windows-pr 1.2.1 → 1.2.2
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGES +438 -429
- data/README +5 -1
- data/lib/windows/clipboard.rb +61 -61
- data/lib/windows/com.rb +192 -192
- data/lib/windows/com/accessibility.rb +16 -16
- data/lib/windows/directory.rb +27 -27
- data/lib/windows/error.rb +498 -484
- data/lib/windows/eventlog.rb +80 -80
- data/lib/windows/filesystem.rb +15 -15
- data/lib/windows/handle.rb +23 -23
- data/lib/windows/library.rb +44 -44
- data/lib/windows/mailslot.rb +24 -24
- data/lib/windows/memory.rb +128 -128
- data/lib/windows/msvcrt/io.rb +73 -73
- data/lib/windows/msvcrt/string.rb +182 -182
- data/lib/windows/nio.rb +50 -50
- data/lib/windows/ntfs/winternl.rb +117 -110
- data/lib/windows/process.rb +176 -176
- data/lib/windows/socket.rb +86 -86
- data/lib/windows/system_info.rb +229 -229
- data/lib/windows/thread.rb +64 -64
- data/lib/windows/unicode.rb +155 -155
- data/lib/windows/wsa.rb +102 -102
- data/test/tc_msvcrt_buffer.rb +11 -7
- data/test/tc_ntfs_winternl.rb +48 -44
- data/test/tc_unicode.rb +83 -83
- data/windows-pr.gemspec +34 -34
- metadata +50 -63
data/lib/windows/nio.rb
CHANGED
|
@@ -1,50 +1,50 @@
|
|
|
1
|
-
require 'windows/api'
|
|
2
|
-
|
|
3
|
-
module Windows
|
|
4
|
-
module NIO
|
|
5
|
-
API.auto_namespace = 'Windows::NIO'
|
|
6
|
-
API.auto_constant = true
|
|
7
|
-
API.auto_method = true
|
|
8
|
-
API.auto_unicode = false
|
|
9
|
-
|
|
10
|
-
private
|
|
11
|
-
|
|
12
|
-
# OpenFile() constants
|
|
13
|
-
|
|
14
|
-
OF_READ = 0x00000000
|
|
15
|
-
OF_WRITE = 0x00000001
|
|
16
|
-
OF_READWRITE = 0x00000002
|
|
17
|
-
OF_SHARE_COMPAT = 0x00000000
|
|
18
|
-
OF_SHARE_EXCLUSIVE = 0x00000010
|
|
19
|
-
OF_SHARE_DENY_WRITE = 0x00000020
|
|
20
|
-
OF_SHARE_DENY_READ = 0x00000030
|
|
21
|
-
OF_SHARE_DENY_NONE = 0x00000040
|
|
22
|
-
OF_PARSE = 0x00000100
|
|
23
|
-
OF_DELETE = 0x00000200
|
|
24
|
-
OF_VERIFY = 0x00000400
|
|
25
|
-
OF_CANCEL = 0x00000800
|
|
26
|
-
OF_CREATE = 0x00001000
|
|
27
|
-
OF_PROMPT = 0x00002000
|
|
28
|
-
OF_EXIST = 0x00004000
|
|
29
|
-
OF_REOPEN = 0x00008000
|
|
30
|
-
|
|
31
|
-
API.new('CancelIo', 'L', 'B')
|
|
32
|
-
API.new('CreateIoCompletionPort', 'LLPL', 'L')
|
|
33
|
-
API.new('FlushFileBuffers', 'L', 'B')
|
|
34
|
-
API.new('GetQueuedCompletionStatus', 'LPPPL', 'B')
|
|
35
|
-
API.new('OpenFile', 'PPI', 'L')
|
|
36
|
-
API.new('PostQueuedCompletionStatus', 'LLPP', 'B')
|
|
37
|
-
API.new('ReadFileScatter', 'LPLPP', 'B')
|
|
38
|
-
API.new('SetEndOfFile', 'L', 'B')
|
|
39
|
-
API.new('SetFilePointer', 'LLPL', 'L')
|
|
40
|
-
API.new('SetFilePointerEx', 'LLPL', 'B')
|
|
41
|
-
API.new('WriteFileGather', 'LPLPP', 'B')
|
|
42
|
-
|
|
43
|
-
begin
|
|
44
|
-
API.new('CancelIoEx', 'LP', 'B')
|
|
45
|
-
API.new('CancelSynchronousIo', 'L', 'B')
|
|
46
|
-
rescue Win32::API::LoadLibraryError
|
|
47
|
-
# Windows Vista or later
|
|
48
|
-
end
|
|
49
|
-
end
|
|
50
|
-
end
|
|
1
|
+
require 'windows/api'
|
|
2
|
+
|
|
3
|
+
module Windows
|
|
4
|
+
module NIO
|
|
5
|
+
API.auto_namespace = 'Windows::NIO'
|
|
6
|
+
API.auto_constant = true
|
|
7
|
+
API.auto_method = true
|
|
8
|
+
API.auto_unicode = false
|
|
9
|
+
|
|
10
|
+
private
|
|
11
|
+
|
|
12
|
+
# OpenFile() constants
|
|
13
|
+
|
|
14
|
+
OF_READ = 0x00000000
|
|
15
|
+
OF_WRITE = 0x00000001
|
|
16
|
+
OF_READWRITE = 0x00000002
|
|
17
|
+
OF_SHARE_COMPAT = 0x00000000
|
|
18
|
+
OF_SHARE_EXCLUSIVE = 0x00000010
|
|
19
|
+
OF_SHARE_DENY_WRITE = 0x00000020
|
|
20
|
+
OF_SHARE_DENY_READ = 0x00000030
|
|
21
|
+
OF_SHARE_DENY_NONE = 0x00000040
|
|
22
|
+
OF_PARSE = 0x00000100
|
|
23
|
+
OF_DELETE = 0x00000200
|
|
24
|
+
OF_VERIFY = 0x00000400
|
|
25
|
+
OF_CANCEL = 0x00000800
|
|
26
|
+
OF_CREATE = 0x00001000
|
|
27
|
+
OF_PROMPT = 0x00002000
|
|
28
|
+
OF_EXIST = 0x00004000
|
|
29
|
+
OF_REOPEN = 0x00008000
|
|
30
|
+
|
|
31
|
+
API.new('CancelIo', 'L', 'B')
|
|
32
|
+
API.new('CreateIoCompletionPort', 'LLPL', 'L')
|
|
33
|
+
API.new('FlushFileBuffers', 'L', 'B')
|
|
34
|
+
API.new('GetQueuedCompletionStatus', 'LPPPL', 'B')
|
|
35
|
+
API.new('OpenFile', 'PPI', 'L')
|
|
36
|
+
API.new('PostQueuedCompletionStatus', 'LLPP', 'B')
|
|
37
|
+
API.new('ReadFileScatter', 'LPLPP', 'B')
|
|
38
|
+
API.new('SetEndOfFile', 'L', 'B')
|
|
39
|
+
API.new('SetFilePointer', 'LLPL', 'L')
|
|
40
|
+
API.new('SetFilePointerEx', 'LLPL', 'B')
|
|
41
|
+
API.new('WriteFileGather', 'LPLPP', 'B')
|
|
42
|
+
|
|
43
|
+
begin
|
|
44
|
+
API.new('CancelIoEx', 'LP', 'B')
|
|
45
|
+
API.new('CancelSynchronousIo', 'L', 'B')
|
|
46
|
+
rescue Win32::API::LoadLibraryError
|
|
47
|
+
# Windows Vista or later
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
end
|
|
@@ -1,110 +1,117 @@
|
|
|
1
|
-
require 'windows/api'
|
|
2
|
-
|
|
3
|
-
# This library exposes functions from ntdll, which are typically undocumented.
|
|
4
|
-
# The name is derived from winternl.h which contains only function prototypes.
|
|
5
|
-
|
|
6
|
-
module Windows
|
|
7
|
-
module NTFS
|
|
8
|
-
module Winternl
|
|
9
|
-
API.auto_namespace = 'Windows::NTFS::Winternl'
|
|
10
|
-
API.auto_constant = true
|
|
11
|
-
API.auto_method = true
|
|
12
|
-
API.auto_unicode = false
|
|
13
|
-
|
|
14
|
-
private
|
|
15
|
-
|
|
16
|
-
FileAccessInformation = 8
|
|
17
|
-
FileAlignmentInformation = 17
|
|
18
|
-
FileAllInformation = 18
|
|
19
|
-
FileAllocationInformation = 19
|
|
20
|
-
FileAlternateNameInformation = 21
|
|
21
|
-
FileAttributeTagInformation = 35
|
|
22
|
-
FileBasicInformation = 4
|
|
23
|
-
FileBothDirectoryInformation = 3
|
|
24
|
-
FileCompletionInformation = 30
|
|
25
|
-
FileCompressionInformation = 28
|
|
26
|
-
FileDirectoryInformation = 1
|
|
27
|
-
FileDispositionInformation = 13
|
|
28
|
-
FileEaInformation = 7
|
|
29
|
-
FileEndOfFileInformation = 20
|
|
30
|
-
FileFullDirectoryInformation = 2
|
|
31
|
-
FileFullEaInformation = 15
|
|
32
|
-
FileHardLinkInformation = 46
|
|
33
|
-
FileIdBothDirectoryInformation = 37
|
|
34
|
-
FileIdFullDirectoryInformation = 38
|
|
35
|
-
FileInternalInformation = 6
|
|
36
|
-
FileLinkInformation = 11
|
|
37
|
-
FileMailslotQueryInformation = 26
|
|
38
|
-
FileMailslotSetInformation = 27
|
|
39
|
-
FileModeInformation = 16
|
|
40
|
-
FileMoveClusterInformation = 31
|
|
41
|
-
FileNameInformation = 9
|
|
42
|
-
FileNamesInformation = 12
|
|
43
|
-
FileNetworkOpenInformation = 34
|
|
44
|
-
FileObjectIdInformation = 29
|
|
45
|
-
FilePipeInformation = 23
|
|
46
|
-
FilePipeLocalInformation = 24
|
|
47
|
-
FilePipeRemoteInformation = 25
|
|
48
|
-
FilePositionInformation = 14
|
|
49
|
-
FileQuotaInformation = 32
|
|
50
|
-
FileRenameInformation = 10
|
|
51
|
-
FileReparsePointInformation = 33
|
|
52
|
-
FileShortNameInformation = 40
|
|
53
|
-
FileStandardInformation = 5
|
|
54
|
-
FileStreamInformation = 22
|
|
55
|
-
FileTrackingInformation = 36
|
|
56
|
-
FileValidDataLengthInformation = 39
|
|
57
|
-
|
|
58
|
-
ObjectNameInformation = 1
|
|
59
|
-
|
|
60
|
-
STATUS_SUCCESS = 0
|
|
61
|
-
|
|
62
|
-
API.new('NtQueryInformationFile', 'LPPLL', 'L', 'ntdll')
|
|
63
|
-
API.new('NtQueryObject', 'LLPLP', 'L', 'ntdll')
|
|
64
|
-
API.new('NtQuerySystemInformation', 'LPLP', 'L', 'ntdll')
|
|
65
|
-
API.new('RtlAdjustPrivilege', 'LIIP', 'L', 'ntdll')
|
|
66
|
-
|
|
67
|
-
begin
|
|
68
|
-
API.new('RtlSetProcessIsCritical', 'IPI', 'L', 'ntdll')
|
|
69
|
-
rescue Win32::API::LoadLibraryError
|
|
70
|
-
# XP or later
|
|
71
|
-
end
|
|
72
|
-
|
|
73
|
-
# Should work for Windows XP/2000
|
|
74
|
-
unless defined? GetFinalPathNameByHandle
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
1
|
+
require 'windows/api'
|
|
2
|
+
|
|
3
|
+
# This library exposes functions from ntdll, which are typically undocumented.
|
|
4
|
+
# The name is derived from winternl.h which contains only function prototypes.
|
|
5
|
+
|
|
6
|
+
module Windows
|
|
7
|
+
module NTFS
|
|
8
|
+
module Winternl
|
|
9
|
+
API.auto_namespace = 'Windows::NTFS::Winternl'
|
|
10
|
+
API.auto_constant = true
|
|
11
|
+
API.auto_method = true
|
|
12
|
+
API.auto_unicode = false
|
|
13
|
+
|
|
14
|
+
private
|
|
15
|
+
|
|
16
|
+
FileAccessInformation = 8
|
|
17
|
+
FileAlignmentInformation = 17
|
|
18
|
+
FileAllInformation = 18
|
|
19
|
+
FileAllocationInformation = 19
|
|
20
|
+
FileAlternateNameInformation = 21
|
|
21
|
+
FileAttributeTagInformation = 35
|
|
22
|
+
FileBasicInformation = 4
|
|
23
|
+
FileBothDirectoryInformation = 3
|
|
24
|
+
FileCompletionInformation = 30
|
|
25
|
+
FileCompressionInformation = 28
|
|
26
|
+
FileDirectoryInformation = 1
|
|
27
|
+
FileDispositionInformation = 13
|
|
28
|
+
FileEaInformation = 7
|
|
29
|
+
FileEndOfFileInformation = 20
|
|
30
|
+
FileFullDirectoryInformation = 2
|
|
31
|
+
FileFullEaInformation = 15
|
|
32
|
+
FileHardLinkInformation = 46
|
|
33
|
+
FileIdBothDirectoryInformation = 37
|
|
34
|
+
FileIdFullDirectoryInformation = 38
|
|
35
|
+
FileInternalInformation = 6
|
|
36
|
+
FileLinkInformation = 11
|
|
37
|
+
FileMailslotQueryInformation = 26
|
|
38
|
+
FileMailslotSetInformation = 27
|
|
39
|
+
FileModeInformation = 16
|
|
40
|
+
FileMoveClusterInformation = 31
|
|
41
|
+
FileNameInformation = 9
|
|
42
|
+
FileNamesInformation = 12
|
|
43
|
+
FileNetworkOpenInformation = 34
|
|
44
|
+
FileObjectIdInformation = 29
|
|
45
|
+
FilePipeInformation = 23
|
|
46
|
+
FilePipeLocalInformation = 24
|
|
47
|
+
FilePipeRemoteInformation = 25
|
|
48
|
+
FilePositionInformation = 14
|
|
49
|
+
FileQuotaInformation = 32
|
|
50
|
+
FileRenameInformation = 10
|
|
51
|
+
FileReparsePointInformation = 33
|
|
52
|
+
FileShortNameInformation = 40
|
|
53
|
+
FileStandardInformation = 5
|
|
54
|
+
FileStreamInformation = 22
|
|
55
|
+
FileTrackingInformation = 36
|
|
56
|
+
FileValidDataLengthInformation = 39
|
|
57
|
+
|
|
58
|
+
ObjectNameInformation = 1
|
|
59
|
+
|
|
60
|
+
STATUS_SUCCESS = 0
|
|
61
|
+
|
|
62
|
+
API.new('NtQueryInformationFile', 'LPPLL', 'L', 'ntdll')
|
|
63
|
+
API.new('NtQueryObject', 'LLPLP', 'L', 'ntdll')
|
|
64
|
+
API.new('NtQuerySystemInformation', 'LPLP', 'L', 'ntdll')
|
|
65
|
+
API.new('RtlAdjustPrivilege', 'LIIP', 'L', 'ntdll')
|
|
66
|
+
|
|
67
|
+
begin
|
|
68
|
+
API.new('RtlSetProcessIsCritical', 'IPI', 'L', 'ntdll')
|
|
69
|
+
rescue Win32::API::LoadLibraryError
|
|
70
|
+
# XP or later
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
# Should work for Windows XP/2000
|
|
74
|
+
unless defined? GetFinalPathNameByHandle
|
|
75
|
+
begin
|
|
76
|
+
API.new('GetFinalPathNameByHandle', 'LPLL', 'L')
|
|
77
|
+
rescue Win32::API::LoadLibraryError
|
|
78
|
+
require 'windows/error'
|
|
79
|
+
require 'windows/unicode'
|
|
80
|
+
require 'windows/volume'
|
|
81
|
+
|
|
82
|
+
include Windows::Error
|
|
83
|
+
include Windows::Unicode
|
|
84
|
+
include Windows::Volume
|
|
85
|
+
|
|
86
|
+
# Simulates the GetFinalPathNameByHandle method. Note that the +size+
|
|
87
|
+
# and +flags+ arguments are ignored, but are required for interface
|
|
88
|
+
# compatibility. The buffer is an in/out parameter.
|
|
89
|
+
#
|
|
90
|
+
# The +size+ argument simply isn't used internally and the +flags+
|
|
91
|
+
# argument is currently assumed to always be VOLUME_NAME_NT.
|
|
92
|
+
#
|
|
93
|
+
def GetFinalPathNameByHandle(handle, buffer, size, flags)
|
|
94
|
+
mpath = 1024
|
|
95
|
+
|
|
96
|
+
object_name_information = 0.chr * (8 + (mpath * 2))
|
|
97
|
+
|
|
98
|
+
status = NtQueryObject(
|
|
99
|
+
handle,
|
|
100
|
+
ObjectNameInformation,
|
|
101
|
+
object_name_information,
|
|
102
|
+
object_name_information.size,
|
|
103
|
+
0
|
|
104
|
+
)
|
|
105
|
+
|
|
106
|
+
if status > 0
|
|
107
|
+
raise 'NtQueryObject function failed: ' + get_last_error
|
|
108
|
+
end
|
|
109
|
+
|
|
110
|
+
buffer.replace(wide_to_multi(object_name_information[8..-1]))
|
|
111
|
+
buffer.size
|
|
112
|
+
end
|
|
113
|
+
end
|
|
114
|
+
end
|
|
115
|
+
end
|
|
116
|
+
end
|
|
117
|
+
end
|
data/lib/windows/process.rb
CHANGED
|
@@ -1,176 +1,176 @@
|
|
|
1
|
-
require 'windows/api'
|
|
2
|
-
|
|
3
|
-
# The Windows module serves as a namespace only.
|
|
4
|
-
module Windows
|
|
5
|
-
# The Process module includes process related functions and constants,
|
|
6
|
-
# including some tool help functions that relate to processes.
|
|
7
|
-
module Process
|
|
8
|
-
API.auto_namespace = 'Windows::Process'
|
|
9
|
-
API.auto_constant = true
|
|
10
|
-
API.auto_method = true
|
|
11
|
-
API.auto_unicode = true
|
|
12
|
-
|
|
13
|
-
private
|
|
14
|
-
|
|
15
|
-
# Process access rights
|
|
16
|
-
|
|
17
|
-
PROCESS_ALL_ACCESS = 0x1F0FFF
|
|
18
|
-
PROCESS_CREATE_PROCESS = 0x0080
|
|
19
|
-
PROCESS_CREATE_THREAD = 0x0002
|
|
20
|
-
PROCESS_DUP_HANDLE = 0x0040
|
|
21
|
-
PROCESS_QUERY_INFORMATION = 0x0400
|
|
22
|
-
PROCESS_QUERY_LIMITED_INFORMATION = 0x1000
|
|
23
|
-
PROCESS_SET_QUOTA = 0x0100
|
|
24
|
-
PROCESS_SET_INFORMATION = 0x0200
|
|
25
|
-
PROCESS_SUSPEND_RESUME = 0x0800
|
|
26
|
-
PROCESS_TERMINATE = 0x0001
|
|
27
|
-
PROCESS_VM_OPERATION = 0x0008
|
|
28
|
-
PROCESS_VM_READ = 0x0010
|
|
29
|
-
PROCESS_VM_WRITE = 0x0020
|
|
30
|
-
SYNCHRONIZE = 1048576
|
|
31
|
-
STILL_ACTIVE = 259
|
|
32
|
-
|
|
33
|
-
# Process priority flags
|
|
34
|
-
|
|
35
|
-
ABOVE_NORMAL_PRIORITY_CLASS = 0x00008000
|
|
36
|
-
BELOW_NORMAL_PRIORITY_CLASS = 0x00004000
|
|
37
|
-
HIGH_PRIORITY_CLASS = 0x00000080
|
|
38
|
-
IDLE_PRIORITY_CLASS = 0x00000040
|
|
39
|
-
NORMAL_PRIORITY_CLASS = 0x00000020
|
|
40
|
-
REALTIME_PRIORITY_CLASS = 0x00000100
|
|
41
|
-
|
|
42
|
-
# Process creation flags
|
|
43
|
-
|
|
44
|
-
CREATE_BREAKAWAY_FROM_JOB = 0x01000000
|
|
45
|
-
CREATE_DEFAULT_ERROR_MODE = 0x04000000
|
|
46
|
-
CREATE_NEW_CONSOLE = 0x00000010
|
|
47
|
-
CREATE_NEW_PROCESS_GROUP = 0x00000200
|
|
48
|
-
CREATE_NO_WINDOW = 0x08000000
|
|
49
|
-
CREATE_PRESERVE_CODE_AUTHZ_LEVEL = 0x02000000
|
|
50
|
-
CREATE_SEPARATE_WOW_VDM = 0x00000800
|
|
51
|
-
CREATE_SHARED_WOW_VDM = 0x00001000
|
|
52
|
-
CREATE_SUSPENDED = 0x00000004
|
|
53
|
-
CREATE_UNICODE_ENVIRONMENT = 0x00000400
|
|
54
|
-
DEBUG_ONLY_THIS_PROCESS = 0x00000002
|
|
55
|
-
DEBUG_PROCESS = 0x00000001
|
|
56
|
-
DETACHED_PROCESS = 0x00000008
|
|
57
|
-
|
|
58
|
-
STARTF_USESHOWWINDOW = 0x00000001
|
|
59
|
-
STARTF_USESIZE = 0x00000002
|
|
60
|
-
STARTF_USEPOSITION = 0x00000004
|
|
61
|
-
STARTF_USECOUNTCHARS = 0x00000008
|
|
62
|
-
STARTF_USEFILLATTRIBUTE = 0x00000010
|
|
63
|
-
STARTF_RUNFULLSCREEN = 0x00000020
|
|
64
|
-
STARTF_FORCEONFEEDBACK = 0x00000040
|
|
65
|
-
STARTF_FORCEOFFFEEDBACK = 0x00000080
|
|
66
|
-
STARTF_USESTDHANDLES = 0x00000100
|
|
67
|
-
STARTF_USEHOTKEY = 0x00000200
|
|
68
|
-
|
|
69
|
-
LOGON_WITH_PROFILE = 0x00000001
|
|
70
|
-
LOGON_NETCREDENTIALS_ONLY = 0x00000002
|
|
71
|
-
|
|
72
|
-
SHUTDOWN_NORETRY = 0x00000001
|
|
73
|
-
|
|
74
|
-
# Job Object Classes
|
|
75
|
-
|
|
76
|
-
JobObjectBasicLimitInformation = 2
|
|
77
|
-
JobObjectBasicUIRestrictions = 4
|
|
78
|
-
JobObjectSecurityLimitInformation = 5
|
|
79
|
-
JobObjectEndOfJobTimeInformation = 6
|
|
80
|
-
JobObjectAssociateCompletionPortInformation = 7
|
|
81
|
-
JobObjectExtendedLimitInformation = 9
|
|
82
|
-
JobObjectGroupInformation = 11
|
|
83
|
-
|
|
84
|
-
# Job Limit Flags
|
|
85
|
-
|
|
86
|
-
JOB_OBJECT_LIMIT_WORKINGSET = 0x00000001
|
|
87
|
-
JOB_OBJECT_LIMIT_PROCESS_TIME = 0x00000002
|
|
88
|
-
JOB_OBJECT_LIMIT_JOB_TIME = 0x00000004
|
|
89
|
-
JOB_OBJECT_LIMIT_ACTIVE_PROCESS = 0x00000008
|
|
90
|
-
JOB_OBJECT_LIMIT_AFFINITY = 0x00000010
|
|
91
|
-
JOB_OBJECT_LIMIT_PRIORITY_CLASS = 0x00000020
|
|
92
|
-
JOB_OBJECT_LIMIT_PRESERVE_JOB_TIME = 0x00000040
|
|
93
|
-
JOB_OBJECT_LIMIT_SCHEDULING_CLASS = 0x00000080
|
|
94
|
-
JOB_OBJECT_LIMIT_PROCESS_MEMORY = 0x00000100
|
|
95
|
-
JOB_OBJECT_LIMIT_JOB_MEMORY = 0x00000200
|
|
96
|
-
JOB_OBJECT_LIMIT_DIE_ON_UNHANDLED_EXCEPTION = 0x00000400
|
|
97
|
-
JOB_OBJECT_LIMIT_BREAKAWAY_OK = 0x00000800
|
|
98
|
-
JOB_OBJECT_LIMIT_SILENT_BREAKAWAY_OK = 0x00001000
|
|
99
|
-
JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE = 0x00002000
|
|
100
|
-
|
|
101
|
-
# Job Access Rights
|
|
102
|
-
|
|
103
|
-
JOB_OBJECT_ASSIGN_PROCESS = 0x0001
|
|
104
|
-
JOB_OBJECT_SET_ATTRIBUTES = 0x0002
|
|
105
|
-
JOB_OBJECT_QUERY = 0x0004
|
|
106
|
-
JOB_OBJECT_TERMINATE = 0x0008
|
|
107
|
-
JOB_OBJECT_SET_SECURITY_ATTRIBUTES = 0x0010
|
|
108
|
-
JOB_OBJECT_ALL_ACCESS = 0x1F001F
|
|
109
|
-
|
|
110
|
-
# Functions
|
|
111
|
-
|
|
112
|
-
API.new('AssignProcessToJobObject', 'LL', 'B')
|
|
113
|
-
API.new('CreateJobObject', 'PS', 'L')
|
|
114
|
-
API.new('CreateProcess', '
|
|
115
|
-
API.new('CreateProcessAsUser', '
|
|
116
|
-
API.new('CreateProcessWithLogonW', '
|
|
117
|
-
API.new('EnumProcesses', 'PLP', 'B', 'psapi')
|
|
118
|
-
API.new('ExitProcess', 'L', 'V')
|
|
119
|
-
API.new('FreeEnvironmentStrings', 'P', 'B')
|
|
120
|
-
API.new('GetCommandLine', 'V', 'P')
|
|
121
|
-
API.new('GetCurrentProcess', 'V', 'L')
|
|
122
|
-
API.new('GetCurrentProcessId', 'V', 'L')
|
|
123
|
-
API.new('GetEnvironmentStrings', 'V', 'L')
|
|
124
|
-
API.new('GetEnvironmentVariable', '
|
|
125
|
-
API.new('GetExitCodeProcess', 'LP', 'B')
|
|
126
|
-
API.new('GetGuiResources', 'LL', 'L', 'user32')
|
|
127
|
-
API.new('GetPriorityClass', 'L', 'L')
|
|
128
|
-
API.new('GetProcessAffinityMask', 'LPP', 'B')
|
|
129
|
-
API.new('GetProcessIoCounters', 'LP', 'B')
|
|
130
|
-
API.new('GetProcessPriorityBoost', 'LP', 'B')
|
|
131
|
-
API.new('GetProcessShutdownParameters', 'PP', 'B')
|
|
132
|
-
API.new('GetProcessTimes', 'LPPPP', 'B')
|
|
133
|
-
API.new('GetProcessVersion', 'L', 'L')
|
|
134
|
-
API.new('GetProcessWorkingSetSize', 'LPP', 'B')
|
|
135
|
-
API.new('GetStartupInfo', 'P', 'V')
|
|
136
|
-
API.new('OpenJobObject', 'LIS', 'L')
|
|
137
|
-
API.new('OpenProcess', 'LIL', 'L')
|
|
138
|
-
API.new('QueryInformationJobObject', 'LLPLP', 'B')
|
|
139
|
-
API.new('SetEnvironmentVariable', '
|
|
140
|
-
API.new('SetInformationJobObject', 'LLPL', 'B')
|
|
141
|
-
API.new('SetPriorityClass', 'LL', 'B')
|
|
142
|
-
API.new('SetProcessAffinityMask', 'LL', 'B')
|
|
143
|
-
API.new('SetProcessPriorityBoost', 'LB', 'B')
|
|
144
|
-
API.new('SetProcessShutdownParameters', 'LL', 'B')
|
|
145
|
-
API.new('SetProcessWorkingSetSize', 'LLL', 'B')
|
|
146
|
-
API.new('TerminateJobObject', 'LL', 'B')
|
|
147
|
-
API.new('TerminateProcess', 'LL', 'B')
|
|
148
|
-
API.new('WaitForInputIdle', 'LL', 'L', 'user32')
|
|
149
|
-
API.new('WTSEnumerateProcesses', 'LLLPP', 'B', 'wtsapi32')
|
|
150
|
-
|
|
151
|
-
begin
|
|
152
|
-
API.new('GetProcessId', 'L', 'L')
|
|
153
|
-
API.new('GetProcessHandleCount', 'LP', 'B')
|
|
154
|
-
API.new('IsProcessInJob', 'LLP', 'B')
|
|
155
|
-
API.new('IsWow64Process', 'LP', 'B')
|
|
156
|
-
rescue Win32::API::LoadLibraryError
|
|
157
|
-
# Windows XP or later
|
|
158
|
-
end
|
|
159
|
-
|
|
160
|
-
# Helper method to determine if you're on a 64 bit version of Windows
|
|
161
|
-
def windows_64?
|
|
162
|
-
bool = false
|
|
163
|
-
|
|
164
|
-
if defined? IsWow64Process
|
|
165
|
-
buf = 0.chr * 4
|
|
166
|
-
if IsWow64Process(GetCurrentProcess(), buf)
|
|
167
|
-
if buf.unpack('I')[0] == 1
|
|
168
|
-
bool = true
|
|
169
|
-
end
|
|
170
|
-
end
|
|
171
|
-
end
|
|
172
|
-
|
|
173
|
-
bool
|
|
174
|
-
end
|
|
175
|
-
end
|
|
176
|
-
end
|
|
1
|
+
require 'windows/api'
|
|
2
|
+
|
|
3
|
+
# The Windows module serves as a namespace only.
|
|
4
|
+
module Windows
|
|
5
|
+
# The Process module includes process related functions and constants,
|
|
6
|
+
# including some tool help functions that relate to processes.
|
|
7
|
+
module Process
|
|
8
|
+
API.auto_namespace = 'Windows::Process'
|
|
9
|
+
API.auto_constant = true
|
|
10
|
+
API.auto_method = true
|
|
11
|
+
API.auto_unicode = true
|
|
12
|
+
|
|
13
|
+
private
|
|
14
|
+
|
|
15
|
+
# Process access rights
|
|
16
|
+
|
|
17
|
+
PROCESS_ALL_ACCESS = 0x1F0FFF
|
|
18
|
+
PROCESS_CREATE_PROCESS = 0x0080
|
|
19
|
+
PROCESS_CREATE_THREAD = 0x0002
|
|
20
|
+
PROCESS_DUP_HANDLE = 0x0040
|
|
21
|
+
PROCESS_QUERY_INFORMATION = 0x0400
|
|
22
|
+
PROCESS_QUERY_LIMITED_INFORMATION = 0x1000
|
|
23
|
+
PROCESS_SET_QUOTA = 0x0100
|
|
24
|
+
PROCESS_SET_INFORMATION = 0x0200
|
|
25
|
+
PROCESS_SUSPEND_RESUME = 0x0800
|
|
26
|
+
PROCESS_TERMINATE = 0x0001
|
|
27
|
+
PROCESS_VM_OPERATION = 0x0008
|
|
28
|
+
PROCESS_VM_READ = 0x0010
|
|
29
|
+
PROCESS_VM_WRITE = 0x0020
|
|
30
|
+
SYNCHRONIZE = 1048576
|
|
31
|
+
STILL_ACTIVE = 259
|
|
32
|
+
|
|
33
|
+
# Process priority flags
|
|
34
|
+
|
|
35
|
+
ABOVE_NORMAL_PRIORITY_CLASS = 0x00008000
|
|
36
|
+
BELOW_NORMAL_PRIORITY_CLASS = 0x00004000
|
|
37
|
+
HIGH_PRIORITY_CLASS = 0x00000080
|
|
38
|
+
IDLE_PRIORITY_CLASS = 0x00000040
|
|
39
|
+
NORMAL_PRIORITY_CLASS = 0x00000020
|
|
40
|
+
REALTIME_PRIORITY_CLASS = 0x00000100
|
|
41
|
+
|
|
42
|
+
# Process creation flags
|
|
43
|
+
|
|
44
|
+
CREATE_BREAKAWAY_FROM_JOB = 0x01000000
|
|
45
|
+
CREATE_DEFAULT_ERROR_MODE = 0x04000000
|
|
46
|
+
CREATE_NEW_CONSOLE = 0x00000010
|
|
47
|
+
CREATE_NEW_PROCESS_GROUP = 0x00000200
|
|
48
|
+
CREATE_NO_WINDOW = 0x08000000
|
|
49
|
+
CREATE_PRESERVE_CODE_AUTHZ_LEVEL = 0x02000000
|
|
50
|
+
CREATE_SEPARATE_WOW_VDM = 0x00000800
|
|
51
|
+
CREATE_SHARED_WOW_VDM = 0x00001000
|
|
52
|
+
CREATE_SUSPENDED = 0x00000004
|
|
53
|
+
CREATE_UNICODE_ENVIRONMENT = 0x00000400
|
|
54
|
+
DEBUG_ONLY_THIS_PROCESS = 0x00000002
|
|
55
|
+
DEBUG_PROCESS = 0x00000001
|
|
56
|
+
DETACHED_PROCESS = 0x00000008
|
|
57
|
+
|
|
58
|
+
STARTF_USESHOWWINDOW = 0x00000001
|
|
59
|
+
STARTF_USESIZE = 0x00000002
|
|
60
|
+
STARTF_USEPOSITION = 0x00000004
|
|
61
|
+
STARTF_USECOUNTCHARS = 0x00000008
|
|
62
|
+
STARTF_USEFILLATTRIBUTE = 0x00000010
|
|
63
|
+
STARTF_RUNFULLSCREEN = 0x00000020
|
|
64
|
+
STARTF_FORCEONFEEDBACK = 0x00000040
|
|
65
|
+
STARTF_FORCEOFFFEEDBACK = 0x00000080
|
|
66
|
+
STARTF_USESTDHANDLES = 0x00000100
|
|
67
|
+
STARTF_USEHOTKEY = 0x00000200
|
|
68
|
+
|
|
69
|
+
LOGON_WITH_PROFILE = 0x00000001
|
|
70
|
+
LOGON_NETCREDENTIALS_ONLY = 0x00000002
|
|
71
|
+
|
|
72
|
+
SHUTDOWN_NORETRY = 0x00000001
|
|
73
|
+
|
|
74
|
+
# Job Object Classes
|
|
75
|
+
|
|
76
|
+
JobObjectBasicLimitInformation = 2
|
|
77
|
+
JobObjectBasicUIRestrictions = 4
|
|
78
|
+
JobObjectSecurityLimitInformation = 5
|
|
79
|
+
JobObjectEndOfJobTimeInformation = 6
|
|
80
|
+
JobObjectAssociateCompletionPortInformation = 7
|
|
81
|
+
JobObjectExtendedLimitInformation = 9
|
|
82
|
+
JobObjectGroupInformation = 11
|
|
83
|
+
|
|
84
|
+
# Job Limit Flags
|
|
85
|
+
|
|
86
|
+
JOB_OBJECT_LIMIT_WORKINGSET = 0x00000001
|
|
87
|
+
JOB_OBJECT_LIMIT_PROCESS_TIME = 0x00000002
|
|
88
|
+
JOB_OBJECT_LIMIT_JOB_TIME = 0x00000004
|
|
89
|
+
JOB_OBJECT_LIMIT_ACTIVE_PROCESS = 0x00000008
|
|
90
|
+
JOB_OBJECT_LIMIT_AFFINITY = 0x00000010
|
|
91
|
+
JOB_OBJECT_LIMIT_PRIORITY_CLASS = 0x00000020
|
|
92
|
+
JOB_OBJECT_LIMIT_PRESERVE_JOB_TIME = 0x00000040
|
|
93
|
+
JOB_OBJECT_LIMIT_SCHEDULING_CLASS = 0x00000080
|
|
94
|
+
JOB_OBJECT_LIMIT_PROCESS_MEMORY = 0x00000100
|
|
95
|
+
JOB_OBJECT_LIMIT_JOB_MEMORY = 0x00000200
|
|
96
|
+
JOB_OBJECT_LIMIT_DIE_ON_UNHANDLED_EXCEPTION = 0x00000400
|
|
97
|
+
JOB_OBJECT_LIMIT_BREAKAWAY_OK = 0x00000800
|
|
98
|
+
JOB_OBJECT_LIMIT_SILENT_BREAKAWAY_OK = 0x00001000
|
|
99
|
+
JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE = 0x00002000
|
|
100
|
+
|
|
101
|
+
# Job Access Rights
|
|
102
|
+
|
|
103
|
+
JOB_OBJECT_ASSIGN_PROCESS = 0x0001
|
|
104
|
+
JOB_OBJECT_SET_ATTRIBUTES = 0x0002
|
|
105
|
+
JOB_OBJECT_QUERY = 0x0004
|
|
106
|
+
JOB_OBJECT_TERMINATE = 0x0008
|
|
107
|
+
JOB_OBJECT_SET_SECURITY_ATTRIBUTES = 0x0010
|
|
108
|
+
JOB_OBJECT_ALL_ACCESS = 0x1F001F
|
|
109
|
+
|
|
110
|
+
# Functions
|
|
111
|
+
|
|
112
|
+
API.new('AssignProcessToJobObject', 'LL', 'B')
|
|
113
|
+
API.new('CreateJobObject', 'PS', 'L')
|
|
114
|
+
API.new('CreateProcess', 'SPPPLLLPPP', 'B')
|
|
115
|
+
API.new('CreateProcessAsUser', 'LSPLLILPPPP', 'B', 'advapi32')
|
|
116
|
+
API.new('CreateProcessWithLogonW', 'SSSLSPLLSPP', 'B', 'advapi32')
|
|
117
|
+
API.new('EnumProcesses', 'PLP', 'B', 'psapi')
|
|
118
|
+
API.new('ExitProcess', 'L', 'V')
|
|
119
|
+
API.new('FreeEnvironmentStrings', 'P', 'B')
|
|
120
|
+
API.new('GetCommandLine', 'V', 'P')
|
|
121
|
+
API.new('GetCurrentProcess', 'V', 'L')
|
|
122
|
+
API.new('GetCurrentProcessId', 'V', 'L')
|
|
123
|
+
API.new('GetEnvironmentStrings', 'V', 'L')
|
|
124
|
+
API.new('GetEnvironmentVariable', 'SPL', 'L')
|
|
125
|
+
API.new('GetExitCodeProcess', 'LP', 'B')
|
|
126
|
+
API.new('GetGuiResources', 'LL', 'L', 'user32')
|
|
127
|
+
API.new('GetPriorityClass', 'L', 'L')
|
|
128
|
+
API.new('GetProcessAffinityMask', 'LPP', 'B')
|
|
129
|
+
API.new('GetProcessIoCounters', 'LP', 'B')
|
|
130
|
+
API.new('GetProcessPriorityBoost', 'LP', 'B')
|
|
131
|
+
API.new('GetProcessShutdownParameters', 'PP', 'B')
|
|
132
|
+
API.new('GetProcessTimes', 'LPPPP', 'B')
|
|
133
|
+
API.new('GetProcessVersion', 'L', 'L')
|
|
134
|
+
API.new('GetProcessWorkingSetSize', 'LPP', 'B')
|
|
135
|
+
API.new('GetStartupInfo', 'P', 'V')
|
|
136
|
+
API.new('OpenJobObject', 'LIS', 'L')
|
|
137
|
+
API.new('OpenProcess', 'LIL', 'L')
|
|
138
|
+
API.new('QueryInformationJobObject', 'LLPLP', 'B')
|
|
139
|
+
API.new('SetEnvironmentVariable', 'SS', 'B')
|
|
140
|
+
API.new('SetInformationJobObject', 'LLPL', 'B')
|
|
141
|
+
API.new('SetPriorityClass', 'LL', 'B')
|
|
142
|
+
API.new('SetProcessAffinityMask', 'LL', 'B')
|
|
143
|
+
API.new('SetProcessPriorityBoost', 'LB', 'B')
|
|
144
|
+
API.new('SetProcessShutdownParameters', 'LL', 'B')
|
|
145
|
+
API.new('SetProcessWorkingSetSize', 'LLL', 'B')
|
|
146
|
+
API.new('TerminateJobObject', 'LL', 'B')
|
|
147
|
+
API.new('TerminateProcess', 'LL', 'B')
|
|
148
|
+
API.new('WaitForInputIdle', 'LL', 'L', 'user32')
|
|
149
|
+
API.new('WTSEnumerateProcesses', 'LLLPP', 'B', 'wtsapi32')
|
|
150
|
+
|
|
151
|
+
begin
|
|
152
|
+
API.new('GetProcessId', 'L', 'L')
|
|
153
|
+
API.new('GetProcessHandleCount', 'LP', 'B')
|
|
154
|
+
API.new('IsProcessInJob', 'LLP', 'B')
|
|
155
|
+
API.new('IsWow64Process', 'LP', 'B')
|
|
156
|
+
rescue Win32::API::LoadLibraryError
|
|
157
|
+
# Windows XP or later
|
|
158
|
+
end
|
|
159
|
+
|
|
160
|
+
# Helper method to determine if you're on a 64 bit version of Windows
|
|
161
|
+
def windows_64?
|
|
162
|
+
bool = false
|
|
163
|
+
|
|
164
|
+
if defined? IsWow64Process
|
|
165
|
+
buf = 0.chr * 4
|
|
166
|
+
if IsWow64Process(GetCurrentProcess(), buf)
|
|
167
|
+
if buf.unpack('I')[0] == 1
|
|
168
|
+
bool = true
|
|
169
|
+
end
|
|
170
|
+
end
|
|
171
|
+
end
|
|
172
|
+
|
|
173
|
+
bool
|
|
174
|
+
end
|
|
175
|
+
end
|
|
176
|
+
end
|