VOID NTAPI NetworkMenuInitializingCallback(
_In_opt_ PVOID Parameter,
_In_opt_ PVOID Context
)
{
PPH_PLUGIN_MENU_INFORMATION menuInfo = (PPH_PLUGIN_MENU_INFORMATION)Parameter;
PPH_NETWORK_ITEM networkItem;
PPH_EMENU_ITEM toolsMenu;
if (menuInfo->u.Network.NumberOfNetworkItems == 1)
networkItem = menuInfo->u.Network.NetworkItems[0];
else
networkItem = NULL;
// Create the Tools menu.
toolsMenu = PhPluginCreateEMenuItem(PluginInstance, 0, 0, L"Tools", NULL);
PhInsertEMenuItem(toolsMenu, PhPluginCreateEMenuItem(PluginInstance, 0, NETWORK_ACTION_PING, L"Ping", networkItem), -1);
PhInsertEMenuItem(toolsMenu, PhPluginCreateEMenuItem(PluginInstance, 0, NETWORK_ACTION_TRACEROUTE, L"Traceroute", networkItem), -1);
PhInsertEMenuItem(toolsMenu, PhPluginCreateEMenuItem(PluginInstance, 0, NETWORK_ACTION_WHOIS, L"Whois", networkItem), -1);
// Insert the Tools menu into the network menu.
PhInsertEMenuItem(menuInfo->Menu, toolsMenu, 1);
toolsMenu->Flags |= PH_EMENU_DISABLED;
if (networkItem)
{
if (!PhIsNullIpAddress(&networkItem->RemoteEndpoint.Address))
{
toolsMenu->Flags &= ~PH_EMENU_DISABLED;
}
}
}
VOID NTAPI MainMenuInitializingCallback(
_In_opt_ PVOID Parameter,
_In_opt_ PVOID Context
)
{
ULONG insertIndex;
PPH_EMENU_ITEM menuItem;
PPH_PLUGIN_MENU_INFORMATION menuInfo = Parameter;
if (menuInfo->u.MainMenu.SubMenuIndex != PH_MENU_ITEM_LOCATION_VIEW)
return;
if (menuItem = PhFindEMenuItem(menuInfo->Menu, PH_EMENU_FIND_STARTSWITH, L"System Information", 0))
insertIndex = PhIndexOfEMenuItem(menuInfo->Menu, menuItem) + 1;
else
insertIndex = 0;
PhInsertEMenuItem(menuInfo->Menu, menuItem = PhPluginCreateEMenuItem(PluginInstance, 0, ID_VIEW_WINDOWS, L"Windows", NULL), insertIndex);
if (PhGetIntegerSetting(SETTING_NAME_SHOW_DESKTOP_WINDOWS))
{
insertIndex = PhIndexOfEMenuItem(menuInfo->Menu, menuItem) + 1;
PhInsertEMenuItem(menuInfo->Menu, PhPluginCreateEMenuItem(PluginInstance, 0, ID_VIEW_DESKTOPWINDOWS, L"Desktop Windows...", NULL), insertIndex);
}
}
PPH_EMENU_ITEM CreateSendToMenu(
__in PPH_EMENU_ITEM Parent,
__in PWSTR InsertAfter,
__in PPH_STRING FileName
)
{
PPH_EMENU_ITEM sendToMenu;
PPH_EMENU_ITEM menuItem;
ULONG insertIndex;
// Create the Send To menu.
sendToMenu = PhPluginCreateEMenuItem(PluginInstance, 0, 0, L"Send To", NULL);
PhInsertEMenuItem(sendToMenu, PhPluginCreateEMenuItem(PluginInstance, 0, ID_SENDTO_SERVICE1, L"virustotal.com", FileName), -1);
PhInsertEMenuItem(sendToMenu, PhPluginCreateEMenuItem(PluginInstance, 0, ID_SENDTO_SERVICE2, L"virusscan.jotti.org", FileName), -1);
PhInsertEMenuItem(sendToMenu, PhPluginCreateEMenuItem(PluginInstance, 0, ID_SENDTO_SERVICE3, L"camas.comodo.com", FileName), -1);
menuItem = PhFindEMenuItem(Parent, PH_EMENU_FIND_STARTSWITH, InsertAfter, 0);
if (menuItem)
insertIndex = PhIndexOfEMenuItem(Parent, menuItem);
else
insertIndex = -1;
PhInsertEMenuItem(Parent, sendToMenu, insertIndex + 1);
return sendToMenu;
}
VOID NTAPI ProcessMenuInitializingCallback(
_In_opt_ PVOID Parameter,
_In_opt_ PVOID Context
)
{
PPH_PLUGIN_MENU_INFORMATION menuInfo = Parameter;
PPH_PROCESS_ITEM processItem;
ULONG flags;
PPH_EMENU_ITEM miscMenu;
if (menuInfo->u.Process.NumberOfProcesses == 1)
processItem = menuInfo->u.Process.Processes[0];
else
processItem = NULL;
flags = 0;
if (!processItem)
flags = PH_EMENU_DISABLED;
miscMenu = PhFindEMenuItem(menuInfo->Menu, 0, L"Miscellaneous", 0);
if (miscMenu)
{
PhInsertEMenuItem(miscMenu, PhPluginCreateEMenuItem(PluginInstance, flags, ID_PROCESS_UNLOADEDMODULES, L"Unloaded Modules", processItem), -1);
PhInsertEMenuItem(miscMenu, PhPluginCreateEMenuItem(PluginInstance, flags, ID_PROCESS_WSWATCH, L"WS Watch", processItem), -1);
}
}
VOID PhInitializeTreeNewColumnMenuEx(
__inout PPH_TN_COLUMN_MENU_DATA Data,
__in ULONG Flags
)
{
PPH_EMENU_ITEM sizeColumnToFitMenuItem;
PPH_EMENU_ITEM sizeAllColumnsToFitMenuItem;
PPH_EMENU_ITEM hideColumnMenuItem;
PPH_EMENU_ITEM chooseColumnsMenuItem;
ULONG minimumNumberOfColumns;
Data->Menu = PhCreateEMenu();
Data->Selection = NULL;
Data->ProcessedId = 0;
sizeColumnToFitMenuItem = PhCreateEMenuItem(0, PH_TN_COLUMN_MENU_SIZE_COLUMN_TO_FIT_ID, L"Size Column to Fit", NULL, NULL);
sizeAllColumnsToFitMenuItem = PhCreateEMenuItem(0, PH_TN_COLUMN_MENU_SIZE_ALL_COLUMNS_TO_FIT_ID, L"Size All Columns to Fit", NULL, NULL);
if (!(Flags & PH_TN_COLUMN_MENU_NO_VISIBILITY))
{
hideColumnMenuItem = PhCreateEMenuItem(0, PH_TN_COLUMN_MENU_HIDE_COLUMN_ID, L"Hide Column", NULL, NULL);
chooseColumnsMenuItem = PhCreateEMenuItem(0, PH_TN_COLUMN_MENU_CHOOSE_COLUMNS_ID, L"Choose Columns...", NULL, NULL);
}
PhInsertEMenuItem(Data->Menu, sizeColumnToFitMenuItem, -1);
PhInsertEMenuItem(Data->Menu, sizeAllColumnsToFitMenuItem, -1);
if (!(Flags & PH_TN_COLUMN_MENU_NO_VISIBILITY))
{
PhInsertEMenuItem(Data->Menu, hideColumnMenuItem, -1);
PhInsertEMenuItem(Data->Menu, PhCreateEMenuItem(PH_EMENU_SEPARATOR, 0, L"", NULL, NULL), -1);
PhInsertEMenuItem(Data->Menu, chooseColumnsMenuItem, -1);
if (TreeNew_GetFixedColumn(Data->TreeNewHandle))
minimumNumberOfColumns = 2; // don't allow user to remove all normal columns (the fixed column can never be removed)
else
minimumNumberOfColumns = 1;
if (!Data->MouseEvent || !Data->MouseEvent->Column ||
Data->MouseEvent->Column->Fixed || // don't allow the fixed column to be hidden
TreeNew_GetVisibleColumnCount(Data->TreeNewHandle) < minimumNumberOfColumns + 1
)
{
hideColumnMenuItem->Flags |= PH_EMENU_DISABLED;
}
}
if (!Data->MouseEvent || !Data->MouseEvent->Column)
{
sizeColumnToFitMenuItem->Flags |= PH_EMENU_DISABLED;
}
}
VOID NTAPI MainMenuInitializingCallback(
_In_opt_ PVOID Parameter,
_In_opt_ PVOID Context
)
{
PPH_PLUGIN_MENU_INFORMATION menuInfo = Parameter;
if (!SbieDll_KillAll)
return;
if (menuInfo->u.MainMenu.SubMenuIndex != PH_MENU_ITEM_LOCATION_TOOLS)
return;
PhInsertEMenuItem(menuInfo->Menu, PhPluginCreateEMenuItem(PluginInstance, PH_EMENU_SEPARATOR, 0, NULL, NULL), -1);
PhInsertEMenuItem(menuInfo->Menu, PhPluginCreateEMenuItem(PluginInstance, 0, 1, L"Terminate Sandboxed Processes", NULL), -1);
}
VOID StatusBarShowMenu(
_In_ PPOINT Point
)
{
PPH_EMENU menu;
PPH_EMENU_ITEM selectedItem;
menu = PhCreateEMenu();
PhInsertEMenuItem(menu, PhCreateEMenuItem(0, COMMAND_ID_ENABLE_SEARCHBOX, L"Customize...", NULL, NULL), -1);
selectedItem = PhShowEMenu(
menu,
PhMainWndHandle,
PH_EMENU_SHOW_LEFTRIGHT,
PH_ALIGN_LEFT | PH_ALIGN_BOTTOM,
Point->x,
Point->y
);
if (selectedItem && selectedItem->Id != -1)
{
StatusBarShowCustomizeDialog();
StatusBarUpdate(TRUE);
}
PhDestroyEMenu(menu);
}
VOID NTAPI ThreadMenuInitializingCallback(
__in_opt PVOID Parameter,
__in_opt PVOID Context
)
{
PPH_PLUGIN_MENU_INFORMATION menuInfo = Parameter;
PPH_THREAD_ITEM threadItem;
ULONG insertIndex;
PPH_EMENU_ITEM menuItem;
if (menuInfo->u.Thread.NumberOfThreads == 1)
threadItem = menuInfo->u.Thread.Threads[0];
else
threadItem = NULL;
if (menuItem = PhFindEMenuItem(menuInfo->Menu, 0, L"Resume", 0))
insertIndex = PhIndexOfEMenuItem(menuInfo->Menu, menuItem) + 1;
else
insertIndex = 0;
PhInsertEMenuItem(menuInfo->Menu, menuItem = PhPluginCreateEMenuItem(PluginInstance, 0, ID_THREAD_CANCELIO,
L"Cancel I/O", threadItem), insertIndex);
if (!threadItem) menuItem->Flags |= PH_EMENU_DISABLED;
}
PPH_EMENU_ITEM CreateSendToMenu(
_In_ BOOLEAN ProcessesMenu,
_In_ PPH_EMENU_ITEM Parent,
_In_ PPH_STRING FileName
)
{
PPH_EMENU_ITEM sendToMenu;
PPH_EMENU_ITEM menuItem;
ULONG insertIndex;
sendToMenu = PhPluginCreateEMenuItem(PluginInstance, 0, 0, L"Sen&d to", NULL);
PhInsertEMenuItem(sendToMenu, PhPluginCreateEMenuItem(PluginInstance, 0, MENUITEM_HYBRIDANALYSIS_UPLOAD, L"&hybrid-analysis.com", FileName), ULONG_MAX);
PhInsertEMenuItem(sendToMenu, PhPluginCreateEMenuItem(PluginInstance, 0, MENUITEM_VIRUSTOTAL_UPLOAD, L"&virustotal.com", FileName), ULONG_MAX);
PhInsertEMenuItem(sendToMenu, PhPluginCreateEMenuItem(PluginInstance, 0, MENUITEM_JOTTI_UPLOAD, L"virusscan.&jotti.org", FileName), ULONG_MAX);
if (ProcessesMenu && (menuItem = PhFindEMenuItem(Parent, PH_EMENU_FIND_STARTSWITH, L"Search online", 0)))
{
insertIndex = PhIndexOfEMenuItem(Parent, menuItem);
PhInsertEMenuItem(Parent, sendToMenu, insertIndex + 1);
PhInsertEMenuItem(Parent, PhCreateEMenuSeparator(), insertIndex + 2);
}
else
{
PhInsertEMenuItem(Parent, PhCreateEMenuSeparator(), ULONG_MAX);
PhInsertEMenuItem(Parent, sendToMenu, ULONG_MAX);
}
return sendToMenu;
}
/**
* Converts a Windows menu object to an EMENU.
*
* \param MenuItem The menu item in which the converted menu items
* will be placed.
* \param PopupMenu A menu handle.
*/
VOID PhPopupMenuToEMenuItem(
__inout PPH_EMENU_ITEM MenuItem,
__in HMENU PopupMenu
)
{
ULONG i;
ULONG count;
count = GetMenuItemCount(PopupMenu);
if (count != -1)
{
for (i = 0; i < count; i++)
{
MENUITEMINFO menuItemInfo;
WCHAR buffer[256];
PPH_EMENU_ITEM menuItem;
menuItemInfo.cbSize = sizeof(menuItemInfo);
menuItemInfo.fMask = MIIM_FTYPE | MIIM_ID | MIIM_STATE | MIIM_STRING | MIIM_SUBMENU;
menuItemInfo.cch = sizeof(buffer) / sizeof(WCHAR);
menuItemInfo.dwTypeData = buffer;
if (!GetMenuItemInfo(PopupMenu, i, TRUE, &menuItemInfo))
continue;
menuItem = PhCreateEMenuItem(
PH_EMENU_TEXT_OWNED,
menuItemInfo.wID,
PhDuplicateUnicodeStringZ(buffer),
NULL,
NULL
);
if (menuItemInfo.fType & MFT_SEPARATOR)
menuItem->Flags |= PH_EMENU_SEPARATOR;
PhMapFlags2(
&menuItem->Flags,
menuItemInfo.fType,
EMenuTypeMappings,
sizeof(EMenuTypeMappings) / sizeof(PH_FLAG_MAPPING)
);
PhMapFlags2(
&menuItem->Flags,
menuItemInfo.fState,
EMenuStateMappings,
sizeof(EMenuStateMappings) / sizeof(PH_FLAG_MAPPING)
);
if (menuItemInfo.hSubMenu)
PhPopupMenuToEMenuItem(menuItem, menuItemInfo.hSubMenu);
PhInsertEMenuItem(MenuItem, menuItem, -1);
}
}
}
VOID NTAPI MainMenuInitializingCallback(
_In_opt_ PVOID Parameter,
_In_opt_ PVOID Context
)
{
PPH_PLUGIN_MENU_INFORMATION menuInfo = Parameter;
PPH_EMENU_ITEM systemMenu;
if (menuInfo->u.MainMenu.SubMenuIndex != PH_MENU_ITEM_LOCATION_TOOLS)
return;
if (!(systemMenu = PhFindEMenuItem(menuInfo->Menu, 0, L"System", 0)))
{
PhInsertEMenuItem(menuInfo->Menu, PhCreateEMenuSeparator(), -1);
PhInsertEMenuItem(menuInfo->Menu, systemMenu = PhPluginCreateEMenuItem(PluginInstance, 0, 0, L"&System", NULL), -1);
}
PhInsertEMenuItem(systemMenu, PhPluginCreateEMenuItem(PluginInstance, 0, DNSCACHE_MENUITEM, L"&DNS Cache Table", NULL), -1);
}
static VOID NTAPI MainMenuInitializingCallback(
_In_opt_ PVOID Parameter,
_In_opt_ PVOID Context
)
{
PPH_PLUGIN_MENU_INFORMATION menuInfo = Parameter;
if (menuInfo->u.MainMenu.SubMenuIndex != PH_MENU_ITEM_LOCATION_TOOLS)
return;
PhInsertEMenuItem(menuInfo->Menu, PhPluginCreateEMenuItem(PluginInstance, 0, BOOT_ENTRIES_MENUITEM, L"Boot Entries", NULL), -1);
}
static VOID NTAPI MainMenuInitializingCallback(
_In_opt_ PVOID Parameter,
_In_opt_ PVOID Context
)
{
PPH_PLUGIN_MENU_INFORMATION menuInfo = Parameter;
if (menuInfo->u.MainMenu.SubMenuIndex != PH_MENU_ITEM_LOCATION_TOOLS)
return;
PhInsertEMenuItem(menuInfo->Menu, PhPluginCreateEMenuItem(PluginInstance, 0, ATOM_TABLE_MENUITEM, L"Global Atom Table", NULL), -1);
}
static VOID NTAPI MainMenuInitializingCallback(
_In_opt_ PVOID Parameter,
_In_opt_ PVOID Context
)
{
PPH_PLUGIN_MENU_INFORMATION menuInfo = Parameter;
// Check this menu is the Help menu
if (!menuInfo || menuInfo->u.MainMenu.SubMenuIndex != 4)
return;
PhInsertEMenuItem(menuInfo->Menu, PhPluginCreateEMenuItem(PluginInstance, 0, UPDATE_MENUITEM, L"Check for Updates", NULL), 0);
}
VOID NTAPI MainMenuInitializingCallback(
_In_opt_ PVOID Parameter,
_In_opt_ PVOID Context
)
{
PPH_EMENU_ITEM onlineMenuItem;
PPH_EMENU_ITEM enableMenuItem;
PPH_PLUGIN_MENU_INFORMATION menuInfo = Parameter;
if (menuInfo->u.MainMenu.SubMenuIndex != PH_MENU_ITEM_LOCATION_TOOLS)
return;
onlineMenuItem = PhPluginCreateEMenuItem(PluginInstance, 0, 0, L"&Online Checks", NULL);
PhInsertEMenuItem(onlineMenuItem, enableMenuItem = PhPluginCreateEMenuItem(PluginInstance, 0, ENABLE_SERVICE_VIRUSTOTAL, L"&Enable VirusTotal scanning", NULL), ULONG_MAX);
PhInsertEMenuItem(onlineMenuItem, PhCreateEMenuSeparator(), ULONG_MAX);
PhInsertEMenuItem(onlineMenuItem, PhPluginCreateEMenuItem(PluginInstance, 0, MENUITEM_HYBRIDANALYSIS_UPLOAD_FILE, L"Upload file to &Hybrid-Analysis...", NULL), ULONG_MAX);
PhInsertEMenuItem(onlineMenuItem, PhPluginCreateEMenuItem(PluginInstance, 0, MENUITEM_VIRUSTOTAL_UPLOAD_FILE, L"&Upload file to VirusTotal...", NULL), ULONG_MAX);
//PhInsertEMenuItem(onlineMenuItem, PhPluginCreateEMenuItem(PluginInstance, 0, MENUITEM_VIRUSTOTAL_QUEUE, L"Upload unknown files to VirusTotal...", NULL), ULONG_MAX);
PhInsertEMenuItem(menuInfo->Menu, onlineMenuItem, ULONG_MAX);
if (VirusTotalScanningEnabled)
enableMenuItem->Flags |= PH_EMENU_CHECKED;
}
VOID NTAPI MainMenuInitializingCallback(
_In_opt_ PVOID Parameter,
_In_opt_ PVOID Context
)
{
PPH_PLUGIN_MENU_INFORMATION menuInfo = Parameter;
PPH_EMENU_ITEM liveDumpMenu;
if (menuInfo->u.MainMenu.SubMenuIndex != PH_MENU_ITEM_LOCATION_TOOLS)
return;
PhInsertEMenuItem(menuInfo->Menu, liveDumpMenu = PhPluginCreateEMenuItem(PluginInstance, 0, PLUGIN_MENU_ITEM, L"&Live kernel dump...", NULL), -1);
if (WindowsVersion < WINDOWS_8_1 || !PhGetOwnTokenAttributes().Elevated)
{
liveDumpMenu->Flags |= PH_EMENU_DISABLED;
}
}
VOID NTAPI ModuleMenuInitializingCallback(
__in_opt PVOID Parameter,
__in_opt PVOID Context
)
{
PPH_PLUGIN_MENU_INFORMATION menuInfo = Parameter;
PPH_PROCESS_ITEM processItem;
BOOLEAN addMenuItem;
PPH_MODULE_ITEM moduleItem;
ULONG insertIndex;
PPH_EMENU_ITEM menuItem;
addMenuItem = FALSE;
if (processItem = PhReferenceProcessItem(menuInfo->u.Module.ProcessId))
{
if (processItem->ServiceList && processItem->ServiceList->Count != 0)
addMenuItem = TRUE;
PhDereferenceObject(processItem);
}
if (!addMenuItem)
return;
if (menuInfo->u.Module.NumberOfModules == 1)
moduleItem = menuInfo->u.Module.Modules[0];
else
moduleItem = NULL;
if (menuItem = PhFindEMenuItem(menuInfo->Menu, 0, L"Inspect", 0))
insertIndex = PhIndexOfEMenuItem(menuInfo->Menu, menuItem) + 1;
else
insertIndex = 0;
ModuleProcessId = menuInfo->u.Module.ProcessId;
PhInsertEMenuItem(menuInfo->Menu, menuItem = PhPluginCreateEMenuItem(PluginInstance, 0, ID_MODULE_SERVICES,
L"Services", moduleItem), insertIndex);
if (!moduleItem) menuItem->Flags |= PH_EMENU_DISABLED;
}
VOID NTAPI ProcessMenuInitializingCallback(
_In_opt_ PVOID Parameter,
_In_opt_ PVOID Context
)
{
PPH_PLUGIN_MENU_INFORMATION menuInfo = Parameter;
PPH_EMENU_ITEM miscMenuItem;
PPH_EMENU_ITEM criticalMenuItem;
PPH_PROCESS_ITEM processItem;
miscMenuItem = PhFindEMenuItem(menuInfo->Menu, 0, L"Miscellaneous", 0);
if (!miscMenuItem)
return;
processItem = menuInfo->u.Process.NumberOfProcesses == 1 ? menuInfo->u.Process.Processes[0] : NULL;
criticalMenuItem = PhPluginCreateEMenuItem(PluginInstance, 0, CRITICAL_MENU_ITEM, L"&Critical", processItem);
PhInsertEMenuItem(miscMenuItem, criticalMenuItem, -1);
if (processItem)
{
HANDLE processHandle;
ULONG breakOnTermination;
if (NT_SUCCESS(PhOpenProcess(&processHandle, PROCESS_QUERY_INFORMATION, processItem->ProcessId)))
{
if (NT_SUCCESS(NtQueryInformationProcess(processHandle, ProcessBreakOnTermination, &breakOnTermination, sizeof(ULONG), NULL)))
{
if (breakOnTermination)
criticalMenuItem->Flags |= PH_EMENU_CHECKED;
}
NtClose(processHandle);
}
}
else
{
criticalMenuItem->Flags |= PH_EMENU_DISABLED;
}
}
VOID PhInsertHandleObjectPropertiesEMenuItems(
_In_ struct _PH_EMENU_ITEM *Menu,
_In_ ULONG InsertBeforeId,
_In_ BOOLEAN EnableShortcut,
_In_ PPH_HANDLE_ITEM_INFO Info
)
{
PPH_EMENU_ITEM parentItem;
ULONG indexInParent;
if (!PhFindEMenuItemEx(Menu, 0, NULL, InsertBeforeId, &parentItem, &indexInParent))
return;
if (PhIsNullOrEmptyString(Info->TypeName))
return;
if (PhEqualString2(Info->TypeName, L"File", TRUE) || PhEqualString2(Info->TypeName, L"DLL", TRUE) ||
PhEqualString2(Info->TypeName, L"Mapped file", TRUE) || PhEqualString2(Info->TypeName, L"Mapped image", TRUE))
{
if (PhEqualString2(Info->TypeName, L"File", TRUE))
PhInsertEMenuItem(parentItem, PhCreateEMenuItem(0, ID_HANDLE_OBJECTPROPERTIES2, L"File propert&ies", NULL, NULL), indexInParent);
PhInsertEMenuItem(parentItem, PhCreateEMenuItem(0, ID_HANDLE_OBJECTPROPERTIES1, PhaAppendCtrlEnter(L"Open &file location", EnableShortcut), NULL, NULL), indexInParent);
}
else if (PhEqualString2(Info->TypeName, L"Key", TRUE))
{
PhInsertEMenuItem(parentItem, PhCreateEMenuItem(0, ID_HANDLE_OBJECTPROPERTIES1, PhaAppendCtrlEnter(L"Open &key", EnableShortcut), NULL, NULL), indexInParent);
}
else if (PhEqualString2(Info->TypeName, L"Process", TRUE))
{
PhInsertEMenuItem(parentItem, PhCreateEMenuItem(0, ID_HANDLE_OBJECTPROPERTIES1, PhaAppendCtrlEnter(L"Process propert&ies", EnableShortcut), NULL, NULL), indexInParent);
}
else if (PhEqualString2(Info->TypeName, L"Section", TRUE))
{
PhInsertEMenuItem(parentItem, PhCreateEMenuItem(0, ID_HANDLE_OBJECTPROPERTIES1, PhaAppendCtrlEnter(L"Read/Write &memory", EnableShortcut), NULL, NULL), indexInParent);
}
else if (PhEqualString2(Info->TypeName, L"Thread", TRUE))
{
PhInsertEMenuItem(parentItem, PhCreateEMenuItem(0, ID_HANDLE_OBJECTPROPERTIES1, PhaAppendCtrlEnter(L"Go to t&hread", EnableShortcut), NULL, NULL), indexInParent);
}
}
INT_PTR CALLBACK PhpProcessHeapsDlgProc(
__in HWND hwndDlg,
__in UINT uMsg,
__in WPARAM wParam,
__in LPARAM lParam
)
{
PPROCESS_HEAPS_CONTEXT context = NULL;
if (uMsg != WM_INITDIALOG)
{
context = (PPROCESS_HEAPS_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
}
else
{
context = (PPROCESS_HEAPS_CONTEXT)lParam;
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)context);
}
if (!context)
return FALSE;
switch (uMsg)
{
case WM_INITDIALOG:
{
HWND lvHandle;
ULONG i;
PhCenterWindow(hwndDlg, GetParent(hwndDlg));
context->ListViewHandle = lvHandle = GetDlgItem(hwndDlg, IDC_LIST);
PhAddListViewColumn(lvHandle, 0, 0, 0, LVCFMT_LEFT, 100, L"Address");
PhAddListViewColumn(lvHandle, 1, 1, 1, LVCFMT_LEFT, 120, L"Used");
PhAddListViewColumn(lvHandle, 2, 2, 2, LVCFMT_LEFT, 120, L"Committed");
PhAddListViewColumn(lvHandle, 3, 3, 3, LVCFMT_LEFT, 80, L"Entries");
PhSetListViewStyle(lvHandle, FALSE, TRUE);
PhSetControlTheme(lvHandle, L"explorer");
PhSetExtendedListView(lvHandle);
ExtendedListView_SetContext(lvHandle, context);
ExtendedListView_SetCompareFunction(lvHandle, 0, PhpHeapAddressCompareFunction);
ExtendedListView_SetCompareFunction(lvHandle, 1, PhpHeapUsedCompareFunction);
ExtendedListView_SetCompareFunction(lvHandle, 2, PhpHeapCommittedCompareFunction);
ExtendedListView_SetCompareFunction(lvHandle, 3, PhpHeapEntriesCompareFunction);
ExtendedListView_SetItemFontFunction(lvHandle, PhpHeapFontFunction);
for (i = 0; i < context->ProcessHeaps->NumberOfHeaps; i++)
{
PRTL_HEAP_INFORMATION heapInfo = &context->ProcessHeaps->Heaps[i];
WCHAR addressString[PH_PTR_STR_LEN_1];
INT lvItemIndex;
PPH_STRING usedString;
PPH_STRING committedString;
PPH_STRING numberOfEntriesString;
PhPrintPointer(addressString, heapInfo->BaseAddress);
lvItemIndex = PhAddListViewItem(lvHandle, MAXINT, addressString, heapInfo);
usedString = PhFormatSize(heapInfo->BytesAllocated, -1);
committedString = PhFormatSize(heapInfo->BytesCommitted, -1);
numberOfEntriesString = PhFormatUInt64(heapInfo->NumberOfEntries, TRUE);
PhSetListViewSubItem(lvHandle, lvItemIndex, 1, usedString->Buffer);
PhSetListViewSubItem(lvHandle, lvItemIndex, 2, committedString->Buffer);
PhSetListViewSubItem(lvHandle, lvItemIndex, 3, numberOfEntriesString->Buffer);
PhDereferenceObject(usedString);
PhDereferenceObject(committedString);
PhDereferenceObject(numberOfEntriesString);
}
ExtendedListView_SortItems(lvHandle);
}
break;
case WM_DESTROY:
{
RemoveProp(hwndDlg, PhMakeContextAtom());
}
break;
case WM_COMMAND:
{
switch (LOWORD(wParam))
{
case IDCANCEL:
case IDOK:
EndDialog(hwndDlg, IDOK);
break;
case IDC_SIZESINBYTES:
{
BOOLEAN sizesInBytes = Button_GetCheck(GetDlgItem(hwndDlg, IDC_SIZESINBYTES)) == BST_CHECKED;
INT index = -1;
ExtendedListView_SetRedraw(context->ListViewHandle, FALSE);
while ((index = ListView_GetNextItem(context->ListViewHandle, index, LVNI_ALL)) != -1)
{
PRTL_HEAP_INFORMATION heapInfo;
PPH_STRING usedString;
PPH_STRING committedString;
if (PhGetListViewItemParam(context->ListViewHandle, index, &heapInfo))
{
usedString = PhFormatSize(heapInfo->BytesAllocated, sizesInBytes ? 0 : -1);
committedString = PhFormatSize(heapInfo->BytesCommitted, sizesInBytes ? 0 : -1);
PhSetListViewSubItem(context->ListViewHandle, index, 1, usedString->Buffer);
PhSetListViewSubItem(context->ListViewHandle, index, 2, committedString->Buffer);
PhDereferenceObject(usedString);
PhDereferenceObject(committedString);
}
}
ExtendedListView_SetRedraw(context->ListViewHandle, TRUE);
}
break;
}
}
break;
case WM_NOTIFY:
{
PhHandleListViewNotifyForCopy(lParam, context->ListViewHandle);
}
break;
case WM_CONTEXTMENU:
{
if ((HWND)wParam == context->ListViewHandle)
{
POINT point;
PRTL_HEAP_INFORMATION heapInfo;
PPH_EMENU menu;
INT selectedCount;
PPH_EMENU_ITEM menuItem;
point.x = (SHORT)LOWORD(lParam);
point.y = (SHORT)HIWORD(lParam);
if (point.x == -1 && point.y == -1)
PhGetListViewContextMenuPoint((HWND)wParam, &point);
selectedCount = ListView_GetSelectedCount(context->ListViewHandle);
heapInfo = PhGetSelectedListViewItemParam(context->ListViewHandle);
if (selectedCount != 0)
{
menu = PhCreateEMenu();
PhInsertEMenuItem(menu, PhCreateEMenuItem(selectedCount != 1 ? PH_EMENU_DISABLED : 0, 1, L"Destroy", NULL, NULL), -1);
PhInsertEMenuItem(menu, PhCreateEMenuItem(0, 2, L"Copy\bCtrl+C", NULL, NULL), -1);
menuItem = PhShowEMenu(menu, context->ListViewHandle, PH_EMENU_SHOW_LEFTRIGHT | PH_EMENU_SHOW_NONOTIFY,
PH_ALIGN_LEFT | PH_ALIGN_TOP, point.x, point.y);
if (menuItem)
{
switch (menuItem->Id)
{
case 1:
if (PhUiDestroyHeap(hwndDlg, context->ProcessItem->ProcessId, heapInfo->BaseAddress))
ListView_DeleteItem(context->ListViewHandle, PhFindListViewItemByParam(context->ListViewHandle, -1, heapInfo));
break;
case 2:
PhCopyListView(context->ListViewHandle);
break;
}
}
PhDestroyEMenu(menu);
}
}
}
break;
}
REFLECT_MESSAGE_DLG(hwndDlg, context->ListViewHandle, uMsg, wParam, lParam);
return FALSE;
}
static VOID ShowStatusMenu(
_In_ HWND hwndDlg
)
{
PPH_STRING cacheEntryName;
cacheEntryName = PhGetSelectedListViewItemText(ListViewWndHandle);
if (cacheEntryName)
{
POINT cursorPos;
PPH_EMENU menu;
PPH_EMENU_ITEM selectedItem;
GetCursorPos(&cursorPos);
menu = PhCreateEMenu();
PhInsertEMenuItem(menu, PhCreateEMenuItem(0, 1, L"Remove", NULL, NULL), -1);
selectedItem = PhShowEMenu(
menu,
ListViewWndHandle,
PH_EMENU_SHOW_LEFTRIGHT,
PH_ALIGN_LEFT | PH_ALIGN_TOP,
cursorPos.x,
cursorPos.y
);
if (selectedItem && selectedItem->Id != -1)
{
switch (selectedItem->Id)
{
case 1:
{
INT lvItemIndex = PhFindListViewItemByFlags(
ListViewWndHandle,
-1,
LVNI_SELECTED
);
if (lvItemIndex != -1)
{
if (!PhGetIntegerSetting(L"EnableWarnings") || PhShowConfirmMessage(
hwndDlg,
L"remove",
cacheEntryName->Buffer,
NULL,
FALSE
))
{
PATOM_TABLE_INFORMATION atomTable = NULL;
if (!NT_SUCCESS(PhEnumAtomTable(&atomTable)))
return;
for (ULONG i = 0; i < atomTable->NumberOfAtoms; i++)
{
PATOM_BASIC_INFORMATION atomInfo = NULL;
if (!NT_SUCCESS(PhQueryAtomTableEntry(atomTable->Atoms[i], &atomInfo)))
continue;
if (!PhEqualStringZ(atomInfo->Name, cacheEntryName->Buffer, TRUE))
continue;
do
{
if (!NT_SUCCESS(NtDeleteAtom(atomTable->Atoms[i])))
{
break;
}
PhFree(atomInfo);
atomInfo = NULL;
if (!NT_SUCCESS(PhQueryAtomTableEntry(atomTable->Atoms[i], &atomInfo)))
break;
} while (atomInfo->UsageCount >= 1);
ListView_DeleteItem(ListViewWndHandle, lvItemIndex);
if (atomInfo)
{
PhFree(atomInfo);
}
}
PhFree(atomTable);
}
}
}
break;
}
}
PhDestroyEMenu(menu);
PhDereferenceObject(cacheEntryName);
}
}
INT_PTR CALLBACK PhpRunAsDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
PRUNAS_DIALOG_CONTEXT context;
if (uMsg != WM_INITDIALOG)
{
context = (PRUNAS_DIALOG_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
}
else
{
context = (PRUNAS_DIALOG_CONTEXT)lParam;
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)context);
}
if (!context)
return FALSE;
switch (uMsg)
{
case WM_INITDIALOG:
{
HWND typeComboBoxHandle = GetDlgItem(hwndDlg, IDC_TYPE);
HWND userNameComboBoxHandle = GetDlgItem(hwndDlg, IDC_USERNAME);
ULONG sessionId;
PhCenterWindow(hwndDlg, GetParent(hwndDlg));
if (SHAutoComplete_I)
{
SHAutoComplete_I(
GetDlgItem(hwndDlg, IDC_PROGRAM),
SHACF_AUTOAPPEND_FORCE_ON | SHACF_AUTOSUGGEST_FORCE_ON | SHACF_FILESYS_ONLY
);
}
ComboBox_AddString(typeComboBoxHandle, L"Batch");
ComboBox_AddString(typeComboBoxHandle, L"Interactive");
ComboBox_AddString(typeComboBoxHandle, L"Network");
ComboBox_AddString(typeComboBoxHandle, L"New credentials");
ComboBox_AddString(typeComboBoxHandle, L"Service");
PhSelectComboBoxString(typeComboBoxHandle, L"Interactive", FALSE);
ComboBox_AddString(userNameComboBoxHandle, L"NT AUTHORITY\\SYSTEM");
ComboBox_AddString(userNameComboBoxHandle, L"NT AUTHORITY\\LOCAL SERVICE");
ComboBox_AddString(userNameComboBoxHandle, L"NT AUTHORITY\\NETWORK SERVICE");
PhpAddAccountsToComboBox(userNameComboBoxHandle);
if (NT_SUCCESS(PhGetProcessSessionId(NtCurrentProcess(), &sessionId)))
SetDlgItemInt(hwndDlg, IDC_SESSIONID, sessionId, FALSE);
SetDlgItemText(hwndDlg, IDC_DESKTOP, L"WinSta0\\Default");
SetDlgItemText(hwndDlg, IDC_PROGRAM, PhaGetStringSetting(L"RunAsProgram")->Buffer);
if (!context->ProcessId)
{
SetDlgItemText(hwndDlg, IDC_USERNAME,
PH_AUTO_T(PH_STRING, PhGetStringSetting(L"RunAsUserName"))->Buffer);
// Fire the user name changed event so we can fix the logon type.
SendMessage(hwndDlg, WM_COMMAND, MAKEWPARAM(IDC_USERNAME, CBN_EDITCHANGE), 0);
}
else
{
HANDLE processHandle;
HANDLE tokenHandle;
PTOKEN_USER user;
PPH_STRING userName;
if (NT_SUCCESS(PhOpenProcess(
&processHandle,
ProcessQueryAccess,
context->ProcessId
)))
{
if (NT_SUCCESS(PhOpenProcessToken(
processHandle,
TOKEN_QUERY,
&tokenHandle
)))
{
if (NT_SUCCESS(PhGetTokenUser(tokenHandle, &user)))
{
if (userName = PhGetSidFullName(user->User.Sid, TRUE, NULL))
{
SetDlgItemText(hwndDlg, IDC_USERNAME, userName->Buffer);
PhDereferenceObject(userName);
}
PhFree(user);
}
NtClose(tokenHandle);
}
NtClose(processHandle);
}
EnableWindow(GetDlgItem(hwndDlg, IDC_USERNAME), FALSE);
EnableWindow(GetDlgItem(hwndDlg, IDC_PASSWORD), FALSE);
EnableWindow(GetDlgItem(hwndDlg, IDC_TYPE), FALSE);
}
SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM)GetDlgItem(hwndDlg, IDC_PROGRAM), TRUE);
Edit_SetSel(GetDlgItem(hwndDlg, IDC_PROGRAM), 0, -1);
//if (!PhGetOwnTokenAttributes().Elevated)
// SendMessage(GetDlgItem(hwndDlg, IDOK), BCM_SETSHIELD, 0, TRUE);
if (!WINDOWS_HAS_UAC)
ShowWindow(GetDlgItem(hwndDlg, IDC_TOGGLEELEVATION), SW_HIDE);
}
break;
case WM_DESTROY:
{
if (context->DesktopList)
PhDereferenceObject(context->DesktopList);
RemoveProp(hwndDlg, PhMakeContextAtom());
}
break;
case WM_COMMAND:
{
switch (LOWORD(wParam))
{
case IDCANCEL:
EndDialog(hwndDlg, IDCANCEL);
break;
case IDOK:
{
NTSTATUS status;
PPH_STRING program;
PPH_STRING userName;
PPH_STRING password;
PPH_STRING logonTypeString;
ULONG logonType;
ULONG sessionId;
PPH_STRING desktopName;
BOOLEAN useLinkedToken;
program = PhaGetDlgItemText(hwndDlg, IDC_PROGRAM);
userName = PhaGetDlgItemText(hwndDlg, IDC_USERNAME);
logonTypeString = PhaGetDlgItemText(hwndDlg, IDC_TYPE);
// Fix up the user name if it doesn't have a domain.
if (PhFindCharInString(userName, 0, '\\') == -1)
{
PSID sid;
PPH_STRING newUserName;
if (NT_SUCCESS(PhLookupName(&userName->sr, &sid, NULL, NULL)))
{
if (newUserName = PH_AUTO(PhGetSidFullName(sid, TRUE, NULL)))
userName = newUserName;
PhFree(sid);
}
}
if (!IsServiceAccount(userName))
password = PhGetWindowText(GetDlgItem(hwndDlg, IDC_PASSWORD));
else
password = NULL;
sessionId = GetDlgItemInt(hwndDlg, IDC_SESSIONID, NULL, FALSE);
desktopName = PhaGetDlgItemText(hwndDlg, IDC_DESKTOP);
if (WINDOWS_HAS_UAC)
useLinkedToken = Button_GetCheck(GetDlgItem(hwndDlg, IDC_TOGGLEELEVATION)) == BST_CHECKED;
else
useLinkedToken = FALSE;
if (PhFindIntegerSiKeyValuePairs(
PhpLogonTypePairs,
sizeof(PhpLogonTypePairs),
logonTypeString->Buffer,
&logonType
))
{
if (
logonType == LOGON32_LOGON_INTERACTIVE &&
!context->ProcessId &&
sessionId == NtCurrentPeb()->SessionId &&
!useLinkedToken
)
{
// We are eligible to load the user profile.
// This must be done here, not in the service, because
// we need to be in the target session.
PH_CREATE_PROCESS_AS_USER_INFO createInfo;
PPH_STRING domainPart;
PPH_STRING userPart;
PhpSplitUserName(userName->Buffer, &domainPart, &userPart);
memset(&createInfo, 0, sizeof(PH_CREATE_PROCESS_AS_USER_INFO));
createInfo.CommandLine = program->Buffer;
createInfo.UserName = userPart->Buffer;
createInfo.DomainName = domainPart->Buffer;
createInfo.Password = PhGetStringOrEmpty(password);
// Whenever we can, try not to set the desktop name; it breaks a lot of things.
// Note that on XP we must set it, otherwise the program doesn't display correctly.
if (WindowsVersion < WINDOWS_VISTA || (desktopName->Length != 0 && !PhEqualString2(desktopName, L"WinSta0\\Default", TRUE)))
createInfo.DesktopName = desktopName->Buffer;
PhSetDesktopWinStaAccess();
status = PhCreateProcessAsUser(
&createInfo,
PH_CREATE_PROCESS_WITH_PROFILE,
NULL,
NULL,
NULL
);
if (domainPart) PhDereferenceObject(domainPart);
if (userPart) PhDereferenceObject(userPart);
}
else
{
status = PhExecuteRunAsCommand2(
hwndDlg,
program->Buffer,
userName->Buffer,
PhGetStringOrEmpty(password),
logonType,
context->ProcessId,
sessionId,
desktopName->Buffer,
useLinkedToken
);
}
}
else
{
status = STATUS_INVALID_PARAMETER;
}
if (password)
{
RtlSecureZeroMemory(password->Buffer, password->Length);
PhDereferenceObject(password);
}
if (!NT_SUCCESS(status))
{
if (status != STATUS_CANCELLED)
PhShowStatus(hwndDlg, L"Unable to start the program", status, 0);
}
else if (status != STATUS_TIMEOUT)
{
PhSetStringSetting2(L"RunAsProgram", &program->sr);
PhSetStringSetting2(L"RunAsUserName", &userName->sr);
EndDialog(hwndDlg, IDOK);
}
}
break;
case IDC_BROWSE:
{
static PH_FILETYPE_FILTER filters[] =
{
{ L"Programs (*.exe;*.pif;*.com;*.bat)", L"*.exe;*.pif;*.com;*.bat" },
{ L"All files (*.*)", L"*.*" }
};
PVOID fileDialog;
fileDialog = PhCreateOpenFileDialog();
PhSetFileDialogFilter(fileDialog, filters, sizeof(filters) / sizeof(PH_FILETYPE_FILTER));
PhSetFileDialogFileName(fileDialog, PhaGetDlgItemText(hwndDlg, IDC_PROGRAM)->Buffer);
if (PhShowFileDialog(hwndDlg, fileDialog))
{
PPH_STRING fileName;
fileName = PhGetFileDialogFileName(fileDialog);
SetDlgItemText(hwndDlg, IDC_PROGRAM, fileName->Buffer);
PhDereferenceObject(fileName);
}
PhFreeFileDialog(fileDialog);
}
break;
case IDC_USERNAME:
{
PPH_STRING userName = NULL;
if (!context->ProcessId && HIWORD(wParam) == CBN_SELCHANGE)
{
userName = PH_AUTO(PhGetComboBoxString(GetDlgItem(hwndDlg, IDC_USERNAME), -1));
}
else if (!context->ProcessId && (
HIWORD(wParam) == CBN_EDITCHANGE ||
HIWORD(wParam) == CBN_CLOSEUP
))
{
userName = PhaGetDlgItemText(hwndDlg, IDC_USERNAME);
}
if (userName)
{
if (IsServiceAccount(userName))
{
EnableWindow(GetDlgItem(hwndDlg, IDC_PASSWORD), FALSE);
// Hack for Windows XP
if (
PhEqualString2(userName, L"NT AUTHORITY\\SYSTEM", TRUE) &&
WindowsVersion <= WINDOWS_XP
)
{
PhSelectComboBoxString(GetDlgItem(hwndDlg, IDC_TYPE), L"New credentials", FALSE);
}
else
{
PhSelectComboBoxString(GetDlgItem(hwndDlg, IDC_TYPE), L"Service", FALSE);
}
}
else
{
EnableWindow(GetDlgItem(hwndDlg, IDC_PASSWORD), TRUE);
PhSelectComboBoxString(GetDlgItem(hwndDlg, IDC_TYPE), L"Interactive", FALSE);
}
}
}
break;
case IDC_SESSIONS:
{
PPH_EMENU sessionsMenu;
PSESSIONIDW sessions;
ULONG numberOfSessions;
ULONG i;
RECT buttonRect;
PPH_EMENU_ITEM selectedItem;
sessionsMenu = PhCreateEMenu();
if (WinStationEnumerateW(NULL, &sessions, &numberOfSessions))
{
for (i = 0; i < numberOfSessions; i++)
{
PPH_STRING menuString;
WINSTATIONINFORMATION winStationInfo;
ULONG returnLength;
if (!WinStationQueryInformationW(
NULL,
sessions[i].SessionId,
WinStationInformation,
&winStationInfo,
sizeof(WINSTATIONINFORMATION),
&returnLength
))
{
winStationInfo.Domain[0] = 0;
winStationInfo.UserName[0] = 0;
}
if (
winStationInfo.UserName[0] != 0 &&
sessions[i].WinStationName[0] != 0
)
{
menuString = PhaFormatString(
L"%u: %s (%s\\%s)",
sessions[i].SessionId,
sessions[i].WinStationName,
winStationInfo.Domain,
winStationInfo.UserName
);
}
else if (winStationInfo.UserName[0] != 0)
{
menuString = PhaFormatString(
L"%u: %s\\%s",
sessions[i].SessionId,
winStationInfo.Domain,
winStationInfo.UserName
);
}
else if (sessions[i].WinStationName[0] != 0)
{
menuString = PhaFormatString(
L"%u: %s",
sessions[i].SessionId,
sessions[i].WinStationName
);
}
else
{
menuString = PhaFormatString(L"%u", sessions[i].SessionId);
}
PhInsertEMenuItem(sessionsMenu,
PhCreateEMenuItem(0, 0, menuString->Buffer, NULL, UlongToPtr(sessions[i].SessionId)), -1);
}
WinStationFreeMemory(sessions);
GetWindowRect(GetDlgItem(hwndDlg, IDC_SESSIONS), &buttonRect);
selectedItem = PhShowEMenu(
sessionsMenu,
hwndDlg,
PH_EMENU_SHOW_LEFTRIGHT,
PH_ALIGN_LEFT | PH_ALIGN_TOP,
buttonRect.right,
buttonRect.top
);
if (selectedItem)
{
SetDlgItemInt(
hwndDlg,
IDC_SESSIONID,
PtrToUlong(selectedItem->Context),
FALSE
);
}
PhDestroyEMenu(sessionsMenu);
}
}
break;
case IDC_DESKTOPS:
{
PPH_EMENU desktopsMenu;
ULONG i;
RECT buttonRect;
PPH_EMENU_ITEM selectedItem;
desktopsMenu = PhCreateEMenu();
if (!context->DesktopList)
context->DesktopList = PhCreateList(10);
context->CurrentWinStaName = GetCurrentWinStaName();
EnumDesktops(GetProcessWindowStation(), EnumDesktopsCallback, (LPARAM)context);
for (i = 0; i < context->DesktopList->Count; i++)
{
PhInsertEMenuItem(
desktopsMenu,
PhCreateEMenuItem(0, 0, ((PPH_STRING)context->DesktopList->Items[i])->Buffer, NULL, NULL),
-1
);
}
GetWindowRect(GetDlgItem(hwndDlg, IDC_DESKTOPS), &buttonRect);
selectedItem = PhShowEMenu(
desktopsMenu,
hwndDlg,
PH_EMENU_SHOW_LEFTRIGHT,
PH_ALIGN_LEFT | PH_ALIGN_TOP,
buttonRect.right,
buttonRect.top
);
if (selectedItem)
{
SetDlgItemText(
hwndDlg,
IDC_DESKTOP,
selectedItem->Text
);
}
for (i = 0; i < context->DesktopList->Count; i++)
PhDereferenceObject(context->DesktopList->Items[i]);
PhClearList(context->DesktopList);
PhDereferenceObject(context->CurrentWinStaName);
PhDestroyEMenu(desktopsMenu);
}
break;
}
}
break;
}
return FALSE;
}
VOID ShowStatusMenu(
_In_ HWND hwndDlg
)
{
PPH_STRING cacheEntryName;
cacheEntryName = PhGetSelectedListViewItemText(ListViewWndHandle);
if (cacheEntryName)
{
POINT cursorPos;
PPH_EMENU menu;
PPH_EMENU_ITEM selectedItem;
GetCursorPos(&cursorPos);
menu = PhCreateEMenu();
PhInsertEMenuItem(menu, PhCreateEMenuItem(0, 1, L"Remove", NULL, NULL), -1);
PhInsertEMenuItem(menu, PhCreateEMenuItem(0, 2, L"Copy Host Name", NULL, NULL), -1);
selectedItem = PhShowEMenu(
menu,
PhMainWndHandle,
PH_EMENU_SHOW_LEFTRIGHT,
PH_ALIGN_LEFT | PH_ALIGN_TOP,
cursorPos.x,
cursorPos.y
);
if (selectedItem && selectedItem->Id != -1)
{
switch (selectedItem->Id)
{
case 1:
{
INT lvItemIndex = PhFindListViewItemByFlags(
ListViewWndHandle,
-1,
LVNI_SELECTED
);
if (lvItemIndex != -1)
{
if (!PhGetIntegerSetting(L"EnableWarnings") || PhShowConfirmMessage(
hwndDlg,
L"remove",
cacheEntryName->Buffer,
NULL,
FALSE
))
{
if (DnsFlushResolverCacheEntry_I(cacheEntryName->Buffer))
{
ExtendedListView_SetRedraw(ListViewWndHandle, FALSE);
ListView_DeleteAllItems(ListViewWndHandle);
EnumDnsCacheTable(ListViewWndHandle);
ExtendedListView_SetRedraw(ListViewWndHandle, TRUE);
}
}
}
}
break;
case 2:
PhSetClipboardString(hwndDlg, &cacheEntryName->sr);
break;
}
}
PhDestroyEMenu(menu);
PhDereferenceObject(cacheEntryName);
}
}
VOID ShowDeviceMenu(
_In_ HWND ParentWindow,
_In_ PPH_STRING DeviceInstance
)
{
POINT cursorPos;
PPH_EMENU menu;
PPH_EMENU_ITEM selectedItem;
GetCursorPos(&cursorPos);
menu = PhCreateEMenu();
//PhInsertEMenuItem(menu, PhCreateEMenuItem(0, 0, L"Enable", NULL, NULL), -1);
//PhInsertEMenuItem(menu, PhCreateEMenuItem(0, 1, L"Disable", NULL, NULL), -1);
//PhInsertEMenuItem(menu, PhCreateEMenuItem(PH_EMENU_SEPARATOR, 0, NULL, NULL, NULL), -1);
PhInsertEMenuItem(menu, PhCreateEMenuItem(0, 1, L"Properties", NULL, NULL), -1);
selectedItem = PhShowEMenu(
menu,
PhMainWndHandle,
PH_EMENU_SHOW_LEFTRIGHT,
PH_ALIGN_LEFT | PH_ALIGN_TOP,
cursorPos.x,
cursorPos.y
);
if (selectedItem && selectedItem->Id != -1)
{
switch (selectedItem->Id)
{
case 1:
{
HMODULE devMgrHandle;
// https://msdn.microsoft.com/en-us/library/ff548181.aspx
VOID (WINAPI *DeviceProperties_RunDLL_I)(
_In_ HWND hwndStub,
_In_ HINSTANCE hAppInstance,
_In_ PWSTR lpCmdLine,
_In_ INT nCmdShow
);
if (devMgrHandle = LoadLibrary(L"devmgr.dll"))
{
if (DeviceProperties_RunDLL_I = PhGetProcedureAddress(devMgrHandle, "DeviceProperties_RunDLLW", 0))
{
// This will sometimes re-throw an RPC error during debugging and can be safely ignored.
DeviceProperties_RunDLL_I(
GetParent(ParentWindow),
NULL,
PhaFormatString(L"/DeviceID %s", DeviceInstance->Buffer)->Buffer,
0
);
}
FreeLibrary(devMgrHandle);
}
}
break;
}
}
PhDestroyEMenu(menu);
}
