfoByPID(status, pid)) { if(getuid() == (unsigned int)atoi(status["Uid:"].c_str())) { pids.push_back(pid); } } } } closedir(fdDir); } else { return false; } return true; }
bool DesktopShellView::DoContextMenu(int x, int y) { IDataObject* selection; HRESULT hr = _pShellView->GetItemObject(SVGIO_SELECTION, IID_IDataObject, (void**)&selection); if (FAILED(hr)) return false; PIDList pidList; hr = pidList.GetData(selection); if (FAILED(hr)) { selection->Release(); //CHECKERROR(hr); return false; } LPIDA pida = pidList; if (!pida->cidl) { selection->Release(); return false; } LPCITEMIDLIST parent_pidl = (LPCITEMIDLIST) ((LPBYTE)pida+pida->aoffset[0]); LPCITEMIDLIST* apidl = (LPCITEMIDLIST*) alloca(pida->cidl*sizeof(LPCITEMIDLIST)); for(int i=pida->cidl; i>0; --i) apidl[i-1] = (LPCITEMIDLIST) ((LPBYTE)pida+pida->aoffset[i]); hr = ShellFolderContextMenu(ShellFolder(parent_pidl), _hwnd, pida->cidl, apidl, x, y, _cm_ifs); selection->Release(); if (SUCCEEDED(hr)) refresh(); else CHECKERROR(hr); return true; }
// process default command: look for folders and traverse into them HRESULT IShellBrowserImpl::OnDefaultCommand(IShellView* ppshv) { IDataObject* selection; HRESULT hr = ppshv->GetItemObject(SVGIO_SELECTION, IID_IDataObject, (void**)&selection); if (FAILED(hr)) return hr; PIDList pidList; hr = pidList.GetData(selection); if (FAILED(hr)) { selection->Release(); return hr; } hr = OnDefaultCommand(pidList); selection->Release(); return hr; }
PIDList GetProcessIDsByName(const char* processName) { // list of correct PIDs PIDList pids; // gets a snapshot from 32 bit processes HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); if (hSnapshot == INVALID_HANDLE_VALUE) { printf("ERROR: Can't get snapshot from 32 bit processes, "); printf("ErrorCode: %u\n", GetLastError()); return pids; } // a 32 bit process entry from a snapshot PROCESSENTRY32 processEntry; // from MSDN: The calling application must set the // dwSize member of PROCESSENTRY32 to the size, in bytes, of the structure. processEntry.dwSize = sizeof(PROCESSENTRY32); // checks the first process from the snapshot if (Process32First(hSnapshot, &processEntry)) { do { // process found if (!strcmp(processEntry.szExeFile, lookingProcessName)) pids.push_back(processEntry.th32ProcessID); } // loops over the snapshot while (Process32Next(hSnapshot, &processEntry)); } CloseHandle(hSnapshot); return pids; }
int main(int argc, char* argv[]) { // nice title :) SetConsoleTitle("SzimatSzatyor, WoW injector sniffer"); // some info printf("Welcome to SzimatSzatyor, a WoW injector sniffer.\n"); printf("SzimatSzatyor is distributed under the GNU GPLv3 license.\n"); printf("Source code is available at: "); printf("http://github.com/Konctantin/SzimatSzatyor\n\n"); if (argc > 3) { printf("ERROR: Invalid parameters. "); printf("\"szatyor.exe [wow_exe_name] [dll_name]\" should be used.\n\n"); system("pause"); return 0; } // custom process' name else if (argc > 1) lookingProcessName = argv[1]; else if (argc > 2) injectDLLName = argv[2]; // this process will be injected DWORD processID = 0; // tries to get the PIDs PIDList& pids = GetProcessIDsByName(lookingProcessName); if (pids.empty()) { printf("'%s' process NOT found.\n", lookingProcessName); printf("Note: be sure the process which you looking for "); printf("is must be a 32 bit process.\n\n"); system("pause"); return 0; } // just one PID found else if (pids.size() == 1) { processID = pids.front(); printf("'%s' process found, PID: %u\n", lookingProcessName, processID); // checks this process is already injected or not if (IsProcessAlreadyInjected(processID, injectDLLName)) { printf("Process is already injected.\n\n"); system("pause"); return 0; } } // size > 1, multiple possible processes else { printf("Multiple '%s' processes found.\n", lookingProcessName); printf("Please select one which will be injected.\n\n"); // stores the PIDs which are already injected // so these are "invalid" PIDList injectedPIDs; unsigned int idx = 1; for (PIDList_ConstItr itr = pids.begin(); itr != pids.end(); ++itr) { DWORD pid = *itr; printf("[%u] PID: %u\n", idx++, pid); if (IsProcessAlreadyInjected(pid, injectDLLName)) { printf("Already injected!\n\n"); injectedPIDs.push_back(pid); } } // same size: there is no non-injected PID if (pids.size() == injectedPIDs.size()) { printf("All the processes are already injected.\n\n"); system("pause"); return 0; } unsigned int selectedIndex = 0; // loops until has correct PID while (1) { processID = 0; selectedIndex = 0; printf("Please select a process, use [index]: "); scanf("%u", &selectedIndex); // bigger than max index if (selectedIndex > idx - 1) { printf("Your index is too big, max index is %u.\n", idx - 1); continue; } // 0 or non int used else if (selectedIndex == 0) { printf("Your index is invalid, 1-%u should be used.\n", idx - 1); continue; } // gets PID via index PIDList_ConstItr itr = pids.begin(); std::advance(itr, selectedIndex - 1); processID = *itr; // if already injected if (std::find(injectedPIDs.begin(), injectedPIDs.end(), processID) != injectedPIDs.end()) { printf("This process is already injected. "); printf("Please choose a different one.\n"); continue; } // looks like all good break; } printf("\n"); } // stores where the injector is, so location/path of the current process char injectorPath[MAX_PATH] = { 0 }; // gets where the injector is DWORD injectorPathSize = GetModuleFileName(NULL, injectorPath, MAX_PATH); if (!injectorPathSize) { printf("ERROR: Can't get the injector's path, "); printf("ErrorCode: %u\n\n", GetLastError()); system("pause"); return 0; } // full path of the DLL char* dllPath = new char[MAX_PATH]; // copies injector's full path to dllPath strncpy_s(dllPath, MAX_PATH, injectorPath, injectorPathSize); // some magic to replace path/szatyor.exe to path/szimat.dll // removes injector's name PathRemoveFileSpec(dllPath); // appends DLL's name PathAppend(dllPath, injectDLLName); printf("DLL: %s\n", dllPath); if (InjectDLL(processID, dllPath)) { printf("\nInjection of '%s' is successful.\n\n", injectDLLName); } else { printf("\nInjection of '%s' is NOT successful.\n\n", injectDLLName); system("pause"); } delete[] dllPath; //system("pause"); return 0; }
void Monitor::procProcesses() { PIDList deletes; PIDList adds; unsigned long long totalTicks = 0; if ( fCPUTotalTicks.size() > 0 ) { totalTicks = fCPUTotalTicks[0]; } ProcessStatHandler statHandler(fProcMap, totalTicks); ProcessStatMHandler statMHandler(fProcMap, fTotalMemory); ProcessCmdLineHandler cmdLineHandler(fProcMap, fAppNameMap); QStringList procList = fProcReader.getProcList(); QStringListIterator slIterator(procList); pid_t pid; int iteration = 0; while ( (pid = getNextPID(slIterator, iteration)) != 0 ) { iteration++; const QString pidStr = QString::number(pid); QString pathStatM("/proc/" + pidStr + "/statm"); QString pathCmdLine("/proc/" + pidStr + "/cmdline"); QString pathStat("/proc/" + pidStr + "/stat"); if ( !fProcMap.contains(pid) ) { fProcMap[pid]; adds.append(pid); } const QString oldName = fProcMap.value(pid).getStatName(); if ( fProcReader.readProcFile(pathStat, statHandler, 1, pid) != 0 ) { qCritical() << "Error reading process stat file " << pid << "\n"; continue; } if ( !oldName.isEmpty() && oldName != fProcMap.value(pid).getStatName() ) { fProcMap.remove(pid); fProcMap[pid]; deletes.append(pid); adds.append(pid); if ( fProcReader.readProcFile(pathStat, statHandler, 1, pid) != 0 ) { qCritical() << "Error reading process stat file " << pid << "\n"; continue; } } if ( fProcReader.readProcFile(pathStatM, statMHandler, 1, pid) != 0 ) { qCritical() << "Error reading process mstat file " << pid << "\n"; continue; } if ( fProcMap.value(pid).getNameState() == 0 ) { if ( fProcReader.readProcFile(pathCmdLine, cmdLineHandler, 1, pid) != 0 ) { qCritical() << "Error reading process cmdline file " << pid << "\n"; continue; } } } QMapIterator<pid_t, ProcInfo> iterator(fProcMap); while ( iterator.hasNext() ) { iterator.next(); const pid_t pid = iterator.key(); const QString pidStr = QString::number(pid); QString pathStat("/proc/" + pidStr + "/stat"); if ( !QFile::exists(pathStat) ) { fProcMap.remove(pid); deletes.append(pid); } } emit processChanged(&fProcMap, adds, deletes); }