Author | SHA1 | Message | Date |
---|---|---|---|
Styris | 63739db83a | Update to v0.7.4 | 6 months ago |
Styris | ddfdcccc04 | Update to v0.7.3 | 6 months ago |
Styris | 4e275d776c | Update to v0.7.2 | 7 months ago |
Styris | 7147425b5d | Update to v0.7.1 | 9 months ago |
Styris | 99ef971638 | Update registry key | 9 months ago |
Styris | 32af7e5629 | Update to v0.7 | 9 months ago |
Styris | 3e27c66924 | Improve and fix CLI | 1 year ago |
Styris | 9f703b5e8f | Update to v0.6.5 | 1 year ago |
Styris | 3cd314ebb2 | Update version | 1 year ago |
@ -1,26 +0,0 @@ | |||||
<?xml version="1.0" encoding="utf-8"?> | |||||
<configuration> | |||||
<startup> | |||||
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.7.2" /> | |||||
</startup> | |||||
<runtime> | |||||
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> | |||||
<dependentAssembly> | |||||
<assemblyIdentity name="System.Runtime.CompilerServices.Unsafe" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" /> | |||||
<bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" /> | |||||
</dependentAssembly> | |||||
<dependentAssembly> | |||||
<assemblyIdentity name="SQLitePCLRaw.core" publicKeyToken="1488e028ca7ab535" culture="neutral" /> | |||||
<bindingRedirect oldVersion="0.0.0.0-2.0.7.1395" newVersion="2.0.7.1395" /> | |||||
</dependentAssembly> | |||||
<dependentAssembly> | |||||
<assemblyIdentity name="System.IO.Compression" publicKeyToken="b77a5c561934e089" culture="neutral" /> | |||||
<bindingRedirect oldVersion="0.0.0.0-4.2.0.0" newVersion="4.2.0.0" /> | |||||
</dependentAssembly> | |||||
<dependentAssembly> | |||||
<assemblyIdentity name="mscorlib" publicKeyToken="b77a5c561934e089" culture="neutral" /> | |||||
<bindingRedirect oldVersion="0.0.0.0-4.0.0.0" newVersion="4.0.0.0" /> | |||||
</dependentAssembly> | |||||
</assemblyBinding> | |||||
</runtime> | |||||
</configuration> |
@ -1,502 +0,0 @@ | |||||
Process Hacker | |||||
2.31 | |||||
* NEW/IMPROVED: | |||||
* Updated ExtendedServices plugin: | |||||
* Fixed some bugs relating to Windows 8 | |||||
* Updated OnlineChecks plugin: | |||||
* Added upload progress | |||||
* Updated UserNotes plugin: | |||||
* Fixed bug where process priorities were not actually saved | |||||
* FIXED: | |||||
* Fixed module list not updating properly | |||||
* DLL enumeration crash | |||||
2.30 | |||||
* NEW/IMPROVED: | |||||
* Added "Icon click toggles visibility" option | |||||
* Re-enabled powerful process termination on 32-bit Windows 8 | |||||
* Updated UserNotes plugin: | |||||
* Added ability to save process priority | |||||
* Added "Only for processes with the same command line" option for process comments | |||||
* FIXED: | |||||
* Fixed crash on CPUs without SSE2 | |||||
2.29 | |||||
* NEW/IMPROVED: | |||||
* Added App ID column for processes | |||||
* Added new ASLR information for Windows 8 | |||||
* Added Restart to Boot Options and Hybrid Shutdown menu items for | |||||
Windows 8 | |||||
* Added ability to specify processes by their names and inject and | |||||
unload DLLs in command line | |||||
* Removed 512 character limit when copying text | |||||
* Moved Terminator to Miscellaneous menu | |||||
* Updated default dbghelp.dll path for Windows SDK v8 | |||||
* Updated ExtendedServices plugin: | |||||
* Added new triggers for Windows 8 | |||||
* Fixed bug when restarting services | |||||
* Updated ExtendedTools plugin: | |||||
* Improved support for multiple GPUs (again) | |||||
* GPU column now respects "Include CPU usage of children" option | |||||
* Updated ToolStatus plugin: | |||||
* Fixed search box fonts | |||||
* Fixed controls not being properly hidden/removed from the window when disabled | |||||
* Updated WindowExplorer plugin: | |||||
* Fixed window list not displaying Modern UI windows | |||||
* FIXED: | |||||
* Fixed Load Count column sorting bug | |||||
* Fixed signature verification on Windows 8 | |||||
* Fixed task scheduler information on Windows 8 | |||||
* Fixed drag bug in tree list | |||||
* Fixed KProcessHacker bug affecting TmTx objects | |||||
* Fixed Run As feature on Windows 8 | |||||
* Fixed bug where -settings parameter is not propagated | |||||
* Fixed tab key behavior on main window | |||||
* Fixed recognition of Modern UI windows | |||||
2.28 | |||||
* NEW/IMPROVED: | |||||
* peview now resolves .lnk targets | |||||
* Fixed Ctrl+A for processes, services and network connections and | |||||
added Ctrl+A for other windows | |||||
* Changed confirmation prompts to select the destructive action by | |||||
default | |||||
* Updated DotNetTools plugin: | |||||
* Fixed inaccurate stack traces for certain .NET programs | |||||
* Updated ExtendedTools plugin: | |||||
* Fixed network graph scaling | |||||
* Updated ToolStatus plugin: | |||||
* Added search box | |||||
* Updated Updater plugin | |||||
* FIXED: | |||||
* Fixed Verification Status column sorting bug in module list | |||||
* Fixed rare System Information crash | |||||
* Fixed bug in opening process handles | |||||
* Fixed freezing when viewing stack traces of certain system threads | |||||
2.27 | |||||
* NEW/IMPROVED: | |||||
* Updated OnlineChecks plugin: | |||||
* 2012-01-16: Updated VirusTotal uploader and added hash checking | |||||
* FIXED: | |||||
* Fixed Description column sorting bug | |||||
* Fixed notification icon bug | |||||
2.26 | |||||
* NEW/IMPROVED: | |||||
* Added option to show Commit Charge in system information | |||||
summary view | |||||
* Added -priority and -selectpid command line options | |||||
* Updated ExtendedTools plugin: | |||||
* Improved support for multiple GPUs | |||||
* FIXED: | |||||
* Fixed 100% CPU when starting on some machines | |||||
2.25 | |||||
* NEW/IMPROVED: | |||||
* Improved CPU frequency calculation | |||||
* Updated ExtendedTools plugin: | |||||
* Added GPU node selection | |||||
* Fixed incorrect GPU usage calculation | |||||
* FIXED: | |||||
* Graph tooltip position with large cursors | |||||
* Fixed .NET process detection | |||||
* Fixed incorrect values in Bits column | |||||
2.24 | |||||
* NOTE: | |||||
* This release has significant internal code changes. Please | |||||
make sure all plugins are up-to-date. | |||||
* NEW/IMPROVED: | |||||
* Completely new system information window | |||||
* Added option to scroll to new processes | |||||
* Added option to hide driver services | |||||
* Added menu item to copy individual cells | |||||
* Improved module scanning | |||||
* Added Start Task Manager menu item | |||||
* Added Image base to peview | |||||
* Updated ExtendedTools plugin: | |||||
* Added support for new system information window | |||||
* Added Disk, Network and GPU tray icons | |||||
* Added support for custom fonts in the Disk tab | |||||
* Updated Updater plugin: | |||||
* Added download speed | |||||
* Added remaining time | |||||
* FIXED: | |||||
* Fixed retrieval of version information for certain files | |||||
* Fixed driver file names on Windows XP | |||||
* Fixed Run As Administrator when used with complex commands | |||||
2.23 | |||||
* NEW/IMPROVED: | |||||
* Added display of token capabilities, user/device claims | |||||
and security attributes | |||||
* Added ability to change token integrity levels | |||||
* Added Description column to service list | |||||
* Added option to reset all settings | |||||
* Made grid color darker | |||||
* Enabled multi-selection in the hidden processes window | |||||
* Added UserNotes plugin | |||||
* Updated ExtendedNotifications plugin: | |||||
* Added Growl support | |||||
* Updated ExtendedTools plugin: | |||||
* Added GPU monitoring | |||||
* Added rate columns for disk and network I/O | |||||
* FIXED: | |||||
* Fixed copying lists when plugin columns are enabled | |||||
* Freezing when viewing the tooltip for a process with a | |||||
very long command line | |||||
* Disabled Hidden Processes feature on 64-bit systems | |||||
2.22 | |||||
* NEW/IMPROVED: | |||||
* Added highlighting for metro style apps | |||||
* Added Package Name column | |||||
* Added package name to process tooltip | |||||
* Improved .NET process detection | |||||
* Updated OS Context column for Windows 8 | |||||
* Updated ExtendedTools plugin: | |||||
* Updated disk monitoring for Windows 8 | |||||
* Updated memory list information for Windows 8 | |||||
* Updated WindowExplorer plugin: | |||||
* Fixed hook support for low integrity processes | |||||
* FIXED: | |||||
* Fixed memory leaks | |||||
* Fixed bug preventing Interrupts/DPCs from being shown | |||||
as the max. CPU process on 64-bit systems | |||||
* Fixed DEP Status column on 64-bit systems | |||||
2.21 | |||||
* NEW/IMPROVED: | |||||
* Added Private Bytes Delta, ASLR and Subsystem columns | |||||
* Added ASLR and Time Stamp columns to modules list | |||||
* Added check for debugger in Terminator | |||||
* FIXED: | |||||
* Fixed Show CPU Below 0.01 not respecting locale | |||||
* Fixed copying from network list | |||||
2.20 | |||||
* NEW/IMPROVED: | |||||
* Added support for managed thread stacks on x64 | |||||
* Added column selection for handle list | |||||
* Added CPU column to threads list | |||||
* Improved module detection | |||||
* Added Ideal Processor to Threads tab | |||||
* Added pool usage and minimum/maximum working set columns | |||||
* Implemented Properties button for Thread handles | |||||
* Set descending sort as the default for most numeric columns | |||||
* Extended header context menu | |||||
* Removed tooltip text truncation | |||||
* Improved cycle-based CPU usage calculation | |||||
* Set default KProcessHacker security level to only allow | |||||
connections when Process Hacker is running as administrator. | |||||
See README.txt for instructions on how to restore the old | |||||
behavior. | |||||
* Added Updater plugin | |||||
* Updated DotNetTools plugin: | |||||
* Added managed symbol resolution for thread stacks | |||||
* Updated ExtendedTools plugin: | |||||
* Added Disk tab | |||||
* Added Hard Faults, Hard Faults Delta and Peak Threads | |||||
columns to process tree list | |||||
* Added Firewall Status column | |||||
* FIXED: | |||||
* Fixed file name resolution bug | |||||
* Save settings on shutdown/logoff | |||||
* Fixed state highlighting bug | |||||
* Fixed command line propagation for -elevate | |||||
* Fixed tree list mouse wheel handling | |||||
* Fixed saving network list | |||||
2.19 | |||||
* NEW/IMPROVED: | |||||
* Added cycle-based CPU usage for Windows 7 | |||||
* Added Show CPU Below 0.01 | |||||
* Added OS Context column | |||||
* Rewrote graph drawing code for improved performance | |||||
* Optimized retrieval of cycle time and private working set | |||||
information for Windows 7 | |||||
* Added Open File Location to process context menu and | |||||
reorganized some items | |||||
* Added checkboxes to Terminator | |||||
* FIXED: | |||||
* Crash when sorting by Time Stamp | |||||
* GDI handle leak in drag selection | |||||
2.18 | |||||
* NEW/IMPROVED: | |||||
* Completely rewritten tree list control: | |||||
* Process Name column is now fixed to the left | |||||
* Tooltips for column headers | |||||
* Improved performance | |||||
* Bug fixes | |||||
* Added more process tree list columns | |||||
* Added Time stamp column to network list | |||||
* Date/time display is now swapped (so time is shown before | |||||
date) | |||||
* Added W3 terminator test | |||||
* Added DotNetTools plugin | |||||
* Updated ExtendedServices plugin: | |||||
* Disabled editing of required privileges for drivers | |||||
* Updated ExtendedTools plugin: | |||||
* Added ETW columns for processes and network connections | |||||
* Updated OnlineChecks plugin: | |||||
* Added Comodo Instant Malware Analysis | |||||
* Updated WindowExplorer plugin: | |||||
* Fixed hook bugs | |||||
* FIXED: | |||||
* Fixed Run As This User | |||||
* Verification Status sorting | |||||
2.17 | |||||
* NEW/IMPROVED: | |||||
* Added support for setting page priority | |||||
* Added elevation support for setting priority | |||||
* Added support for automatically using a settings file in | |||||
the program directory (e.g. ProcessHacker.exe.settings.xml) | |||||
* Improved Run As mechanism | |||||
* Updated ExtendedServices plugin: | |||||
* Added support for editing triggers | |||||
* Added support for editing preshutdown time-out | |||||
* Added support for editing required privileges | |||||
* Added elevation support for restarting services | |||||
* Updated WindowExplorer plugin: | |||||
* Added more window properties | |||||
* FIXED: | |||||
* Handle leak | |||||
2.16 | |||||
* NEW/IMPROVED: | |||||
* Updated WindowExplorer plugin | |||||
* PE viewer: Added version string to CLR tab | |||||
* PE viewer: Added display of delay imports | |||||
* PE viewer: Added Load Config tab | |||||
* Improved wait analysis | |||||
* Added arrows to the service list to indicate whether a | |||||
service is running | |||||
* FIXED: | |||||
* Fixed the IPv6-related workaround causing crashes | |||||
* Incorrect handling of window positions | |||||
2.15 | |||||
* NEW/IMPROVED: | |||||
* Updated ExtendedServices plugin | |||||
* Updated ToolStatus plugin | |||||
* Added DEP Status column | |||||
* Improved User Name column | |||||
* FIXED: | |||||
* Image file versions | |||||
* Workaround for an IPv6-related bug in Windows XP | |||||
* DPCs and Interrupts in System Information tooltips | |||||
* File dialog crash on Windows XP | |||||
* ExtendedTools plugin: WS Watch refresh bug | |||||
2.14 | |||||
* NEW/IMPROVED: | |||||
* ExtendedServices plugin: Option to add a Services menu | |||||
for processes | |||||
* Command line support for setting process priority and | |||||
I/O priority | |||||
* Improved termination of explorer.exe | |||||
* FIXED: | |||||
* Icon should restore the main window if it is minimized | |||||
* System Information window crashes | |||||
* Hide Processes From Other Users and Hide Signed Processes | |||||
settings are now saved | |||||
* Font selection on Windows XP | |||||
* ToolStatus plugin: Always on Top status being reset by | |||||
Find Window | |||||
* Service-related crashes | |||||
* WindowExplorer plugin: sorting in tree list | |||||
* Process minidump creation with old versions of dbghelp.dll | |||||
2.13 | |||||
* NEW/IMPROVED: | |||||
* Added copy support to PE viewer | |||||
* Added Connect Time, Disconnect Time and Last Input Time | |||||
to session properties | |||||
* Added more working set counters to the Statistics tab | |||||
* FIXED: | |||||
* Column sort arrows | |||||
* CPU usage calculations | |||||
2.12 | |||||
* NEW/IMPROVED: | |||||
* Updated KProcessHacker for Windows 7 SP1 | |||||
* Added elevation support for more actions | |||||
* Added ability to disable plugins | |||||
* Updated ToolStatus plugin | |||||
* Added Remote Control for sessions | |||||
* More command line options | |||||
* FIXED: | |||||
* Memory leaks | |||||
* Run As issues with different sessions | |||||
2.11 | |||||
* NEW/IMPROVED: | |||||
* Added WS Watch and other features to ExtendedTools | |||||
plugin | |||||
* Added WindowExplorer plugin | |||||
* Properties for hidden processes | |||||
* Improved menus | |||||
* Debug console can now be closed without affecting the | |||||
entire program | |||||
* FIXED: | |||||
* Always on Top issues | |||||
* Hang when setting DEP status of a terminating process | |||||
* Encoding bug in NetworkTools plugin | |||||
* LSA interfacing issues | |||||
* Creating dumps of self | |||||
2.10 | |||||
* NEW/IMPROVED: | |||||
* KProcessHacker is now signed, so it works on 64-bit | |||||
systems. Thank you to the ReactOS Foundation. | |||||
* Added Run As Limited User | |||||
* Added CPU, private bytes and I/O history columns | |||||
* Added font selection | |||||
* Slightly improved highlighting configuration | |||||
* FIXED: | |||||
* High DPI support | |||||
* Multi-monitor support in graph tooltips | |||||
* DEP status retrieval | |||||
* ExtendedTools plugin crash | |||||
* Notification icon menu crash | |||||
* Memory leaks | |||||
* Other small bug fixes | |||||
2.9 | |||||
* NEW/IMPROVED: | |||||
* Added column selection for modules list | |||||
* Added wait analysis for 64-bit systems | |||||
* Added signature verification for modules | |||||
* Added ExtendedTools plugin (Vista and above only) | |||||
with Disk and Network information | |||||
* Updated ExtendedNotifications plugin: added ability | |||||
to log events to a file | |||||
* Updated ExtendedServices plugin: new tab on Vista | |||||
and above | |||||
* Updated ToolStatus plugin: resolves ghost windows | |||||
to hung windows | |||||
* Environment variables and current directory are | |||||
now correctly shown for WOW64 processes | |||||
* I/O priority names are now used instead of numbers | |||||
* FIXED: | |||||
* Network list bug | |||||
* Memory leaks | |||||
2.8 | |||||
* NEW/IMPROVED: | |||||
* Better service list (including column selection) | |||||
* Added Peak Handles | |||||
* Process tree sorting is now preserved | |||||
* Save works for services and network connections | |||||
* Pausing now works correctly with the Network tab | |||||
* Added option to display inclusive CPU usages for | |||||
collapsed processes | |||||
* Added CLR tab to peview | |||||
* Added ability to destroy heaps | |||||
* Improved process tree list appearance | |||||
* Certain command line parameters are now propagated | |||||
* FIXED: | |||||
* Icon handling bugs | |||||
* Memory leaks | |||||
* Extended tooltips for WOW64 processes | |||||
2.7 | |||||
* NEW/IMPROVED: | |||||
* Vastly improved startup time and lower memory usage | |||||
* Added Cycles and Cycles Delta columns | |||||
* Added option to disable address resolution for | |||||
network connections | |||||
* Added Logon Time to session properties | |||||
* Added time stamp display to peview | |||||
* FIXED: | |||||
* ToolStatus layout problems | |||||
* .NET highlighting crashes | |||||
* Run As on Windows XP | |||||
2.6 | |||||
* NEW/IMPROVED: | |||||
* Sorting for most lists is now much faster | |||||
* Hide Signed Processes option | |||||
* Added plugin for uploading files to online virus | |||||
scanners | |||||
* Added Network tools plugin | |||||
* Updated ExtendedServices plugin | |||||
* PE viewer now verifies checksums | |||||
* Performance improvements | |||||
* FIXED: | |||||
* Fixed service handle leak | |||||
2.5 | |||||
* NEW/IMPROVED: | |||||
* Unmap section views in Memory tab | |||||
* Plugin for extended service information (including | |||||
recovery information, dependencies and dependents) | |||||
* FIXED: | |||||
* Critical bug for file dialogs on Windows XP | |||||
* Esc couldn't close Service Properties on open | |||||
* Small bug fixes | |||||
2.4 | |||||
* NEW/IMPROVED: | |||||
* Better Run As behaviour | |||||
* Show Processes From All Users option | |||||
* Can now unmap section views | |||||
* Control over thread affinity | |||||
* Window Title and Window Status columns | |||||
* Plugin for filtering notifications | |||||
* Plugin for toolbar and status bar | |||||
* Performance improvements | |||||
* FIXED: | |||||
* Memory leak | |||||
* SbieSupport plugin on 64-bit | |||||
* Crash when running under certain conditions | |||||
* Memory case-insensitive filter | |||||
* Process parent association bug | |||||
* REMOVED: | |||||
* Process database | |||||
2.3 | |||||
* NEW/IMPROVED: | |||||
* Can add processes to jobs | |||||
* Double-clicking in the system information graphs now opens | |||||
information for the relevant process | |||||
* Setting I/O priority doesn't need KProcessHacker anymore | |||||
* Elevation for certain actions | |||||
* FIXED: | |||||
* HKCU key name resolution | |||||
* Network connection host resolution | |||||
* Information window resizing | |||||
* Log clearing | |||||
2.2 | |||||
* NEW/IMPROVED: | |||||
* Plugins support | |||||
* Can now unload 32-bit modules on 64-bit systems | |||||
* Tasks are shown in tooltips for taskeng.exe/taskhost.exe processes | |||||
* Run As can now start processes elevated | |||||
* Handle count by type | |||||
* Process priorities in notification icon menu | |||||
* CSV export | |||||
* Relative start times | |||||
* FIXED: | |||||
* Run and Run As shortcuts | |||||
* Command line handling | |||||
* Process tree selection | |||||
2.1 | |||||
* NEW/IMPROVED: | |||||
* Add Pause key shortcut to pause/resume updates | |||||
* Added Ctrl+Tab and Ctrl+Shift+Tab shortcuts | |||||
* Grid is a bit darker | |||||
* Checks for digital signatures and packing is now | |||||
off by default and optional | |||||
* FIXED: | |||||
* MD5 calculation code for files was wrong | |||||
* Process record bugs | |||||
2.0 | |||||
* First release in the Process Hacker 2.x branch. |
@ -1,132 +0,0 @@ | |||||
== Process Hacker == | |||||
Process Hacker is licensed under the GNU GPL v3, with exceptions. A full | |||||
copy of the license is provided in LICENSE.txt. | |||||
Copyright (C) 2009-2012 wj32 and various authors | |||||
This program is free software: you can redistribute it and/or modify | |||||
it under the terms of the GNU General Public License as published by | |||||
the Free Software Foundation, either version 3 of the License, or | |||||
(at your option) any later version. | |||||
This program is distributed in the hope that it will be useful, | |||||
but WITHOUT ANY WARRANTY; without even the implied warranty of | |||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |||||
GNU General Public License for more details. | |||||
You should have received a copy of the GNU General Public License | |||||
along with this program. If not, see <http://www.gnu.org/licenses/>. | |||||
== Mini-XML == | |||||
Process Hacker uses Mini-XML licensed under the following terms: | |||||
The Mini-XML library and included programs are provided under the | |||||
terms of the GNU Library General Public License (LGPL) with the | |||||
following exceptions: | |||||
1. Static linking of applications to the Mini-XML library | |||||
does not constitute a derivative work and does not require | |||||
the author to provide source code for the application, use | |||||
the shared Mini-XML libraries, or link their applications | |||||
against a user-supplied version of Mini-XML. | |||||
If you link the application to a modified version of | |||||
Mini-XML, then the changes to Mini-XML must be provided | |||||
under the terms of the LGPL in sections 1, 2, and 4. | |||||
2. You do not have to provide a copy of the Mini-XML license | |||||
with programs that are linked to the Mini-XML library, nor | |||||
do you have to identify the Mini-XML license in your | |||||
program or documentation as required by section 6 of the | |||||
LGPL. | |||||
== PCRE == | |||||
Process Hacker uses Perl-Compatible Regular Expressions licensed under the | |||||
following terms: | |||||
PCRE is a library of functions to support regular expressions whose syntax | |||||
and semantics are as close as possible to those of the Perl 5 language. | |||||
Release 8 of PCRE is distributed under the terms of the "BSD" licence, as | |||||
specified below. | |||||
Redistribution and use in source and binary forms, with or without | |||||
modification, are permitted provided that the following conditions are met: | |||||
* Redistributions of source code must retain the above copyright notice, | |||||
this list of conditions and the following disclaimer. | |||||
* Redistributions in binary form must reproduce the above copyright | |||||
notice, this list of conditions and the following disclaimer in the | |||||
documentation and/or other materials provided with the distribution. | |||||
* Neither the name of the University of Cambridge nor the name of Google | |||||
Inc. nor the names of their contributors may be used to endorse or | |||||
promote products derived from this software without specific prior | |||||
written permission. | |||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | |||||
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |||||
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |||||
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE | |||||
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |||||
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | |||||
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | |||||
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN | |||||
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |||||
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | |||||
POSSIBILITY OF SUCH DAMAGE. | |||||
== MD5 == | |||||
Process Hacker uses a MD5 implementation licensed under the following terms: | |||||
MD5 hash implementation and interface functions | |||||
Copyright (c) 2003-2005, Jouni Malinen <jkmaline@cc.hut.fi> | |||||
This program is free software; you can redistribute it and/or modify | |||||
it under the terms of the GNU General Public License version 2 as | |||||
published by the Free Software Foundation. | |||||
== SHA == | |||||
Process Hacker uses a SHA implementation licensed under the following terms: | |||||
Copyright 2004 Filip Navara | |||||
Based on public domain SHA code by Steve Reid <steve@edmweb.com> | |||||
This library is free software; you can redistribute it and/or | |||||
modify it under the terms of the GNU Lesser General Public | |||||
License as published by the Free Software Foundation; either | |||||
version 2.1 of the License, or (at your option) any later version. | |||||
This library is distributed in the hope that it will be useful, | |||||
but WITHOUT ANY WARRANTY; without even the implied warranty of | |||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||||
Lesser General Public License for more details. | |||||
You should have received a copy of the GNU Lesser General Public | |||||
License along with this library; if not, write to the Free Software | |||||
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA | |||||
== Natural order string comparison == | |||||
Process Hacker uses "strnatcmp.c" licensed under the following terms: | |||||
strnatcmp.c -- Perform 'natural order' comparisons of strings in C. | |||||
Copyright (C) 2000, 2004 by Martin Pool <mbp sourcefrog net> | |||||
This software is provided 'as-is', without any express or implied | |||||
warranty. In no event will the authors be held liable for any damages | |||||
arising from the use of this software. | |||||
Permission is granted to anyone to use this software for any purpose, | |||||
including commercial applications, and to alter it and redistribute it | |||||
freely, subject to the following restrictions: | |||||
1. The origin of this software must not be misrepresented; you must not | |||||
claim that you wrote the original software. If you use this software | |||||
in a product, an acknowledgment in the product documentation would be | |||||
appreciated but is not required. | |||||
2. Altered source versions must be plainly marked as such, and must not be | |||||
misrepresented as being the original software. | |||||
3. This notice may not be removed or altered from any source distribution. | |||||
This code has been modified for Process Hacker. |
@ -1,685 +0,0 @@ | |||||
Process Hacker is distributed under the GNU GPL version 3, with the | |||||
following exception: | |||||
Permission is granted to dynamically (but not statically) link this | |||||
program with independent modules, regardless of the license terms of | |||||
these independent modules, provided that this program is not modified | |||||
in any way. An independent module is a module which is not derived | |||||
from or based on this program. If you modify this program, this | |||||
additional permission no longer applies unless authorized by the | |||||
copyright holders. | |||||
GNU GENERAL PUBLIC LICENSE | |||||
Version 3, 29 June 2007 | |||||
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/> | |||||
Everyone is permitted to copy and distribute verbatim copies | |||||
of this license document, but changing it is not allowed. | |||||
Preamble | |||||
The GNU General Public License is a free, copyleft license for | |||||
software and other kinds of works. | |||||
The licenses for most software and other practical works are designed | |||||
to take away your freedom to share and change the works. By contrast, | |||||
the GNU General Public License is intended to guarantee your freedom to | |||||
share and change all versions of a program--to make sure it remains free | |||||
software for all its users. We, the Free Software Foundation, use the | |||||
GNU General Public License for most of our software; it applies also to | |||||
any other work released this way by its authors. You can apply it to | |||||
your programs, too. | |||||
When we speak of free software, we are referring to freedom, not | |||||
price. Our General Public Licenses are designed to make sure that you | |||||
have the freedom to distribute copies of free software (and charge for | |||||
them if you wish), that you receive source code or can get it if you | |||||
want it, that you can change the software or use pieces of it in new | |||||
free programs, and that you know you can do these things. | |||||
To protect your rights, we need to prevent others from denying you | |||||
these rights or asking you to surrender the rights. Therefore, you have | |||||
certain responsibilities if you distribute copies of the software, or if | |||||
you modify it: responsibilities to respect the freedom of others. | |||||
For example, if you distribute copies of such a program, whether | |||||
gratis or for a fee, you must pass on to the recipients the same | |||||
freedoms that you received. You must make sure that they, too, receive | |||||
or can get the source code. And you must show them these terms so they | |||||
know their rights. | |||||
Developers that use the GNU GPL protect your rights with two steps: | |||||
(1) assert copyright on the software, and (2) offer you this License | |||||
giving you legal permission to copy, distribute and/or modify it. | |||||
For the developers' and authors' protection, the GPL clearly explains | |||||
that there is no warranty for this free software. For both users' and | |||||
authors' sake, the GPL requires that modified versions be marked as | |||||
changed, so that their problems will not be attributed erroneously to | |||||
authors of previous versions. | |||||
Some devices are designed to deny users access to install or run | |||||
modified versions of the software inside them, although the manufacturer | |||||
can do so. This is fundamentally incompatible with the aim of | |||||
protecting users' freedom to change the software. The systematic | |||||
pattern of such abuse occurs in the area of products for individuals to | |||||
use, which is precisely where it is most unacceptable. Therefore, we | |||||
have designed this version of the GPL to prohibit the practice for those | |||||
products. If such problems arise substantially in other domains, we | |||||
stand ready to extend this provision to those domains in future versions | |||||
of the GPL, as needed to protect the freedom of users. | |||||
Finally, every program is threatened constantly by software patents. | |||||
States should not allow patents to restrict development and use of | |||||
software on general-purpose computers, but in those that do, we wish to | |||||
avoid the special danger that patents applied to a free program could | |||||
make it effectively proprietary. To prevent this, the GPL assures that | |||||
patents cannot be used to render the program non-free. | |||||
The precise terms and conditions for copying, distribution and | |||||
modification follow. | |||||
TERMS AND CONDITIONS | |||||
0. Definitions. | |||||
"This License" refers to version 3 of the GNU General Public License. | |||||
"Copyright" also means copyright-like laws that apply to other kinds of | |||||
works, such as semiconductor masks. | |||||
"The Program" refers to any copyrightable work licensed under this | |||||
License. Each licensee is addressed as "you". "Licensees" and | |||||
"recipients" may be individuals or organizations. | |||||
To "modify" a work means to copy from or adapt all or part of the work | |||||
in a fashion requiring copyright permission, other than the making of an | |||||
exact copy. The resulting work is called a "modified version" of the | |||||
earlier work or a work "based on" the earlier work. | |||||
A "covered work" means either the unmodified Program or a work based | |||||
on the Program. | |||||
To "propagate" a work means to do anything with it that, without | |||||
permission, would make you directly or secondarily liable for | |||||
infringement under applicable copyright law, except executing it on a | |||||
computer or modifying a private copy. Propagation includes copying, | |||||
distribution (with or without modification), making available to the | |||||
public, and in some countries other activities as well. | |||||
To "convey" a work means any kind of propagation that enables other | |||||
parties to make or receive copies. Mere interaction with a user through | |||||
a computer network, with no transfer of a copy, is not conveying. | |||||
An interactive user interface displays "Appropriate Legal Notices" | |||||
to the extent that it includes a convenient and prominently visible | |||||
feature that (1) displays an appropriate copyright notice, and (2) | |||||
tells the user that there is no warranty for the work (except to the | |||||
extent that warranties are provided), that licensees may convey the | |||||
work under this License, and how to view a copy of this License. If | |||||
the interface presents a list of user commands or options, such as a | |||||
menu, a prominent item in the list meets this criterion. | |||||
1. Source Code. | |||||
The "source code" for a work means the preferred form of the work | |||||
for making modifications to it. "Object code" means any non-source | |||||
form of a work. | |||||
A "Standard Interface" means an interface that either is an official | |||||
standard defined by a recognized standards body, or, in the case of | |||||
interfaces specified for a particular programming language, one that | |||||
is widely used among developers working in that language. | |||||
The "System Libraries" of an executable work include anything, other | |||||
than the work as a whole, that (a) is included in the normal form of | |||||
packaging a Major Component, but which is not part of that Major | |||||
Component, and (b) serves only to enable use of the work with that | |||||
Major Component, or to implement a Standard Interface for which an | |||||
implementation is available to the public in source code form. A | |||||
"Major Component", in this context, means a major essential component | |||||
(kernel, window system, and so on) of the specific operating system | |||||
(if any) on which the executable work runs, or a compiler used to | |||||
produce the work, or an object code interpreter used to run it. | |||||
The "Corresponding Source" for a work in object code form means all | |||||
the source code needed to generate, install, and (for an executable | |||||
work) run the object code and to modify the work, including scripts to | |||||
control those activities. However, it does not include the work's | |||||
System Libraries, or general-purpose tools or generally available free | |||||
programs which are used unmodified in performing those activities but | |||||
which are not part of the work. For example, Corresponding Source | |||||
includes interface definition files associated with source files for | |||||
the work, and the source code for shared libraries and dynamically | |||||
linked subprograms that the work is specifically designed to require, | |||||
such as by intimate data communication or control flow between those | |||||
subprograms and other parts of the work. | |||||
The Corresponding Source need not include anything that users | |||||
can regenerate automatically from other parts of the Corresponding | |||||
Source. | |||||
The Corresponding Source for a work in source code form is that | |||||
same work. | |||||
2. Basic Permissions. | |||||
All rights granted under this License are granted for the term of | |||||
copyright on the Program, and are irrevocable provided the stated | |||||
conditions are met. This License explicitly affirms your unlimited | |||||
permission to run the unmodified Program. The output from running a | |||||
covered work is covered by this License only if the output, given its | |||||
content, constitutes a covered work. This License acknowledges your | |||||
rights of fair use or other equivalent, as provided by copyright law. | |||||
You may make, run and propagate covered works that you do not | |||||
convey, without conditions so long as your license otherwise remains | |||||
in force. You may convey covered works to others for the sole purpose | |||||
of having them make modifications exclusively for you, or provide you | |||||
with facilities for running those works, provided that you comply with | |||||
the terms of this License in conveying all material for which you do | |||||
not control copyright. Those thus making or running the covered works | |||||
for you must do so exclusively on your behalf, under your direction | |||||
and control, on terms that prohibit them from making any copies of | |||||
your copyrighted material outside their relationship with you. | |||||
Conveying under any other circumstances is permitted solely under | |||||
the conditions stated below. Sublicensing is not allowed; section 10 | |||||
makes it unnecessary. | |||||
3. Protecting Users' Legal Rights From Anti-Circumvention Law. | |||||
No covered work shall be deemed part of an effective technological | |||||
measure under any applicable law fulfilling obligations under article | |||||
11 of the WIPO copyright treaty adopted on 20 December 1996, or | |||||
similar laws prohibiting or restricting circumvention of such | |||||
measures. | |||||
When you convey a covered work, you waive any legal power to forbid | |||||
circumvention of technological measures to the extent such circumvention | |||||
is effected by exercising rights under this License with respect to | |||||
the covered work, and you disclaim any intention to limit operation or | |||||
modification of the work as a means of enforcing, against the work's | |||||
users, your or third parties' legal rights to forbid circumvention of | |||||
technological measures. | |||||
4. Conveying Verbatim Copies. | |||||
You may convey verbatim copies of the Program's source code as you | |||||
receive it, in any medium, provided that you conspicuously and | |||||
appropriately publish on each copy an appropriate copyright notice; | |||||
keep intact all notices stating that this License and any | |||||
non-permissive terms added in accord with section 7 apply to the code; | |||||
keep intact all notices of the absence of any warranty; and give all | |||||
recipients a copy of this License along with the Program. | |||||
You may charge any price or no price for each copy that you convey, | |||||
and you may offer support or warranty protection for a fee. | |||||
5. Conveying Modified Source Versions. | |||||
You may convey a work based on the Program, or the modifications to | |||||
produce it from the Program, in the form of source code under the | |||||
terms of section 4, provided that you also meet all of these conditions: | |||||
a) The work must carry prominent notices stating that you modified | |||||
it, and giving a relevant date. | |||||
b) The work must carry prominent notices stating that it is | |||||
released under this License and any conditions added under section | |||||
7. This requirement modifies the requirement in section 4 to | |||||
"keep intact all notices". | |||||
c) You must license the entire work, as a whole, under this | |||||
License to anyone who comes into possession of a copy. This | |||||
License will therefore apply, along with any applicable section 7 | |||||
additional terms, to the whole of the work, and all its parts, | |||||
regardless of how they are packaged. This License gives no | |||||
permission to license the work in any other way, but it does not | |||||
invalidate such permission if you have separately received it. | |||||
d) If the work has interactive user interfaces, each must display | |||||
Appropriate Legal Notices; however, if the Program has interactive | |||||
interfaces that do not display Appropriate Legal Notices, your | |||||
work need not make them do so. | |||||
A compilation of a covered work with other separate and independent | |||||
works, which are not by their nature extensions of the covered work, | |||||
and which are not combined with it such as to form a larger program, | |||||
in or on a volume of a storage or distribution medium, is called an | |||||
"aggregate" if the compilation and its resulting copyright are not | |||||
used to limit the access or legal rights of the compilation's users | |||||
beyond what the individual works permit. Inclusion of a covered work | |||||
in an aggregate does not cause this License to apply to the other | |||||
parts of the aggregate. | |||||
6. Conveying Non-Source Forms. | |||||
You may convey a covered work in object code form under the terms | |||||
of sections 4 and 5, provided that you also convey the | |||||
machine-readable Corresponding Source under the terms of this License, | |||||
in one of these ways: | |||||
a) Convey the object code in, or embodied in, a physical product | |||||
(including a physical distribution medium), accompanied by the | |||||
Corresponding Source fixed on a durable physical medium | |||||
customarily used for software interchange. | |||||
b) Convey the object code in, or embodied in, a physical product | |||||
(including a physical distribution medium), accompanied by a | |||||
written offer, valid for at least three years and valid for as | |||||
long as you offer spare parts or customer support for that product | |||||
model, to give anyone who possesses the object code either (1) a | |||||
copy of the Corresponding Source for all the software in the | |||||
product that is covered by this License, on a durable physical | |||||
medium customarily used for software interchange, for a price no | |||||
more than your reasonable cost of physically performing this | |||||
conveying of source, or (2) access to copy the | |||||
Corresponding Source from a network server at no charge. | |||||
c) Convey individual copies of the object code with a copy of the | |||||
written offer to provide the Corresponding Source. This | |||||
alternative is allowed only occasionally and noncommercially, and | |||||
only if you received the object code with such an offer, in accord | |||||
with subsection 6b. | |||||
d) Convey the object code by offering access from a designated | |||||
place (gratis or for a charge), and offer equivalent access to the | |||||
Corresponding Source in the same way through the same place at no | |||||
further charge. You need not require recipients to copy the | |||||
Corresponding Source along with the object code. If the place to | |||||
copy the object code is a network server, the Corresponding Source | |||||
may be on a different server (operated by you or a third party) | |||||
that supports equivalent copying facilities, provided you maintain | |||||
clear directions next to the object code saying where to find the | |||||
Corresponding Source. Regardless of what server hosts the | |||||
Corresponding Source, you remain obligated to ensure that it is | |||||
available for as long as needed to satisfy these requirements. | |||||
e) Convey the object code using peer-to-peer transmission, provided | |||||
you inform other peers where the object code and Corresponding | |||||
Source of the work are being offered to the general public at no | |||||
charge under subsection 6d. | |||||
A separable portion of the object code, whose source code is excluded | |||||
from the Corresponding Source as a System Library, need not be | |||||
included in conveying the object code work. | |||||
A "User Product" is either (1) a "consumer product", which means any | |||||
tangible personal property which is normally used for personal, family, | |||||
or household purposes, or (2) anything designed or sold for incorporation | |||||
into a dwelling. In determining whether a product is a consumer product, | |||||
doubtful cases shall be resolved in favor of coverage. For a particular | |||||
product received by a particular user, "normally used" refers to a | |||||
typical or common use of that class of product, regardless of the status | |||||
of the particular user or of the way in which the particular user | |||||
actually uses, or expects or is expected to use, the product. A product | |||||
is a consumer product regardless of whether the product has substantial | |||||
commercial, industrial or non-consumer uses, unless such uses represent | |||||
the only significant mode of use of the product. | |||||
"Installation Information" for a User Product means any methods, | |||||
procedures, authorization keys, or other information required to install | |||||
and execute modified versions of a covered work in that User Product from | |||||
a modified version of its Corresponding Source. The information must | |||||
suffice to ensure that the continued functioning of the modified object | |||||
code is in no case prevented or interfered with solely because | |||||
modification has been made. | |||||
If you convey an object code work under this section in, or with, or | |||||
specifically for use in, a User Product, and the conveying occurs as | |||||
part of a transaction in which the right of possession and use of the | |||||
User Product is transferred to the recipient in perpetuity or for a | |||||
fixed term (regardless of how the transaction is characterized), the | |||||
Corresponding Source conveyed under this section must be accompanied | |||||
by the Installation Information. But this requirement does not apply | |||||
if neither you nor any third party retains the ability to install | |||||
modified object code on the User Product (for example, the work has | |||||
been installed in ROM). | |||||
The requirement to provide Installation Information does not include a | |||||
requirement to continue to provide support service, warranty, or updates | |||||
for a work that has been modified or installed by the recipient, or for | |||||
the User Product in which it has been modified or installed. Access to a | |||||
network may be denied when the modification itself materially and | |||||
adversely affects the operation of the network or violates the rules and | |||||
protocols for communication across the network. | |||||
Corresponding Source conveyed, and Installation Information provided, | |||||
in accord with this section must be in a format that is publicly | |||||
documented (and with an implementation available to the public in | |||||
source code form), and must require no special password or key for | |||||
unpacking, reading or copying. | |||||
7. Additional Terms. | |||||
"Additional permissions" are terms that supplement the terms of this | |||||
License by making exceptions from one or more of its conditions. | |||||
Additional permissions that are applicable to the entire Program shall | |||||
be treated as though they were included in this License, to the extent | |||||
that they are valid under applicable law. If additional permissions | |||||
apply only to part of the Program, that part may be used separately | |||||
under those permissions, but the entire Program remains governed by | |||||
this License without regard to the additional permissions. | |||||
When you convey a copy of a covered work, you may at your option | |||||
remove any additional permissions from that copy, or from any part of | |||||
it. (Additional permissions may be written to require their own | |||||
removal in certain cases when you modify the work.) You may place | |||||
additional permissions on material, added by you to a covered work, | |||||
for which you have or can give appropriate copyright permission. | |||||
Notwithstanding any other provision of this License, for material you | |||||
add to a covered work, you may (if authorized by the copyright holders of | |||||
that material) supplement the terms of this License with terms: | |||||
a) Disclaiming warranty or limiting liability differently from the | |||||
terms of sections 15 and 16 of this License; or | |||||
b) Requiring preservation of specified reasonable legal notices or | |||||
author attributions in that material or in the Appropriate Legal | |||||
Notices displayed by works containing it; or | |||||
c) Prohibiting misrepresentation of the origin of that material, or | |||||
requiring that modified versions of such material be marked in | |||||
reasonable ways as different from the original version; or | |||||
d) Limiting the use for publicity purposes of names of licensors or | |||||
authors of the material; or | |||||
e) Declining to grant rights under trademark law for use of some | |||||
trade names, trademarks, or service marks; or | |||||
f) Requiring indemnification of licensors and authors of that | |||||
material by anyone who conveys the material (or modified versions of | |||||
it) with contractual assumptions of liability to the recipient, for | |||||
any liability that these contractual assumptions directly impose on | |||||
those licensors and authors. | |||||
All other non-permissive additional terms are considered "further | |||||
restrictions" within the meaning of section 10. If the Program as you | |||||
received it, or any part of it, contains a notice stating that it is | |||||
governed by this License along with a term that is a further | |||||
restriction, you may remove that term. If a license document contains | |||||
a further restriction but permits relicensing or conveying under this | |||||
License, you may add to a covered work material governed by the terms | |||||
of that license document, provided that the further restriction does | |||||
not survive such relicensing or conveying. | |||||
If you add terms to a covered work in accord with this section, you | |||||
must place, in the relevant source files, a statement of the | |||||
additional terms that apply to those files, or a notice indicating | |||||
where to find the applicable terms. | |||||
Additional terms, permissive or non-permissive, may be stated in the | |||||
form of a separately written license, or stated as exceptions; | |||||
the above requirements apply either way. | |||||
8. Termination. | |||||
You may not propagate or modify a covered work except as expressly | |||||
provided under this License. Any attempt otherwise to propagate or | |||||
modify it is void, and will automatically terminate your rights under | |||||
this License (including any patent licenses granted under the third | |||||
paragraph of section 11). | |||||
However, if you cease all violation of this License, then your | |||||
license from a particular copyright holder is reinstated (a) | |||||
provisionally, unless and until the copyright holder explicitly and | |||||
finally terminates your license, and (b) permanently, if the copyright | |||||
holder fails to notify you of the violation by some reasonable means | |||||
prior to 60 days after the cessation. | |||||
Moreover, your license from a particular copyright holder is | |||||
reinstated permanently if the copyright holder notifies you of the | |||||
violation by some reasonable means, this is the first time you have | |||||
received notice of violation of this License (for any work) from that | |||||
copyright holder, and you cure the violation prior to 30 days after | |||||
your receipt of the notice. | |||||
Termination of your rights under this section does not terminate the | |||||
licenses of parties who have received copies or rights from you under | |||||
this License. If your rights have been terminated and not permanently | |||||
reinstated, you do not qualify to receive new licenses for the same | |||||
material under section 10. | |||||
9. Acceptance Not Required for Having Copies. | |||||
You are not required to accept this License in order to receive or | |||||
run a copy of the Program. Ancillary propagation of a covered work | |||||
occurring solely as a consequence of using peer-to-peer transmission | |||||
to receive a copy likewise does not require acceptance. However, | |||||
nothing other than this License grants you permission to propagate or | |||||
modify any covered work. These actions infringe copyright if you do | |||||
not accept this License. Therefore, by modifying or propagating a | |||||
covered work, you indicate your acceptance of this License to do so. | |||||
10. Automatic Licensing of Downstream Recipients. | |||||
Each time you convey a covered work, the recipient automatically | |||||
receives a license from the original licensors, to run, modify and | |||||
propagate that work, subject to this License. You are not responsible | |||||
for enforcing compliance by third parties with this License. | |||||
An "entity transaction" is a transaction transferring control of an | |||||
organization, or substantially all assets of one, or subdividing an | |||||
organization, or merging organizations. If propagation of a covered | |||||
work results from an entity transaction, each party to that | |||||
transaction who receives a copy of the work also receives whatever | |||||
licenses to the work the party's predecessor in interest had or could | |||||
give under the previous paragraph, plus a right to possession of the | |||||
Corresponding Source of the work from the predecessor in interest, if | |||||
the predecessor has it or can get it with reasonable efforts. | |||||
You may not impose any further restrictions on the exercise of the | |||||
rights granted or affirmed under this License. For example, you may | |||||
not impose a license fee, royalty, or other charge for exercise of | |||||
rights granted under this License, and you may not initiate litigation | |||||
(including a cross-claim or counterclaim in a lawsuit) alleging that | |||||
any patent claim is infringed by making, using, selling, offering for | |||||
sale, or importing the Program or any portion of it. | |||||
11. Patents. | |||||
A "contributor" is a copyright holder who authorizes use under this | |||||
License of the Program or a work on which the Program is based. The | |||||
work thus licensed is called the contributor's "contributor version". | |||||
A contributor's "essential patent claims" are all patent claims | |||||
owned or controlled by the contributor, whether already acquired or | |||||
hereafter acquired, that would be infringed by some manner, permitted | |||||
by this License, of making, using, or selling its contributor version, | |||||
but do not include claims that would be infringed only as a | |||||
consequence of further modification of the contributor version. For | |||||
purposes of this definition, "control" includes the right to grant | |||||
patent sublicenses in a manner consistent with the requirements of | |||||
this License. | |||||
Each contributor grants you a non-exclusive, worldwide, royalty-free | |||||
patent license under the contributor's essential patent claims, to | |||||
make, use, sell, offer for sale, import and otherwise run, modify and | |||||
propagate the contents of its contributor version. | |||||
In the following three paragraphs, a "patent license" is any express | |||||
agreement or commitment, however denominated, not to enforce a patent | |||||
(such as an express permission to practice a patent or covenant not to | |||||
sue for patent infringement). To "grant" such a patent license to a | |||||
party means to make such an agreement or commitment not to enforce a | |||||
patent against the party. | |||||
If you convey a covered work, knowingly relying on a patent license, | |||||
and the Corresponding Source of the work is not available for anyone | |||||
to copy, free of charge and under the terms of this License, through a | |||||
publicly available network server or other readily accessible means, | |||||
then you must either (1) cause the Corresponding Source to be so | |||||
available, or (2) arrange to deprive yourself of the benefit of the | |||||
patent license for this particular work, or (3) arrange, in a manner | |||||
consistent with the requirements of this License, to extend the patent | |||||
license to downstream recipients. "Knowingly relying" means you have | |||||
actual knowledge that, but for the patent license, your conveying the | |||||
covered work in a country, or your recipient's use of the covered work | |||||
in a country, would infringe one or more identifiable patents in that | |||||
country that you have reason to believe are valid. | |||||
If, pursuant to or in connection with a single transaction or | |||||
arrangement, you convey, or propagate by procuring conveyance of, a | |||||
covered work, and grant a patent license to some of the parties | |||||
receiving the covered work authorizing them to use, propagate, modify | |||||
or convey a specific copy of the covered work, then the patent license | |||||
you grant is automatically extended to all recipients of the covered | |||||
work and works based on it. | |||||
A patent license is "discriminatory" if it does not include within | |||||
the scope of its coverage, prohibits the exercise of, or is | |||||
conditioned on the non-exercise of one or more of the rights that are | |||||
specifically granted under this License. You may not convey a covered | |||||
work if you are a party to an arrangement with a third party that is | |||||
in the business of distributing software, under which you make payment | |||||
to the third party based on the extent of your activity of conveying | |||||
the work, and under which the third party grants, to any of the | |||||
parties who would receive the covered work from you, a discriminatory | |||||
patent license (a) in connection with copies of the covered work | |||||
conveyed by you (or copies made from those copies), or (b) primarily | |||||
for and in connection with specific products or compilations that | |||||
contain the covered work, unless you entered into that arrangement, | |||||
or that patent license was granted, prior to 28 March 2007. | |||||
Nothing in this License shall be construed as excluding or limiting | |||||
any implied license or other defenses to infringement that may | |||||
otherwise be available to you under applicable patent law. | |||||
12. No Surrender of Others' Freedom. | |||||
If conditions are imposed on you (whether by court order, agreement or | |||||
otherwise) that contradict the conditions of this License, they do not | |||||
excuse you from the conditions of this License. If you cannot convey a | |||||
covered work so as to satisfy simultaneously your obligations under this | |||||
License and any other pertinent obligations, then as a consequence you may | |||||
not convey it at all. For example, if you agree to terms that obligate you | |||||
to collect a royalty for further conveying from those to whom you convey | |||||
the Program, the only way you could satisfy both those terms and this | |||||
License would be to refrain entirely from conveying the Program. | |||||
13. Use with the GNU Affero General Public License. | |||||
Notwithstanding any other provision of this License, you have | |||||
permission to link or combine any covered work with a work licensed | |||||
under version 3 of the GNU Affero General Public License into a single | |||||
combined work, and to convey the resulting work. The terms of this | |||||
License will continue to apply to the part which is the covered work, | |||||
but the special requirements of the GNU Affero General Public License, | |||||
section 13, concerning interaction through a network will apply to the | |||||
combination as such. | |||||
14. Revised Versions of this License. | |||||
The Free Software Foundation may publish revised and/or new versions of | |||||
the GNU General Public License from time to time. Such new versions will | |||||
be similar in spirit to the present version, but may differ in detail to | |||||
address new problems or concerns. | |||||
Each version is given a distinguishing version number. If the | |||||
Program specifies that a certain numbered version of the GNU General | |||||
Public License "or any later version" applies to it, you have the | |||||
option of following the terms and conditions either of that numbered | |||||
version or of any later version published by the Free Software | |||||
Foundation. If the Program does not specify a version number of the | |||||
GNU General Public License, you may choose any version ever published | |||||
by the Free Software Foundation. | |||||
If the Program specifies that a proxy can decide which future | |||||
versions of the GNU General Public License can be used, that proxy's | |||||
public statement of acceptance of a version permanently authorizes you | |||||
to choose that version for the Program. | |||||
Later license versions may give you additional or different | |||||
permissions. However, no additional obligations are imposed on any | |||||
author or copyright holder as a result of your choosing to follow a | |||||
later version. | |||||
15. Disclaimer of Warranty. | |||||
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY | |||||
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT | |||||
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY | |||||
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, | |||||
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |||||
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM | |||||
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF | |||||
ALL NECESSARY SERVICING, REPAIR OR CORRECTION. | |||||
16. Limitation of Liability. | |||||
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING | |||||
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS | |||||
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY | |||||
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE | |||||
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF | |||||
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD | |||||
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), | |||||
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF | |||||
SUCH DAMAGES. | |||||
17. Interpretation of Sections 15 and 16. | |||||
If the disclaimer of warranty and limitation of liability provided | |||||
above cannot be given local legal effect according to their terms, | |||||
reviewing courts shall apply local law that most closely approximates | |||||
an absolute waiver of all civil liability in connection with the | |||||
Program, unless a warranty or assumption of liability accompanies a | |||||
copy of the Program in return for a fee. | |||||
END OF TERMS AND CONDITIONS | |||||
How to Apply These Terms to Your New Programs | |||||
If you develop a new program, and you want it to be of the greatest | |||||
possible use to the public, the best way to achieve this is to make it | |||||
free software which everyone can redistribute and change under these terms. | |||||
To do so, attach the following notices to the program. It is safest | |||||
to attach them to the start of each source file to most effectively | |||||
state the exclusion of warranty; and each file should have at least | |||||
the "copyright" line and a pointer to where the full notice is found. | |||||
<one line to give the program's name and a brief idea of what it does.> | |||||
Copyright (C) <year> <name of author> | |||||
This program is free software: you can redistribute it and/or modify | |||||
it under the terms of the GNU General Public License as published by | |||||
the Free Software Foundation, either version 3 of the License, or | |||||
(at your option) any later version. | |||||
This program is distributed in the hope that it will be useful, | |||||
but WITHOUT ANY WARRANTY; without even the implied warranty of | |||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |||||
GNU General Public License for more details. | |||||
You should have received a copy of the GNU General Public License | |||||
along with this program. If not, see <http://www.gnu.org/licenses/>. | |||||
Also add information on how to contact you by electronic and paper mail. | |||||
If the program does terminal interaction, make it output a short | |||||
notice like this when it starts in an interactive mode: | |||||
<program> Copyright (C) <year> <name of author> | |||||
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. | |||||
This is free software, and you are welcome to redistribute it | |||||
under certain conditions; type `show c' for details. | |||||
The hypothetical commands `show w' and `show c' should show the appropriate | |||||
parts of the General Public License. Of course, your program's commands | |||||
might be different; for a GUI interface, you would use an "about box". | |||||
You should also get your employer (if you work as a programmer) or school, | |||||
if any, to sign a "copyright disclaimer" for the program, if necessary. | |||||
For more information on this, and how to apply and follow the GNU GPL, see | |||||
<http://www.gnu.org/licenses/>. | |||||
The GNU General Public License does not permit incorporating your program | |||||
into proprietary programs. If your program is a subroutine library, you | |||||
may consider it more useful to permit linking proprietary applications with | |||||
the library. If this is what you want to do, use the GNU Lesser General | |||||
Public License instead of this License. But first, please read | |||||
<http://www.gnu.org/philosophy/why-not-lgpl.html>. |
@ -1,73 +0,0 @@ | |||||
Process Hacker is a powerful free and open source process viewer. | |||||
== Getting started == | |||||
Simply run ProcessHacker.exe to start Process Hacker. There are two | |||||
versions, 32-bit (x86) and 64-bit (x64). If you are not sure which | |||||
version to use, open Control Panel > System and check the "System | |||||
type". You cannot run the 32-bit version of Process Hacker on a | |||||
64-bit system and expect it to work correctly, unlike other programs. | |||||
== System requirements == | |||||
Windows XP SP2 or higher, 32-bit or 64-bit. | |||||
== Settings == | |||||
If you are running Process Hacker from a USB drive, you may want to | |||||
save Process Hacker's settings there as well. To do this, create a | |||||
blank file named "ProcessHacker.exe.settings.xml" in the same | |||||
directory as ProcessHacker.exe. You can do this using Windows Explorer: | |||||
1. Make sure "Hide extensions for known file types" is unticked in | |||||
Tools > Folder options > View. | |||||
2. Right-click in the folder and choose New > Text Document. | |||||
3. Rename the file to ProcessHacker.exe.settings.xml (delete the ".txt" | |||||
extension). | |||||
== Plugins == | |||||
Plugins can be configured from Hacker > Plugins. | |||||
If you experience any crashes involving plugins, make sure they | |||||
are up to date. | |||||
The ExtendedTools plugin is only available for Windows Vista and | |||||
above. Disk and Network information provided by this plugin is | |||||
only available when running Process Hacker with administrative | |||||
rights. | |||||
== KProcessHacker == | |||||
NOTE: The driver has been very generously signed by the | |||||
ReactOS Foundation (http://www.reactos.org). | |||||
Process Hacker uses a kernel-mode driver, KProcessHacker, to | |||||
assist with certain functionality. This includes: | |||||
* Bypassing security software and rootkits in limited ways | |||||
* More powerful process and thread termination (*) | |||||
* Setting DEP status of processes | |||||
* Capturing kernel-mode stack traces | |||||
* More efficiently enumerating process handles | |||||
* Retrieving names for file handles | |||||
* Retrieving names for EtwRegistration objects | |||||
* Setting handle attributes | |||||
The feature(s) marked with an asterisk (*) are NOT available on 64-bit | |||||
versions of Windows. | |||||
Certain features such as modifying process protection are disabled | |||||
in the released driver binary due to legal reasons. You can enable | |||||
them by building KProcessHacker with the "dirty" configuration. | |||||
Note that by default, KProcessHacker only allows connections from | |||||
processes with SeDebugPrivilege. To allow Process Hacker to show details | |||||
for all processes when it is not running as administrator: | |||||
1. In Registry Editor, navigate to: | |||||
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KProcessHacker2 | |||||
2. Under this key, create a key named Parameters if it does not exist. | |||||
3. Create a DWORD value named SecurityLevel and set it to 0. | |||||
4. Restart the KProcessHacker2 service (sc stop KProcessHacker2, | |||||
sc start KProcessHacker2). |
@ -1,18 +0,0 @@ | |||||
<?xml version="1.0" encoding="utf-8"?><configuration> | |||||
<runtime> | |||||
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> | |||||
<dependentAssembly> | |||||
<assemblyIdentity name="System.Buffers" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" /> | |||||
<bindingRedirect oldVersion="0.0.0.0-4.0.2.0" newVersion="4.0.2.0" /> | |||||
</dependentAssembly> | |||||
<dependentAssembly> | |||||
<assemblyIdentity name="System.Numerics.Vectors" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" /> | |||||
<bindingRedirect oldVersion="0.0.0.0-4.1.3.0" newVersion="4.1.3.0" /> | |||||
</dependentAssembly> | |||||
<dependentAssembly> | |||||
<assemblyIdentity name="SQLitePCLRaw.core" publicKeyToken="1488e028ca7ab535" culture="neutral" /> | |||||
<bindingRedirect oldVersion="0.0.0.0-2.1.2.1721" newVersion="2.1.2.1721" /> | |||||
</dependentAssembly> | |||||
</assemblyBinding> | |||||
</runtime> | |||||
</configuration> |
@ -0,0 +1,22 @@ | |||||
using System; | |||||
using System.Diagnostics; | |||||
namespace TrustedUninstaller.Shared | |||||
{ | |||||
public static class Testing | |||||
{ | |||||
[Conditional("DEBUG")] | |||||
public static void WriteLine(object text) | |||||
{ | |||||
Console.WriteLine(text.ToString()); | |||||
} | |||||
public static void WriteLine(Exception exception, string shortTrace) | |||||
{ | |||||
Console.WriteLine(exception.GetType() + " at " + shortTrace + ":" + exception.Message); | |||||
} | |||||
public static void WriteLine(Exception exception, string shortTrace, string item) | |||||
{ | |||||
Console.WriteLine(exception.GetType() + " at " + shortTrace + $" ({item}):" + exception.Message); | |||||
} | |||||
} | |||||
} |
@ -0,0 +1,506 @@ | |||||
using System; | |||||
using System.Collections.Generic; | |||||
using System.ComponentModel; | |||||
using System.Diagnostics; | |||||
using System.IO; | |||||
using System.Linq; | |||||
using System.Reflection; | |||||
using System.Runtime.ConstrainedExecution; | |||||
using System.Runtime.InteropServices; | |||||
using System.Security; | |||||
using System.Text; | |||||
using System.Threading; | |||||
using System.Threading.Tasks; | |||||
using Microsoft.Win32.SafeHandles; | |||||
using TrustedUninstaller.Shared.Actions; | |||||
namespace TrustedUninstaller.Shared | |||||
{ | |||||
public class ProcessPrivilege | |||||
{ | |||||
private static Win32.TokensEx.SafeTokenHandle userToken = new Win32.TokensEx.SafeTokenHandle(IntPtr.Zero); | |||||
private static Win32.TokensEx.SafeTokenHandle elevatedUserToken = new Win32.TokensEx.SafeTokenHandle(IntPtr.Zero); | |||||
private static Win32.TokensEx.SafeTokenHandle systemToken = new Win32.TokensEx.SafeTokenHandle(IntPtr.Zero); | |||||
private static Win32.TokensEx.SafeTokenHandle impsersonatedSystemToken = new Win32.TokensEx.SafeTokenHandle(IntPtr.Zero); | |||||
private static Win32.TokensEx.SafeTokenHandle lsassToken = new Win32.TokensEx.SafeTokenHandle(IntPtr.Zero); | |||||
internal static void ResetTokens() | |||||
{ | |||||
elevatedUserToken = new Win32.TokensEx.SafeTokenHandle(IntPtr.Zero); | |||||
lsassToken = new Win32.TokensEx.SafeTokenHandle(IntPtr.Zero); | |||||
systemToken = new Win32.TokensEx.SafeTokenHandle(IntPtr.Zero); | |||||
impsersonatedSystemToken = new Win32.TokensEx.SafeTokenHandle(IntPtr.Zero); | |||||
userToken = new Win32.TokensEx.SafeTokenHandle(IntPtr.Zero); | |||||
} | |||||
public static void StartPrivilegedTask(AugmentedProcess.Process process, Privilege privilege) | |||||
{ | |||||
var tcs = StartThread(process, privilege); | |||||
tcs.Task.Wait(); | |||||
for (int i = 0; tcs.Task.Result != null && i <= 3; i++) | |||||
{ | |||||
ErrorLogger.WriteToErrorLog("Error launching privileged process: " + tcs.Task.Result.Message, tcs.Task.Result.StackTrace, "PrivilegedProcess Warning", | |||||
Path.GetFileName(process.StartInfo.FileName)); | |||||
ResetTokens(); | |||||
Thread.Sleep(500 * i); | |||||
tcs = StartThread(process, privilege); | |||||
tcs.Task.Wait(); | |||||
} | |||||
if (tcs.Task.Result != null) | |||||
throw new SecurityException("Error launching privileged process.", tcs.Task.Result); | |||||
} | |||||
private static TaskCompletionSource<Exception> StartThread(AugmentedProcess.Process process, Privilege privilege) | |||||
{ | |||||
var tcs = new TaskCompletionSource<Exception>(); | |||||
var thread = new Thread(() => | |||||
{ | |||||
try | |||||
{ | |||||
switch (privilege) | |||||
{ | |||||
case (Privilege.System): | |||||
GetSystemToken(); | |||||
process.Start(AugmentedProcess.Process.CreateType.RawToken, ref systemToken); | |||||
break; | |||||
case (Privilege.CurrentUser): | |||||
GetUserToken(true); | |||||
process.Start(AugmentedProcess.Process.CreateType.UserToken, ref userToken); | |||||
break; | |||||
case (Privilege.CurrentUserElevated): | |||||
GetElevatedUserToken(); | |||||
process.Start(AugmentedProcess.Process.CreateType.RawToken, ref elevatedUserToken); | |||||
break; | |||||
default: | |||||
throw new ArgumentException("Unexpected."); | |||||
} | |||||
} | |||||
catch (Exception e) | |||||
{ | |||||
tcs.SetResult(e); | |||||
return; | |||||
} | |||||
tcs.SetResult(null); | |||||
}); | |||||
thread.Start(); | |||||
return tcs; | |||||
} | |||||
private static uint GetUserSession() | |||||
{ | |||||
var sessionId = Win32.WTS.WTSGetActiveConsoleSessionId(); | |||||
if (sessionId != 0xFFFFFFFF) return sessionId; | |||||
IntPtr pSessionInfo = IntPtr.Zero; | |||||
Int32 count = 0; | |||||
if (Win32.WTS.WTSEnumerateSessions((IntPtr)null, 0, 1, ref pSessionInfo, ref count) == 0) | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), "Error enumerating user sessions."); | |||||
Int32 dataSize = Marshal.SizeOf(typeof(Win32.WTS.WTS_SESSION_INFO)); | |||||
Int64 current = (Int64)pSessionInfo; | |||||
for (int i = 0; i < count; i++) | |||||
{ | |||||
Win32.WTS.WTS_SESSION_INFO si = | |||||
(Win32.WTS.WTS_SESSION_INFO)Marshal.PtrToStructure((System.IntPtr)current, | |||||
typeof(Win32.WTS.WTS_SESSION_INFO)); | |||||
current += dataSize; | |||||
if (si.State == Win32.WTS.WTS_CONNECTSTATE_CLASS.WTSActive) | |||||
{ | |||||
sessionId = (uint)si.SessionID; | |||||
break; | |||||
} | |||||
} | |||||
Win32.WTS.WTSFreeMemory(pSessionInfo); | |||||
return sessionId; | |||||
} | |||||
private static void GetUserToken(bool getPrivileges) | |||||
{ | |||||
if (getPrivileges) | |||||
{ | |||||
GetSystemToken(); | |||||
var result = Win32.Tokens.ImpersonateLoggedOnUser(systemToken); | |||||
if (!result) | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), "Error impersonating system process token."); | |||||
Win32.TokensEx.AdjustCurrentPrivilege(Win32.Tokens.SE_ASSIGNPRIMARYTOKEN_NAME); | |||||
Win32.TokensEx.AdjustCurrentPrivilege(Win32.Tokens.SE_INCREASE_QUOTA_NAME); | |||||
} | |||||
if (userToken.DangerousGetHandle() != IntPtr.Zero) | |||||
return; | |||||
var sessionId = GetUserSession(); | |||||
if (Win32.WTS.WTSQueryUserToken(sessionId, out Win32.TokensEx.SafeTokenHandle wtsToken)) | |||||
{ | |||||
if (!Win32.Tokens.DuplicateTokenEx(wtsToken, Win32.Tokens.TokenAccessFlags.TOKEN_ALL_ACCESS, | |||||
IntPtr.Zero, | |||||
Win32.Tokens.SECURITY_IMPERSONATION_LEVEL.SecurityIdentification, | |||||
Win32.Tokens.TOKEN_TYPE.TokenPrimary, out userToken)) | |||||
{ | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), | |||||
"Failed to duplicate process token for lsass."); | |||||
} | |||||
return; | |||||
} | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), "Error fetching active user session token."); | |||||
} | |||||
private static void GetElevatedUserToken() | |||||
{ | |||||
GetSystemToken(); | |||||
var result = Win32.Tokens.ImpersonateLoggedOnUser(systemToken); | |||||
if (!result) | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), "Error impersonating system process token."); | |||||
if (lsassToken.DangerousGetHandle() == IntPtr.Zero) | |||||
{ | |||||
var processHandle = Win32.Process.OpenProcess(Win32.Process.ProcessAccessFlags.QueryLimitedInformation, false, Process.GetProcessesByName("lsass").First().Id); | |||||
if (!Win32.Tokens.OpenProcessToken(processHandle, | |||||
Win32.Tokens.TokenAccessFlags.TOKEN_DUPLICATE | | |||||
Win32.Tokens.TokenAccessFlags.TOKEN_ASSIGN_PRIMARY | | |||||
Win32.Tokens.TokenAccessFlags.TOKEN_QUERY | Win32.Tokens.TokenAccessFlags.TOKEN_IMPERSONATE, | |||||
out var tokenHandle)) | |||||
{ | |||||
Win32.CloseHandle(processHandle); | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), "Failed to open process token for lsass."); | |||||
} | |||||
if (!Win32.Tokens.DuplicateTokenEx(tokenHandle, Win32.Tokens.TokenAccessFlags.TOKEN_ALL_ACCESS, | |||||
IntPtr.Zero, | |||||
Win32.Tokens.SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation, | |||||
Win32.Tokens.TOKEN_TYPE.TokenImpersonation, out lsassToken)) | |||||
{ | |||||
Win32.CloseHandle(processHandle); | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), | |||||
"Failed to duplicate process token for lsass."); | |||||
} | |||||
Win32.CloseHandle(processHandle); | |||||
} | |||||
result = Win32.Tokens.ImpersonateLoggedOnUser(lsassToken); | |||||
if (!result) | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), "Error impersonating lsass process token."); | |||||
Win32.TokensEx.AdjustCurrentPrivilege(Win32.Tokens.SE_ASSIGNPRIMARYTOKEN_NAME); | |||||
Win32.TokensEx.AdjustCurrentPrivilege(Win32.Tokens.SE_INCREASE_QUOTA_NAME); | |||||
if (elevatedUserToken.DangerousGetHandle() != IntPtr.Zero) | |||||
return; | |||||
var privileges = new[] | |||||
{ | |||||
Win32.Tokens.SE_INCREASE_QUOTA_NAME, | |||||
Win32.Tokens.SE_MACHINE_ACCOUNT_NAME, Win32.Tokens.SE_SECURITY_NAME, | |||||
Win32.Tokens.SE_TAKE_OWNERSHIP_NAME, Win32.Tokens.SE_LOAD_DRIVER_NAME, | |||||
Win32.Tokens.SE_SYSTEM_PROFILE_NAME, Win32.Tokens.SE_SYSTEMTIME_NAME, | |||||
Win32.Tokens.SE_PROFILE_SINGLE_PROCESS_NAME, Win32.Tokens.SE_INCREASE_BASE_PRIORITY_NAME, | |||||
Win32.Tokens.SE_CREATE_PERMANENT_NAME, | |||||
Win32.Tokens.SE_BACKUP_NAME, Win32.Tokens.SE_RESTORE_NAME, Win32.Tokens.SE_SHUTDOWN_NAME, | |||||
Win32.Tokens.SE_DEBUG_NAME, Win32.Tokens.SE_AUDIT_NAME, Win32.Tokens.SE_SYSTEM_ENVIRONMENT_NAME, | |||||
Win32.Tokens.SE_CHANGE_NOTIFY_NAME, | |||||
Win32.Tokens.SE_UNDOCK_NAME, Win32.Tokens.SE_SYNC_AGENT_NAME, | |||||
Win32.Tokens.SE_ENABLE_DELEGATION_NAME, Win32.Tokens.SE_MANAGE_VOLUME_NAME, | |||||
Win32.Tokens.SE_IMPERSONATE_NAME, Win32.Tokens.SE_CREATE_GLOBAL_NAME, | |||||
Win32.Tokens.SE_TRUSTED_CREDMAN_ACCESS_NAME, Win32.Tokens.SE_RELABEL_NAME, | |||||
Win32.Tokens.SE_TIME_ZONE_NAME, | |||||
Win32.Tokens.SE_CREATE_SYMBOLIC_LINK_NAME, Win32.Tokens.SE_DELEGATE_SESSION_USER_IMPERSONATE_NAME | |||||
}; | |||||
var authId = Win32.Tokens.SYSTEM_LUID; | |||||
GetUserToken(false); | |||||
Win32.Tokens.DuplicateTokenEx(userToken, | |||||
Win32.Tokens.TokenAccessFlags.TOKEN_ALL_ACCESS, IntPtr.Zero, | |||||
Win32.Tokens.SECURITY_IMPERSONATION_LEVEL.SecurityIdentification, Win32.Tokens.TOKEN_TYPE.TokenPrimary, | |||||
out Win32.TokensEx.SafeTokenHandle dupedUserToken); | |||||
Win32.SID.AllocateAndInitializeSid( | |||||
ref Win32.SID.SECURITY_MANDATORY_LABEL_AUTHORITY, | |||||
1, | |||||
(int)Win32.SID.SECURITY_MANDATORY_LABEL.High, | |||||
0, | |||||
0, | |||||
0, | |||||
0, | |||||
0, | |||||
0, | |||||
0, | |||||
out IntPtr integritySid); | |||||
var tokenMandatoryLabel = new Win32.Tokens.TOKEN_MANDATORY_LABEL() { | |||||
Label = default(Win32.SID.SID_AND_ATTRIBUTES) | |||||
}; | |||||
tokenMandatoryLabel.Label.Attributes = (uint)Win32.Tokens.SE_GROUP_ATTRIBUTES.SE_GROUP_INTEGRITY; | |||||
tokenMandatoryLabel.Label.Sid = integritySid; | |||||
var integritySize = Marshal.SizeOf(tokenMandatoryLabel); | |||||
var tokenInfo = Marshal.AllocHGlobal(integritySize); | |||||
Marshal.StructureToPtr(tokenMandatoryLabel, tokenInfo, false); | |||||
Win32.Tokens.SetTokenInformation( | |||||
dupedUserToken, | |||||
Win32.Tokens.TOKEN_INFORMATION_CLASS.TokenIntegrityLevel, | |||||
tokenInfo, | |||||
integritySize + Win32.SID.GetLengthSid(integritySid)); | |||||
var pTokenUser = Win32.TokensEx.GetInfoFromToken(dupedUserToken, Win32.Tokens.TOKEN_INFORMATION_CLASS.TokenUser); | |||||
var pTokenOwner = | |||||
Win32.TokensEx.GetInfoFromToken(dupedUserToken, Win32.Tokens.TOKEN_INFORMATION_CLASS.TokenOwner); | |||||
var pTokenPrivileges = | |||||
Win32.TokensEx.GetInfoFromToken(dupedUserToken, Win32.Tokens.TOKEN_INFORMATION_CLASS.TokenPrivileges); | |||||
var pTokenGroups = | |||||
Win32.TokensEx.GetInfoFromToken(dupedUserToken, Win32.Tokens.TOKEN_INFORMATION_CLASS.TokenGroups); | |||||
var pTokenPrimaryGroup = | |||||
Win32.TokensEx.GetInfoFromToken(dupedUserToken, Win32.Tokens.TOKEN_INFORMATION_CLASS.TokenPrimaryGroup); | |||||
var pTokenDefaultDacl = | |||||
Win32.TokensEx.GetInfoFromToken(dupedUserToken, Win32.Tokens.TOKEN_INFORMATION_CLASS.TokenDefaultDacl); | |||||
var pTokenSource = | |||||
Win32.TokensEx.GetInfoFromToken(dupedUserToken, Win32.Tokens.TOKEN_INFORMATION_CLASS.TokenSource); | |||||
var tokenUser = | |||||
(Win32.Tokens.TOKEN_USER)Marshal.PtrToStructure(pTokenUser, typeof(Win32.Tokens.TOKEN_USER)); | |||||
if (!Win32.TokensEx.CreateTokenPrivileges(privileges, out var tokenPrivileges)) | |||||
tokenPrivileges = | |||||
(Win32.Tokens.TOKEN_PRIVILEGES)Marshal.PtrToStructure(pTokenPrivileges, | |||||
typeof(Win32.Tokens.TOKEN_PRIVILEGES)); | |||||
var tokenGroups = (Win32.Tokens.TOKEN_GROUPS)Marshal.PtrToStructure( | |||||
pTokenGroups, typeof(Win32.Tokens.TOKEN_GROUPS)); | |||||
var tokenOwner = | |||||
(Win32.Tokens.TOKEN_OWNER)Marshal.PtrToStructure(pTokenOwner, typeof(Win32.Tokens.TOKEN_OWNER)); | |||||
var tokenPrimaryGroup = | |||||
(Win32.Tokens.TOKEN_PRIMARY_GROUP)Marshal.PtrToStructure(pTokenPrimaryGroup, | |||||
typeof(Win32.Tokens.TOKEN_PRIMARY_GROUP)); | |||||
var tokenDefaultDacl = (Win32.Tokens.TOKEN_DEFAULT_DACL)Marshal.PtrToStructure( | |||||
pTokenDefaultDacl, typeof(Win32.Tokens.TOKEN_DEFAULT_DACL)); | |||||
var tokenSource = (Win32.Tokens.TOKEN_SOURCE)Marshal.PtrToStructure( | |||||
pTokenSource, typeof(Win32.Tokens.TOKEN_SOURCE)); | |||||
/* | |||||
for (var idx = 0; idx < tokenPrivileges.PrivilegeCount - 1; idx++) | |||||
{ | |||||
if ((tokenPrivileges.Privileges[idx].Attributes & | |||||
(uint)Win32.Tokens.SE_PRIVILEGE_ATTRIBUTES.SE_PRIVILEGE_ENABLED) != 0) | |||||
{ | |||||
} | |||||
if ((tokenPrivileges.Privileges[idx].Attributes & | |||||
(uint)Win32.Tokens.SE_PRIVILEGE_ATTRIBUTES.SE_PRIVILEGE_ENABLED_BY_DEFAULT) != 0) | |||||
{ | |||||
} | |||||
} | |||||
*/ | |||||
IntPtr adminsSid = IntPtr.Zero; | |||||
IntPtr localAndAdminSid = IntPtr.Zero; | |||||
bool adminsFound = false; | |||||
bool localAndAdminFound = false; | |||||
for (var idx = 0; idx < tokenGroups.GroupCount - 1; idx++) | |||||
{ | |||||
Win32.SID.ConvertSidToStringSid(tokenGroups.Groups[idx].Sid, out string strSid); | |||||
if (string.Compare(strSid, Win32.SID.DOMAIN_ALIAS_RID_ADMINS, StringComparison.OrdinalIgnoreCase) == 0) | |||||
{ | |||||
adminsFound = true; | |||||
tokenGroups.Groups[idx].Attributes = (uint)Win32.Tokens.SE_GROUP_ATTRIBUTES.SE_GROUP_ENABLED | | |||||
(uint)Win32.Tokens.SE_GROUP_ATTRIBUTES | |||||
.SE_GROUP_ENABLED_BY_DEFAULT | (uint)Win32.Tokens.SE_GROUP_ATTRIBUTES.SE_GROUP_MANDATORY | (uint)Win32.Tokens.SE_GROUP_ATTRIBUTES.SE_GROUP_OWNER; | |||||
} else if (string.Compare(strSid, Win32.SID.DOMAIN_ALIAS_RID_LOCAL_AND_ADMIN_GROUP, StringComparison.OrdinalIgnoreCase) == 0) | |||||
{ | |||||
localAndAdminFound = true; | |||||
tokenGroups.Groups[idx].Attributes = (uint)Win32.Tokens.SE_GROUP_ATTRIBUTES.SE_GROUP_ENABLED | | |||||
(uint)Win32.Tokens.SE_GROUP_ATTRIBUTES | |||||
.SE_GROUP_ENABLED_BY_DEFAULT | (uint)Win32.Tokens.SE_GROUP_ATTRIBUTES.SE_GROUP_MANDATORY; | |||||
} | |||||
} | |||||
if (!adminsFound) | |||||
{ | |||||
Win32.SID.ConvertStringSidToSid(Win32.SID.DOMAIN_ALIAS_RID_ADMINS, out adminsSid); | |||||
tokenGroups.Groups[tokenGroups.GroupCount].Sid = adminsSid; | |||||
tokenGroups.Groups[tokenGroups.GroupCount].Attributes = | |||||
(uint)Win32.Tokens.SE_GROUP_ATTRIBUTES.SE_GROUP_ENABLED | | |||||
(uint)Win32.Tokens.SE_GROUP_ATTRIBUTES.SE_GROUP_ENABLED_BY_DEFAULT; | |||||
tokenGroups.GroupCount++; | |||||
} | |||||
if (!localAndAdminFound) | |||||
{ | |||||
Win32.SID.ConvertStringSidToSid(Win32.SID.DOMAIN_ALIAS_RID_LOCAL_AND_ADMIN_GROUP, out localAndAdminSid); | |||||
tokenGroups.Groups[tokenGroups.GroupCount].Sid = localAndAdminSid; | |||||
tokenGroups.Groups[tokenGroups.GroupCount].Attributes = | |||||
(uint)Win32.Tokens.SE_GROUP_ATTRIBUTES.SE_GROUP_ENABLED | | |||||
(uint)Win32.Tokens.SE_GROUP_ATTRIBUTES.SE_GROUP_ENABLED_BY_DEFAULT; | |||||
tokenGroups.GroupCount++; | |||||
} | |||||
var expirationTime = new Win32.LARGE_INTEGER() { QuadPart = -1L }; | |||||
var sqos = new Win32.Tokens.SECURITY_QUALITY_OF_SERVICE( | |||||
Win32.Tokens.SECURITY_IMPERSONATION_LEVEL.SecurityIdentification, Win32.Tokens.SECURITY_STATIC_TRACKING, | |||||
0); | |||||
var oa = new Win32.Tokens.OBJECT_ATTRIBUTES(string.Empty, 0) { }; | |||||
var pSqos = Marshal.AllocHGlobal(Marshal.SizeOf(sqos)); | |||||
Marshal.StructureToPtr(sqos, pSqos, true); | |||||
oa.SecurityQualityOfService = pSqos; | |||||
var status = Win32.Tokens.ZwCreateToken(out elevatedUserToken, | |||||
Win32.Tokens.TokenAccessFlags.TOKEN_ALL_ACCESS, ref oa, Win32.Tokens.TOKEN_TYPE.TokenPrimary, | |||||
ref authId, ref expirationTime, ref tokenUser, ref tokenGroups, ref tokenPrivileges, ref tokenOwner, | |||||
ref tokenPrimaryGroup, ref tokenDefaultDacl, ref tokenSource); | |||||
Win32.LocalFree(pTokenUser); | |||||
Win32.LocalFree(pTokenOwner); | |||||
Win32.LocalFree(pTokenGroups); | |||||
Win32.LocalFree(pTokenDefaultDacl); | |||||
Win32.LocalFree(pTokenPrivileges); | |||||
Win32.LocalFree(pTokenPrimaryGroup); | |||||
if (adminsSid != IntPtr.Zero) | |||||
Win32.SID.FreeSid(adminsSid); | |||||
if (localAndAdminSid != IntPtr.Zero) | |||||
Win32.SID.FreeSid(localAndAdminSid); | |||||
if (integritySid != IntPtr.Zero) | |||||
Win32.SID.FreeSid(integritySid); | |||||
if (status != 0) | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), "Error creating elevated user token: " + status); | |||||
} | |||||
public static void GetSystemToken() | |||||
{ | |||||
if (systemToken.DangerousGetHandle() != IntPtr.Zero) | |||||
return; | |||||
try | |||||
{ | |||||
var processHandle = Win32.Process.OpenProcess(Win32.Process.ProcessAccessFlags.QueryLimitedInformation, false, Process.GetProcessesByName("winlogon").First().Id); | |||||
if (!Win32.Tokens.OpenProcessToken(processHandle, | |||||
Win32.Tokens.TokenAccessFlags.TOKEN_DUPLICATE | Win32.Tokens.TokenAccessFlags.TOKEN_ASSIGN_PRIMARY | | |||||
Win32.Tokens.TokenAccessFlags.TOKEN_QUERY | Win32.Tokens.TokenAccessFlags.TOKEN_IMPERSONATE, | |||||
out var tokenHandle)) | |||||
{ | |||||
Win32.CloseHandle(processHandle); | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), "Failed to open process token for winlogon."); | |||||
} | |||||
if (!Win32.Tokens.DuplicateTokenEx(tokenHandle, Win32.Tokens.TokenAccessFlags.TOKEN_ALL_ACCESS, IntPtr.Zero, | |||||
Win32.Tokens.SECURITY_IMPERSONATION_LEVEL.SecurityIdentification, | |||||
Win32.Tokens.TOKEN_TYPE.TokenPrimary, out systemToken)) | |||||
{ | |||||
Win32.CloseHandle(processHandle); | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), | |||||
"Failed to duplicate process token for winlogon."); | |||||
} | |||||
Win32.CloseHandle(processHandle); | |||||
} | |||||
catch (Exception e) | |||||
{ | |||||
var sessionId = GetUserSession(); | |||||
int dwLsassPID = -1; | |||||
int dwWinLogonPID = -1; | |||||
Win32.WTS.WTS_PROCESS_INFO[] pProcesses; | |||||
IntPtr pProcessInfo = IntPtr.Zero; | |||||
int dwProcessCount = 0; | |||||
if (Win32.WTS.WTSEnumerateProcesses((IntPtr)null, 0, 1, ref pProcessInfo, ref dwProcessCount)) | |||||
{ | |||||
IntPtr pMemory = pProcessInfo; | |||||
pProcesses = new Win32.WTS.WTS_PROCESS_INFO[dwProcessCount]; | |||||
for (int i = 0; i < dwProcessCount; i++) | |||||
{ | |||||
pProcesses[i] = | |||||
(Win32.WTS.WTS_PROCESS_INFO)Marshal.PtrToStructure(pProcessInfo, | |||||
typeof(Win32.WTS.WTS_PROCESS_INFO)); | |||||
pProcessInfo = (IntPtr)((long)pProcessInfo + Marshal.SizeOf(pProcesses[i])); | |||||
var processName = Marshal.PtrToStringAnsi(pProcesses[i].ProcessName); | |||||
Win32.SID.ConvertSidToStringSid(pProcesses[i].UserSid, out string sid); | |||||
string strSid; | |||||
if (processName == null || pProcesses[i].UserSid == default || sid != "S-1-5-18") continue; | |||||
if ((-1 == dwLsassPID) && (0 == pProcesses[i].SessionID) && (processName == "lsass.exe")) | |||||
{ | |||||
dwLsassPID = pProcesses[i].ProcessID; | |||||
continue; | |||||
} | |||||
if ((-1 == dwWinLogonPID) && (sessionId == pProcesses[i].SessionID) && | |||||
(processName == "winlogon.exe")) | |||||
{ | |||||
dwWinLogonPID = pProcesses[i].ProcessID; | |||||
continue; | |||||
} | |||||
} | |||||
Win32.WTS.WTSFreeMemory(pMemory); | |||||
} | |||||
IntPtr systemProcessHandle = IntPtr.Zero; | |||||
try | |||||
{ | |||||
systemProcessHandle = Process.GetProcessById(dwLsassPID).Handle; | |||||
} | |||||
catch | |||||
{ | |||||
systemProcessHandle = Process.GetProcessById(dwWinLogonPID).Handle; | |||||
} | |||||
if (!Win32.Tokens.OpenProcessToken(systemProcessHandle, Win32.Tokens.TokenAccessFlags.TOKEN_DUPLICATE, | |||||
out Win32.TokensEx.SafeTokenHandle token)) | |||||
{ | |||||
Win32.CloseHandle(systemProcessHandle); | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), "Failed to open process token."); | |||||
} | |||||
if (!Win32.Tokens.DuplicateTokenEx(token, Win32.Tokens.TokenAccessFlags.MAXIMUM_ALLOWED, IntPtr.Zero, | |||||
Win32.Tokens.SECURITY_IMPERSONATION_LEVEL.SecurityIdentification, | |||||
Win32.Tokens.TOKEN_TYPE.TokenPrimary, out systemToken)) | |||||
{ | |||||
Win32.CloseHandle(systemProcessHandle); | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), "Failed to duplicate process token."); | |||||
} | |||||
Win32.CloseHandle(systemProcessHandle); | |||||
} | |||||
} | |||||
public static Win32.TokensEx.SafeTokenHandle GetCurrentProcessToken() | |||||
{ | |||||
if (!Win32.Tokens.OpenProcessToken(Win32.Process.GetCurrentProcess(), | |||||
Win32.Tokens.TokenAccessFlags.TOKEN_READ, out Win32.TokensEx.SafeTokenHandle token)) | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), "Error opening token for current process."); | |||||
return token; | |||||
} | |||||
private static Win32.TokensEx.SafeTokenHandle GetProcessTokenByName(string name, bool impersonation) | |||||
{ | |||||
var processHandle = Process.GetProcessesByName(name).First().Handle; | |||||
if (!Win32.Tokens.OpenProcessToken(processHandle, | |||||
Win32.Tokens.TokenAccessFlags.TOKEN_DUPLICATE | Win32.Tokens.TokenAccessFlags.TOKEN_ASSIGN_PRIMARY | | |||||
Win32.Tokens.TokenAccessFlags.TOKEN_QUERY | Win32.Tokens.TokenAccessFlags.TOKEN_IMPERSONATE, | |||||
out var tokenHandle)) | |||||
{ | |||||
Win32.CloseHandle(processHandle); | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), "Failed to open process token for " + name + "."); | |||||
} | |||||
if (!Win32.Tokens.DuplicateTokenEx(tokenHandle, Win32.Tokens.TokenAccessFlags.TOKEN_ALL_ACCESS, IntPtr.Zero, | |||||
impersonation ? Win32.Tokens.SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation : Win32.Tokens.SECURITY_IMPERSONATION_LEVEL.SecurityIdentification, | |||||
impersonation ? Win32.Tokens.TOKEN_TYPE.TokenImpersonation : Win32.Tokens.TOKEN_TYPE.TokenPrimary, out Win32.TokensEx.SafeTokenHandle handle)) | |||||
{ | |||||
Win32.CloseHandle(processHandle); | |||||
throw new Win32Exception(Marshal.GetLastWin32Error(), | |||||
"Failed to duplicate process token for " + name + "."); | |||||
} | |||||
Win32.CloseHandle(processHandle); | |||||
return handle; | |||||
} } | |||||
} |
@ -0,0 +1,22 @@ | |||||
using YamlDotNet.Serialization; | |||||
namespace TrustedUninstaller.Shared.Tasks | |||||
{ | |||||
public class TaskAction | |||||
{ | |||||
[YamlMember(typeof(bool), Alias = "ignoreErrors")] | |||||
public bool IgnoreErrors { get; set; } = false; | |||||
[YamlMember(typeof(string), Alias = "option")] | |||||
public string Option { get; set; } = null; | |||||
[YamlMember(typeof(string[]), Alias = "options")] | |||||
public string[] Options { get; set; } = null; | |||||
[YamlMember(typeof(string[]), Alias = "builds")] | |||||
public string[] Builds { get; set; } = null; | |||||
[YamlMember(typeof(string), Alias = "cpuArch")] | |||||
public string Arch { get; set; } = null; | |||||
} | |||||
} |