Code:
#define _WIN32_WINNT 0x0501
#define WINVER 0x0501
#pragma comment( lib, "psapi" )
#include <windows.h>
#include <Psapi.h>
#include <tchar.h>
#include <stdio.h>
void USAGE();
BOOL MySetTokenPrivileges(TCHAR *strValue);
BOOL MySetTokenPrivilegesASSystem(HANDLE hPerPrc);
BOOL MysetAllPrivileges();
void DoKillProcess(TCHAR *pArg);
DWORD GetProcessIdByName(TCHAR *pName);
void KillProcessById(DWORD pId);
void ListRuningProcess();
void DoGetFullProcessPath(TCHAR *pName);
void GetFullProcessPath(DWORD pId);
int _tmain(int argc, TCHAR* argv[])
{
if (argc < 2)
{
USAGE();
return 0;
}
for (int i = 0; i<argc; i++)
{
if (argv[i][0] == '-')
{
switch (argv[i][1])
{
case 'l': ListRuningProcess(); return 0;
case 'k': DoKillProcess(argv[i + 1]); return
0;//KillProcessById(atoi(argv[i+1]))
case 'p': DoGetFullProcessPath(argv[i + 1]); return 0;
//GetFullProcessPath(atoi(argv[i+1]))
case '?':
case 'h': USAGE(); return 0;
default: USAGE();
return 0;
}
}
}
return 0;
}
void USAGE()
{
printf(" USAGE:\n");
printf(" pk -[lpk] <process id>\n");
printf(" \n");
printf(" -l list running process.\n");
printf(" -p [pid/process name] get process path.\n");
printf(" -k [pid/process name] kill process by process id.\n");
printf(" \n");
}
void DoKillProcess(TCHAR *pArg)
{
if ((pArg[0] > '0') && (pArg[0] < '9'))
{
KillProcessById(atoi(pArg));
return;
}
KillProcessById(GetProcessIdByName(pArg));
}
DWORD GetProcessIdByName(TCHAR *pName)
{
TCHAR szProcessName[MAX_PATH] = TEXT("<unknown>");
TCHAR szProcessPath[MAX_PATH * 2] = TEXT("<unknown>");
DWORD aProcesses[1024], cbNeeded, cProcesses;
unsigned int i;
int err = 0;
if (!EnumProcesses(aProcesses, sizeof(aProcesses), &cbNeeded))
{
err = GetLastError();
printf("Error list running process, code: %d\n", err);
return -1;
}
cProcesses = cbNeeded / sizeof(DWORD);
MysetAllPrivileges();
for (i = 1; i<cProcesses; i++)
{
if (aProcesses[i] != 4)
{
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE,
aProcesses[i]);
if (NULL != hProcess)
{
HMODULE hMod;
DWORD cbNeeded;
if (EnumProcessModules(hProcess, &hMod, sizeof(hMod), &cbNeeded))
{
GetModuleBaseName(hProcess, hMod, szProcessName, sizeof(szProcessName) /
sizeof(TCHAR));
if (_tcscmp(pName, szProcessName) == 0)
{
CloseHandle(hProcess);
return aProcesses[i];
}
}
CloseHandle(hProcess);
}
hProcess = NULL;
}
}
printf(" process %s not found!\n", pName);
return -1;
}
void KillProcessById(DWORD pId)
{
int err;
BOOL ret;
HANDLE hPrc = NULL;
TCHAR szProcessName[MAX_PATH] = TEXT("<unknown>");
if (FALSE ==
MySetTokenPrivilegesASSystem(OpenProcess(PROCESS_QUERY_INFORMATION, FALSE,
pId)))
{
printf(" unable to be get process privileges:-( \n");
MysetAllPrivileges();
}
hPrc = OpenProcess(PROCESS_ALL_ACCESS | PROCESS_TERMINATE, FALSE, pId);
if (hPrc == NULL)
{
err = GetLastError();
printf("Error to open process %u code %s\n", pId, err);
return;
}
HMODULE hMod;
DWORD cbNeeded;
if (EnumProcessModules(hPrc, &hMod, sizeof(hMod), &cbNeeded))
{
GetModuleBaseName(hPrc, hMod, szProcessName, sizeof(szProcessName) /
sizeof(TCHAR));
}
ret = TerminateProcess(hPrc, 0);
err = GetLastError();
if (ret)
printf("process id %u (%s) had beed down!\n", pId, szProcessName);
else
printf("unable to kill process [id %u] code %d\n", pId, err);
CloseHandle(hPrc);
hPrc = NULL;
}
void ListRuningProcess()
{
TCHAR szProcessName[MAX_PATH] = TEXT("<unknown>");
TCHAR szProcessPath[MAX_PATH * 2] = TEXT("<unknown>");
DWORD aProcesses[1024], cbNeeded, cProcesses;
unsigned int i;
int err = 0;
if (!EnumProcesses(aProcesses, sizeof(aProcesses), &cbNeeded))
{
err = GetLastError();
printf("Error list running process, code: %d\n", err);
return;
}
cProcesses = cbNeeded / sizeof(DWORD);
MysetAllPrivileges();
printf("Name \t\t Id\n");
for (i = 1; i<cProcesses; i++)
{
if (aProcesses[i] != 4)
{
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE,
aProcesses[i]);
if (NULL != hProcess)
{
HMODULE hMod;
DWORD cbNeeded;
if (EnumProcessModules(hProcess, &hMod, sizeof(hMod),
&cbNeeded))
{
GetModuleBaseName(hProcess, hMod, szProcessName,
sizeof(szProcessName) / sizeof(TCHAR));
GetModuleFileNameEx(hProcess, hMod, szProcessPath, MAX_PATH
* 2);
}
printf(" %s\t\t%u\n", szProcessName, aProcesses[i]);
CloseHandle(hProcess);
}
hProcess = NULL;
}
}
}
void DoGetFullProcessPath(TCHAR *pName)
{
if ((pName[0] > '0') && (pName[0] < '9'))
{
GetFullProcessPath(atoi(pName));
return;
}
GetFullProcessPath(GetProcessIdByName(pName));
}
void GetFullProcessPath(DWORD pId)
{
TCHAR szProcessName[MAX_PATH] = TEXT("<unknown>");
TCHAR szProcessPath[MAX_PATH * 2] = TEXT("<unknown>");
MysetAllPrivileges();
printf(" Name\t\tID\t\tPath\n");
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pId);
if (NULL != hProcess)
{
HMODULE hMod;
DWORD cbNeeded;
if (EnumProcessModules(hProcess, &hMod, sizeof(hMod), &cbNeeded))
{
GetModuleBaseName(hProcess, hMod, szProcessName,
sizeof(szProcessName) / sizeof(TCHAR));
GetModuleFileNameEx(hProcess, hMod, szProcessPath, MAX_PATH * 2);
}
printf(" %s\t\t%u\t\t%s\n", szProcessName, pId, szProcessPath);
CloseHandle(hProcess);
}
hProcess = NULL;
}
BOOL MySetTokenPrivileges(TCHAR *strValue)
{
HANDLE hToken;
TOKEN_PRIVILEGES tkp;
int err;
if (0 == OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &hToken))
{
err = GetLastError();
printf("OpenProcessToken error for %s -> %d\n", strValue, err);
return FALSE;
}
if (0 == LookupPrivilegeValue(NULL, strValue, &tkp.Privileges[0].Luid))
{
err = GetLastError();
printf("LookupPrivilegeValue error for %s -> %d\n", strValue, err);
return FALSE;
}
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
if (0 == AdjustTokenPrivileges(hToken, FALSE, &tkp, 0,
(PTOKEN_PRIVILEGES)NULL, 0))
{
err = GetLastError();
printf("AdjustTokenPrivileges error for %s -> %d\n", strValue, err);
return FALSE;
}
if (ERROR_SUCCESS == GetLastError())
return TRUE;
return FALSE;
}
BOOL MySetTokenPrivilegesASSystem(HANDLE hPerPrc)
{
HANDLE hToken, hMyToken;
TOKEN_PRIVILEGES *ptkp = NULL;
LPVOID lpBuff[32000] = { 0 };
DWORD dwNeed;
int err;
if (hPerPrc == NULL)
{
printf(" Invalide handle!\n");
exit(1);
return FALSE;
}
MysetAllPrivileges();
if (0 == OpenProcessToken(hPerPrc, TOKEN_ALL_ACCESS, &hToken))
{
err = GetLastError();
printf("OpenProcessToken error %d\n", err);
return FALSE;
}
if (FALSE == GetTokenInformation(hToken, TokenPrivileges, lpBuff, 32000,
&dwNeed))
{
err = GetLastError();
printf("GetTokenInformation error %d\n", err);
return FALSE;
}
ptkp = (TOKEN_PRIVILEGES *)lpBuff;
if (0 == OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &hMyToken))
{
err = GetLastError();
printf("OpenProcessToken 2 error %d\n", err);
return FALSE;
}
if (0 == AdjustTokenPrivileges(hMyToken, FALSE, ptkp, 0,
(PTOKEN_PRIVILEGES)NULL, 0))
{
err = GetLastError();
printf("AdjustTokenPrivileges error %d\n", err);
return FALSE;
}
if (ERROR_SUCCESS == GetLastError())
return TRUE;
return FALSE;
}
BOOL MysetAllPrivileges()
{
BOOL bRet = TRUE;
MySetTokenPrivileges(SE_CREATE_TOKEN_NAME);
MySetTokenPrivileges(SE_ASSIGNPRIMARYTOKEN_NAME);
MySetTokenPrivileges(SE_LOCK_MEMORY_NAME);
MySetTokenPrivileges(SE_INCREASE_QUOTA_NAME);
MySetTokenPrivileges(SE_MACHINE_ACCOUNT_NAME);
MySetTokenPrivileges(SE_TCB_NAME);
MySetTokenPrivileges(SE_SECURITY_NAME);
MySetTokenPrivileges(SE_TAKE_OWNERSHIP_NAME);
MySetTokenPrivileges(SE_LOAD_DRIVER_NAME);
MySetTokenPrivileges(SE_SYSTEM_PROFILE_NAME);
MySetTokenPrivileges(SE_SYSTEMTIME_NAME);
MySetTokenPrivileges(SE_PROF_SINGLE_PROCESS_NAME);
MySetTokenPrivileges(SE_INC_BASE_PRIORITY_NAME);
MySetTokenPrivileges(SE_CREATE_PAGEFILE_NAME);
MySetTokenPrivileges(SE_CREATE_PERMANENT_NAME);
MySetTokenPrivileges(SE_BACKUP_NAME);
MySetTokenPrivileges(SE_RESTORE_NAME);
MySetTokenPrivileges(SE_SHUTDOWN_NAME);
MySetTokenPrivileges(SE_DEBUG_NAME);
MySetTokenPrivileges(SE_AUDIT_NAME);
MySetTokenPrivileges(SE_SYSTEM_ENVIRONMENT_NAME);
MySetTokenPrivileges(SE_CHANGE_NOTIFY_NAME);
MySetTokenPrivileges(SE_REMOTE_SHUTDOWN_NAME);
MySetTokenPrivileges(SE_UNDOCK_NAME);
MySetTokenPrivileges(SE_SYNC_AGENT_NAME);
MySetTokenPrivileges(SE_ENABLE_DELEGATION_NAME);
MySetTokenPrivileges(SE_MANAGE_VOLUME_NAME);
return TRUE;
}