forked from AllenDang/w32
-
Notifications
You must be signed in to change notification settings - Fork 0
/
process.go
106 lines (94 loc) · 2.35 KB
/
process.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
package wutil
import (
"strings"
"syscall"
"unsafe"
"github.com/yinyajiang/go-w32"
)
//IsProcessRuning ...
func IsProcessRuning(names ...string) (bret bool) {
ProcessWalk(func(e32 w32.PROCESSENTRY32) bool {
exefile := strings.ToLower(w32.UTF16SpliceToString(e32.SzExeFile[:]))
for _, name := range names {
name = strings.ToLower(name)
if -1 != strings.Index(exefile, name) {
bret = true
return false
}
}
return true
})
return
}
//GetProcessPID ...
func GetProcessPID(name string) (ret uint) {
name = strings.ToLower(name)
ProcessWalk(func(e32 w32.PROCESSENTRY32) bool {
exefile := strings.ToLower(w32.UTF16SpliceToString(e32.SzExeFile[:]))
if -1 != strings.Index(exefile, name) {
ret = uint(e32.Th32ProcessID)
return false
}
return true
})
return
}
//StartAdminProcess UAC启动
func StartAdminProcess(path string, arg []string) (pid uint, handle w32.HANDLE) {
path = strings.ReplaceAll(path, "/", "\\")
para := ""
if arg != nil {
para = strings.Join(arg, " ")
}
var shExecInfo w32.SHELLEXECUTEINFOW
shExecInfo.CbSize = w32.DWORD(unsafe.Sizeof(shExecInfo))
shExecInfo.FMask = w32.SEE_MASK_NOCLOSEPROCESS
shExecInfo.Hwnd = 0
shExecInfo.LpVerb = syscall.StringToUTF16Ptr("runas")
shExecInfo.LpFile = syscall.StringToUTF16Ptr(path)
shExecInfo.LpParameters = syscall.StringToUTF16Ptr(para)
shExecInfo.LpDirectory = nil
shExecInfo.LpClass = nil
shExecInfo.NShow = w32.SW_HIDE
shExecInfo.HInstApp = 0
if w32.ShellExecuteEx(&shExecInfo) {
pid = w32.GetProcessId(shExecInfo.HProcess)
handle = shExecInfo.HProcess
}
return
}
//StartTokenProcess ...
func StartTokenProcess(hPtoken w32.HANDLE, cmd string) (pid uint) {
if 0 == hPtoken {
return 0
}
var si w32.STARTUPINFOW
si.Cb = uint32(unsafe.Sizeof(si))
si.Flags = w32.STARTF_USESHOWWINDOW
si.ShowWindow = w32.SW_HIDE
var pi w32.PROCESS_INFORMATION
if w32.CreateProcessWithToken(hPtoken, w32.LOGON_WITH_PROFILE, cmd, &si, &pi) {
pid = w32.GetProcessId(pi.Process)
}
return
}
//ProcessWalk 遍历进程表
func ProcessWalk(fun func(w32.PROCESSENTRY32) bool) {
hToolhelp := w32.CreateToolhelp32Snapshot(w32.TH32CS_SNAPPROCESS, 0)
if 0 != hToolhelp {
defer w32.CloseHandle(hToolhelp)
}
b, e32 := w32.Process32First(hToolhelp)
if !b {
return
}
if !fun(e32) {
return
}
for b {
b, e32 = w32.Process32Next(hToolhelp)
if b && !fun(e32) {
return
}
}
}