/[RomCheater]/trunk/RomCheater.Core/ThreadControl.cs
ViewVC logotype

Contents of /trunk/RomCheater.Core/ThreadControl.cs

Parent Directory Parent Directory | Revision Log Revision Log


Revision 686 - (show annotations) (download)
Mon Jun 17 09:31:52 2013 UTC (7 years, 4 months ago) by william
File size: 3129 byte(s)
+ massive move of source files

1 using System;
2 using System.Collections.Generic;
3 using System.Linq;
4 using System.Text;
5 using System.Diagnostics;
6 using System.Security.Principal;
7 using System.Runtime.InteropServices;
8
9 namespace RomCheater.Core
10 {
11 public class ThreadControl
12 {
13 [DllImport("kernel32.dll")]
14 static extern IntPtr OpenThread(ThreadAccess dwDesiredAccess, bool bInheritHandle, uint dwThreadId);
15 [DllImport("kernel32.dll")]
16 static extern uint SuspendThread(IntPtr hThread);
17 [DllImport("kernel32.dll")]
18 static extern int ResumeThread(IntPtr hThread);
19
20 [DllImport("kernel32.dll")]
21 public static extern IntPtr OpenProcess(ProcessAccessFlags dwDesiredAccess, bool bInheritHandle, uint dwProcessId);
22 [DllImport("advapi32.dll", SetLastError = true)]
23 public static extern bool OpenProcessToken(IntPtr ProcessHandle, UInt32 DesiredAccess, out IntPtr TokenHandle);
24 [DllImport("kernel32.dll", SetLastError = true)]
25 [return: MarshalAs(UnmanagedType.Bool)]
26 public static extern bool CloseHandle(IntPtr hObject);
27
28
29 public static void SuspendProcess(int PID)
30 {
31 try
32 {
33 Process proc = Process.GetProcessById(PID);
34
35 if (proc.ProcessName == string.Empty) return;
36 foreach (ProcessThread pT in proc.Threads)
37 {
38 IntPtr pOpenThread = OpenThread(ThreadAccess.SUSPEND_RESUME, false, (uint)pT.Id);
39 if (pOpenThread == IntPtr.Zero) { break; }
40 SuspendThread(pOpenThread);
41 }
42 }
43 catch { }
44 }
45
46 public static void ResumeProcess(int PID)
47 {
48 try
49 {
50 Process proc = Process.GetProcessById(PID);
51 if (proc.ProcessName == string.Empty) return;
52 foreach (ProcessThread pT in proc.Threads)
53 {
54 IntPtr pOpenThread = OpenThread(ThreadAccess.SUSPEND_RESUME, false, (uint)pT.Id);
55 if (pOpenThread == IntPtr.Zero) { break; }
56 ResumeThread(pOpenThread);
57 }
58 }
59 catch { }
60 }
61
62 public static string GetProcessOwner(IntPtr handle, out bool IsSystem)
63 {
64 IntPtr ph = IntPtr.Zero;
65 IsSystem = false;
66 try
67 {
68 ThreadControl.OpenProcessToken(handle, (uint)ProcessTokenFlags.TOKEN_QUERY, out ph);
69 WindowsIdentity wi = new WindowsIdentity(ph);
70 IsSystem = wi.IsSystem;
71 string name = wi.Name;
72 int slash_index = name.IndexOf("\\") + 1;
73 name = name.Remove(0, slash_index);
74 return name;
75 }
76 catch
77 {
78 // ignore
79 }
80 finally
81 {
82 if (ph != IntPtr.Zero) { ThreadControl.CloseHandle(ph); }
83 }
84 return "";
85 }
86 }
87 }

  ViewVC Help
Powered by ViewVC 1.1.22