Package com.sun.jna.platform.win32

Examples of com.sun.jna.platform.win32.Advapi32Util$EventLogRecord


   */
  public static boolean kill(int pid, int code)
  {
    if (pid <= 0)
      return false;
    HANDLE hProcess = MyKernel32.INSTANCE.OpenProcess(MyKernel32.PROCESS_TERMINATE, false, pid);
    boolean result = MyKernel32.INSTANCE.TerminateProcess(hProcess, code);
    Thread.yield();
    if (!result)
      System.out.println("process kill failed: " + pid + " code=" + code);
    MyKernel32.INSTANCE.CloseHandle(hProcess);
View Full Code Here


    String result = "?";
    PROCESS_BASIC_INFORMATION pbi = null;

    pbi = new PROCESS_BASIC_INFORMATION();
    IntByReference returnLength = new IntByReference();
    HANDLE hProcess = _processInformation.hProcess;
    int pbiSize = pbi.size(); // x64 = 48 bytes, x32 = 24
    int ret = Ntdll.INSTANCE.ZwQueryInformationProcess(hProcess, (byte) 0, pbi.getPointer(), pbiSize, returnLength);
    if (ret == 0)
    {
      pbi.read();
      if (pbi.PebBaseAddress != null)
      {
        PEB peb = new PEB();
        // System.out.println(""+1);
        if (readVirtualMemoryToStructure(pbi.PebBaseAddress, peb))
          if (peb.ProcessParameters != null)
          {
            RTL_USER_PROCESS_PARAMETERS userParams = new RTL_USER_PROCESS_PARAMETERS();
            int userParamsSize = userParams.size(); //x32 = 784, x64 = 1264
            // System.out.println(""+2);
            if (readVirtualMemoryToStructure(peb.ProcessParameters, userParams))
            {
              // System.out.println("MaximumLength "+userParams.CommandLine.MaximumLength);
              if (userParams.CommandLine.MaximumLength > 0)
              {
                Memory stringBuffer = new Memory(userParams.CommandLine.MaximumLength);
                // System.out.println(""+3);
                if (readVirtualMemoryToMemory(userParams.CommandLine.Buffer, stringBuffer))
                  result = stringBuffer.getString(0, true);
              }         
             
              if (userParams.CurrentDirectoryPath.MaximumLength > 0)
              {
                Memory stringBuffer = new Memory(userParams.CurrentDirectoryPath.MaximumLength);
                if (readVirtualMemoryToMemory(userParams.CurrentDirectoryPath.Buffer, stringBuffer))
                  _workingDir = stringBuffer.getString(0, true);
              }
              if (userParams.WindowTitle.MaximumLength > 0)
              {
                Memory stringBuffer = new Memory(userParams.WindowTitle.MaximumLength);
                if (readVirtualMemoryToMemory(userParams.WindowTitle.Buffer, stringBuffer))
                  _title = stringBuffer.getString(0, true);
              }
              if (userParams.Environment != null)
              {
                // get size of environment strings
                MEMORY_BASIC_INFORMATION memInfo = new MEMORY_BASIC_INFORMATION();
                int memInfoSize = memInfo.size(); //x64 = 48, x32 = 28
                int bytesRead = MyKernel32.INSTANCE.VirtualQueryEx(hProcess.getPointer(), userParams.Environment, memInfo.getPointer(),
                    memInfoSize);
                memInfo.read();
                if (bytesRead == 0)
                {
                  _logger.warning("error getting environment in VirtualQueryEx " + Native.getLastError());
View Full Code Here

    String result = "?";
    PROCESS_BASIC_INFORMATION pbi = null;

    pbi = new PROCESS_BASIC_INFORMATION();
    IntByReference returnLength = new IntByReference();
    HANDLE hProcess = _processInformation.hProcess;
    int size = pbi.size();
    int ret = Ntdll.INSTANCE.ZwQueryInformationProcess(hProcess, (byte) 0, pbi.getPointer(), size, returnLength);
    if (ret == 0)
    {
      pbi.read();
View Full Code Here

      assertTrue(W32Errors.ERROR_SUCCESS != Kernel32.INSTANCE.GetLastError());
    }
   
    public void testOpenThreadTokenNoToken() {
      HANDLEByReference phToken = new HANDLEByReference();
      HANDLE threadHandle = Kernel32.INSTANCE.GetCurrentThread();
      assertNotNull(threadHandle);
      assertFalse(Advapi32.INSTANCE.OpenThreadToken(threadHandle,
          WinNT.TOKEN_READ, false, phToken));
      assertEquals(W32Errors.ERROR_NO_TOKEN, Kernel32.INSTANCE.GetLastError());
    }
View Full Code Here

      assertEquals(W32Errors.ERROR_NO_TOKEN, Kernel32.INSTANCE.GetLastError());
    }
   
    public void testOpenProcessToken() {
      HANDLEByReference phToken = new HANDLEByReference();
      HANDLE processHandle = Kernel32.INSTANCE.GetCurrentProcess();
      assertTrue(Advapi32.INSTANCE.OpenProcessToken(processHandle,
          WinNT.TOKEN_DUPLICATE | WinNT.TOKEN_QUERY, phToken));
      assertTrue(Kernel32.INSTANCE.CloseHandle(phToken.getValue()));     
    }
View Full Code Here

      assertTrue(Kernel32.INSTANCE.CloseHandle(phToken.getValue()));     
    }
   
    public void testOpenThreadOrProcessToken() {
      HANDLEByReference phToken = new HANDLEByReference();
      HANDLE threadHandle = Kernel32.INSTANCE.GetCurrentThread();
      if (! Advapi32.INSTANCE.OpenThreadToken(threadHandle,
          WinNT.TOKEN_DUPLICATE | WinNT.TOKEN_QUERY, true, phToken)) {
          assertEquals(W32Errors.ERROR_NO_TOKEN, Kernel32.INSTANCE.GetLastError());
          HANDLE processHandle = Kernel32.INSTANCE.GetCurrentProcess();
          assertTrue(Advapi32.INSTANCE.OpenProcessToken(processHandle,
              WinNT.TOKEN_DUPLICATE | WinNT.TOKEN_QUERY, phToken));
      }
      assertTrue(Kernel32.INSTANCE.CloseHandle(phToken.getValue()));
    }
View Full Code Here

    }
   
    public void testDuplicateToken() {
      HANDLEByReference phToken = new HANDLEByReference();
      HANDLEByReference phTokenDup = new HANDLEByReference();
      HANDLE processHandle = Kernel32.INSTANCE.GetCurrentProcess();
        assertTrue(Advapi32.INSTANCE.OpenProcessToken(processHandle,
            WinNT.TOKEN_DUPLICATE | WinNT.TOKEN_QUERY, phToken));
        assertTrue(Advapi32.INSTANCE.DuplicateToken(phToken.getValue(),
            WinNT.SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation, phTokenDup));
      assertTrue(Kernel32.INSTANCE.CloseHandle(phTokenDup.getValue()));
View Full Code Here

    }
   
    public void testDuplicateTokenEx() {
      HANDLEByReference hExistingToken = new HANDLEByReference();
      HANDLEByReference phNewToken = new HANDLEByReference();
      HANDLE processHandle = Kernel32.INSTANCE.GetCurrentProcess();
      assertTrue(Advapi32.INSTANCE.OpenProcessToken(processHandle,
          WinNT.TOKEN_DUPLICATE | WinNT.TOKEN_QUERY, hExistingToken));
      assertTrue(Advapi32.INSTANCE.DuplicateTokenEx(hExistingToken.getValue(),
          WinNT.GENERIC_READ, null, SECURITY_IMPERSONATION_LEVEL.SecurityAnonymous,
          TOKEN_TYPE.TokenPrimary, phNewToken));
View Full Code Here

      assertTrue(Kernel32.INSTANCE.CloseHandle(hExistingToken.getValue()));
    }
   
    public void testGetTokenOwnerInformation() {
      HANDLEByReference phToken = new HANDLEByReference();
      HANDLE processHandle = Kernel32.INSTANCE.GetCurrentProcess();
        assertTrue(Advapi32.INSTANCE.OpenProcessToken(processHandle,
            WinNT.TOKEN_DUPLICATE | WinNT.TOKEN_QUERY, phToken));
        IntByReference tokenInformationLength = new IntByReference();
        assertFalse(Advapi32.INSTANCE.GetTokenInformation(phToken.getValue(),
            WinNT.TOKEN_INFORMATION_CLASS.TokenOwner, null, 0, tokenInformationLength));
View Full Code Here

        assertTrue(Kernel32.INSTANCE.CloseHandle(phToken.getValue()));
    }
   
    public void testGetTokenUserInformation() {
      HANDLEByReference phToken = new HANDLEByReference();
      HANDLE processHandle = Kernel32.INSTANCE.GetCurrentProcess();
        assertTrue(Advapi32.INSTANCE.OpenProcessToken(processHandle,
            WinNT.TOKEN_DUPLICATE | WinNT.TOKEN_QUERY, phToken));
        IntByReference tokenInformationLength = new IntByReference();
        assertFalse(Advapi32.INSTANCE.GetTokenInformation(phToken.getValue(),
            WinNT.TOKEN_INFORMATION_CLASS.TokenUser, null, 0, tokenInformationLength));
View Full Code Here

TOP

Related Classes of com.sun.jna.platform.win32.Advapi32Util$EventLogRecord

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.