ich habe einen kleinen code geschrieben um sich alle Handles auflisten zu lassen. Dieser basiert zu großen teilen jedoch auf Strukturen, Deifnitionen und API Befehlen die nicht in der MSDN dokumentiert sind, also könne durchaus noch Bugs aufreten.
Was macht der code?
Der Code zeigt alle bestehende Handles von allen Prozessen an, dies können zum Beispiel Registry Keys sein, geöffnete Dateien etc. Es besteht auch die Möglichkeit Handles mit einem Doppelclick darauf zu schließen.
Wozu kann ich den code verwenden?
Hattet ihr schonmal das Problem, das ihr eine Datei löschen wolltet und die Fehlermeldung kam: "Die Datei wird von einem anderen Prozess verwendet." oder so ähnlich? Dann ist der Code die Lösung. Ihr lasst einfach die Handles auflisten, sucht das passende Handle und gibt sie frei.
Was ist bei der Benutzung des Codes zu beachten?
Erstmal sollte der Code nur unter 32 bit ausgeführt werden, da ich kein 64 Bit Windows habe und daher auch die Strukturen nur für 32 Bit geschrieben habe.
Desweiteren ist es gefährlich die Handles von anderen Prozessen zu schließen. Ein Prozess prüft normalerweise nicht andauernd die Gültigkeit seiner Handles und es kann sein das dieser danach abstürtzt. Also schließt NIE das Handle eines Systemprozesses, solange ihr nicht wisst, was ihr tut. Ein Bluescreen wäre hier noch eins der harmlosesten Folgen. Wenn ihr zum Beispiel ein Datei Handle auf eine systemwichtige Datei schließt und Windows gerade dabei war in diese zu schreiben, kann diese recht schnell defekt sein.
Da dies Informationen für diesen Code nur schwer aufzufinden waren und voallendingen die Umgehung von so manchen Bugs im Kernel (vorallendingen in XP) viel Zeit beansprucht hat, wollte ich den Code für die Benutzung in eigenen Projekten freigeben. Solltet ihr ihn verwenden wollen, so schreibt einfach in den Soure Code (für Open Source Projekte) oder in die Dokumentation / About Dialog (bei Closed Source Projekten) einfach "This program uses NT Handle code by DarkPlayer"
Der Code:
Code: Alles auswählen
;Written by DarkPlayer
Global FILE_TYPE.i
Global Process_TYPE.i
Global Thread_TYPE.i
Structure TypeList
Name.s
Enabled.i
Checkbox.i
EndStructure
Structure TypeListArray
Count.i
Element.TypeList[0]
EndStructure
Global *Types.TypeListArray
Select OSVersion()
Case #PB_OS_Windows_NT_4
FILE_TYPE = 23
Case #PB_OS_Windows_2000
FILE_TYPE = 26
Case #PB_OS_Windows_XP, #PB_OS_Windows_Server_2003
FILE_TYPE = 28
Case #PB_OS_Windows_Vista
FILE_TYPE = 25
EndSelect
Enumeration
#WIN_MAIN = 1
#WIN_OPTIONS
#GT_ENUM
#GT_SEARCH
#GT_OPTIONS
#GT_PROGRESS
#GT_LISTICON
#OPT_ENABLE_ALL
#OPT_DISABLE_ALL
EndEnumeration
#STATUS_INFO_LENGTH_MISMATCH = $C0000004
#STATUS_INVALID_DEVICE_REQUEST = $C0000010
#FILE_DEVICE_NAMED_PIPE = $00000011
#ProcessBasicInformation = 0
#ProcessDebugPort = 7
#ProcessWow64Information = 26
#ProcessImageFileName = 27
Structure PROCESS_BASIC_INFORMATION
Reserved1.i;
*PebBaseAddress;
Reserved2.i[2];
UniqueProcessId.i;
Reserved3.i
EndStructure
Structure UNICODE_STRING
Length.w
MaxiumLength.w
*Buffer
EndStructure
Structure OBJECT_TYPE_INFORMATION
TypeName.UNICODE_STRING
TotalNumberOfObjects.l
TotalNumberOfHandles.l
TotalPagedPoolUsage.l
TotalNonPagedPoolUsage.l
TotalNamePoolUsage.l
TotalHandleTableUsage.l
HighWaterNumberOfObjects.l
HighWaterNumberOfHandles.l
HighWaterPagedPoolUsage.l
HighWaterNonPagedPoolUsage.l
HighWaterNamePoolUsage.l
HighWaterHandleTableUsage.l
InvalidAttributes.l
GenericMapping.GENERIC_MAPPING
ValidAccessMask.l
SecurityRequired.w
MaintainHandleCount.w
PoolType.l
DefaultPagedPoolCharge.l
DefaultNonPagedPoolCharge.l
EndStructure
Enumeration
#SystemBasicInformation
#SystemProcessorInformation
#SystemPerformanceInformation
#SystemTimeOfDayInformation
#SystemNotImplemented1
#SystemProcessesAndThreadsInformation
#SystemCallCounts
#SystemConfigurationInformation
#SystemProcessorTimes
#SystemGlobalFlag
#SystemNotImplemented2
#SystemModuleInformation
#SystemLockInformation
#SystemNotImplemented3
#SystemNotImplemented4
#SystemNotImplemented5
#SystemHandleInformation
;// there are more available, but we do not need them here
EndEnumeration
;The Definition from SysInternals Forum
; Enumeration
; #ObjectBasicInformation
; #ObjectNameInformation
; #ObjectTypeInformation
; #ObjectAllInformation
; #ObjectDataInformation
; EndEnumeration
;From http://rongchaua.net/blog/c-get-object-type-number-in-windows-64-bits/
Enumeration
#ObjectBasicInformation = 0
#ObjectNameInformation = 1
#ObjectTypeInformation = 2
#ObjectAllTypesInformation = 3
#ObjectHandleInformation = 4
EndEnumeration
; Definition form ReactOS
; Enumeration ;almost all of them are not even documented on "The Undocumented Functions by NTinternals"
; #ObjectBasicInformation = 0
; #ObjectNameInformation = 1
; #ObjectTypeInformation = 2
; #ObjectTypesInformation = 3
; #ObjectHandleFlagInformation = 4
; #ObjectSessionInformation = 5
; #MaxObjectInfoClass = 6
; EndEnumeration
Enumeration
#FileDirectoryInformation=1
#FileFullDirectoryInformation
#FileBothDirectoryInformation
#FileBasicInformation
#FileStandardInformation
#FileInternalInformation
#FileEaInformation
#FileAccessInformation
#FileNameInformation
#FileRenameInformation
#FileLinkInformation
#FileNamesInformation
#FileDispositionInformation
#FilePositionInformation
#FileFullEaInformation
#FileModeInformation
#FileAlignmentInformation
#FileAllInformation
#FileAllocationInformation
#FileEndOfFileInformation
#FileAlternateNameInformation
#FileStreamInformation
#FilePipeInformation
#FilePipeLocalInformation
#FilePipeRemoteInformation
#FileMailslotQueryInformation
#FileMailslotSetInformation
#FileCompressionInformation
#FileCopyOnWriteInformation
#FileCompletionInformation
#FileMoveClusterInformation
#FileQuotaInformation
#FileReparsePointInformation
#FileNetworkOpenInformation
#FileObjectIdInformation
#FileTrackingInformation
#FileOleDirectoryInformation
#FileContentIndexInformation
#FileInheritContentIndexInformation
#FileOleInformation
#FileMaximumInformation
EndEnumeration
Structure CLIENT_ID
UniqueProcess.i;
UniqueThread.i;
EndStructure
Structure THREAD_BASIC_INFORMATION
ExitStatus.l;
TebBaseAddress.i;
ClientId.CLIENT_ID;
AffinityMask.l;
Priority.l;
BasePriority.l;
EndStructure
Enumeration
#ThreadBasicInformation
#ThreadTimes
#ThreadPriority
#ThreadBasePriority
#ThreadAffinityMask
#ThreadImpersonationToken
#ThreadDescriptorTableEntry
#ThreadEnableAlignmentFaultFixup
#ThreadEventPair
#ThreadQuerySetWin32StartAddress
#ThreadZeroTlsCell
#ThreadPerformanceCount
#ThreadAmILastThread
#ThreadIdealProcessor
#ThreadPriorityBoost
#ThreadSetTlsArrayAddress
#ThreadIsIoPending
#ThreadHideFromDebugger
#ThreadBreakOnTermination
#ThreadSwitchLegacyState
#ThreadIsTerminated
#ThreadLastSystemCall
#ThreadIoPriority
#ThreadCycleTime
#ThreadPagePriority
#ThreadActualBasePriority
#ThreadTebInformation
#ThreadCSwitchMon
EndEnumeration
Prototype.i GetVolumePathNameW(lpszFileName.p-unicode, *lpszVolumePathName, cchBufferLength.i)
Prototype.i GetVolumePathNameA(lpszFileName.p-ascii, *lpszVolumePathName, cchBufferLength.i)
CompilerIf #PB_Compiler_Unicode
Global GetVolumePathName.GetVolumePathNameW
CompilerElse
Global GetVolumePathName.GetVolumePathNameA
CompilerEndIf
Structure SYSTEM_HANDLE_TABLE_ENTRY_INFO
ProcessId.l
ObjectTypeNumber.a
Flags.a
Handle.w
*Object
GrantedAccess.l
EndStructure
Structure SYSTEM_HANDLE_INFORMATION
HandleCount.l
Handles.SYSTEM_HANDLE_TABLE_ENTRY_INFO[0]
EndStructure
Structure FILE_NAME_INFORMATION
FileNameLength.l;
FileName.w[512];
EndStructure
Macro WaitNTThread()
If WaitThread(Thread,100) = 0
KillThread(Thread)
Query\ReturnV = 1
Debug "Killed"
EndIf
EndMacro
Macro QueryThreadID()
Protected Info.THREAD_BASIC_INFORMATION
If NtQueryInformationThread_(Query\Handle,#ThreadBasicInformation, @Info, SizeOf(Info),0) = 0
CName = "ThreadID: " + StrU(Info\ClientId\UniqueThread) + " PID: " + StrU(Info\ClientId\UniqueProcess)
EndIf
EndMacro
; Macro QueryFileName()
;
; *FILE.FILE_NAME_INFORMATION = AllocateMemory(SizeOf(FILE_NAME_INFORMATION))
;
; Query\ObjectName = *FILE
;
; If *File
; Thread = CreateThread(@QueryFileThread(),@Query)
; If Thread
; WaitNTThread()
;
; If Query\ReturnV = 0 And *File\FileNameLength
; CName = PeekS(@*File\FileName[0],*File\FileNameLength,#PB_Unicode)
; EndIf
;
;
; EndIf
; FreeMemory(*File)
;
; EndIf
;
; EndMacro
Macro QueryProcessName()
Protected *MemoryStr.UNICODE_STRING
*MemoryStr = AllocateMemory(2*#MAX_PATH)
If *MemoryStr
If ZwQueryInformationProcess_(DupHandle ,#ProcessImageFileName,*MemoryStr,2*#MAX_PATH,0) = 0 And *MemoryStr\Buffer And *MemoryStr\Length
Protected ExePath.s = PeekS(*MemoryStr\Buffer,*MemoryStr\Length,#PB_Unicode)
CName = StringField(ExePath,CountString(ExePath,"\")+1,"\")
EndIf
EndIf
EndMacro
Macro QueryNTObject()
Query\ObjectName = *ObjectName
Thread = CreateThread(@QueryThread(),@Query)
If Thread
WaitNTThread()
If Query\ReturnV = 0 And *ObjectName\Buffer
CName = PeekS(*ObjectName\Buffer,*ObjectName\Length,#PB_Unicode)
EndIf
EndIf
EndMacro
Declare ProcEvents()
Procedure XPTestThread(Handle.i)
GetFileType_(Handle)
EndProcedure
Procedure AdjustToken()
Protected Token.i
If OpenProcessToken_(GetCurrentProcess_(), #TOKEN_ALL_ACCESS, @Token)
Protected LUID.q
Protected TokensAdj.TOKEN_PRIVILEGES
TokensAdj\PrivilegeCount = 1
If LookupPrivilegeValue_(0,"SeDebugPrivilege",@TokensAdj\Privileges[0]\Luid)
TokensAdj\Privileges[0]\Attributes = #SE_PRIVILEGE_ENABLED
If AdjustTokenPrivileges_(Token, #False, @TokensAdj, SizeOf(TOKEN_PRIVILEGES), 0, 0)
If GetLastError_() = 0
ProcedureReturn #True
EndIf
EndIf
EndIf
EndIf
EndProcedure
Prototype EnumCallBack(PID.i, Type.s, Handle.i, Name.s, CouldAcces.i,User.i)
Structure QueryTH
Handle.i
*ObjectName.i
ReturnV.i
EndStructure
Procedure QueryThread(*Query.QueryTH) ;We need this because NtQueryObject() freezes randomly...
*Query\ReturnV = NtQueryObject_(*Query\Handle, #ObjectNameInformation, *Query\ObjectName, 255, 0)
EndProcedure
; Procedure QueryFileThread(*Query.QueryTH) ;We need this because ZwQueryInformationFile() freezes randomly...
; Protected Status.q
; *Query\ReturnV = ZwQueryInformationFile_(*Query\Handle, @STATUS, *Query\ObjectName, SizeOf(FILE_NAME_INFORMATION), #FileNameInformation)
; EndProcedure
Procedure.s ResolveObjectNumber(Obj.i)
If *Types
If Obj>0 And Obj <= *Types\Count
ProcedureReturn *Types\Element[Obj]\Name
EndIf
EndIf
ProcedureReturn Str(Obj)
EndProcedure
Procedure IsObjectEnabled(Obj.i)
If *Types
If Obj>0 And Obj <= *Types\Count
ProcedureReturn *Types\Element[Obj]\Enabled
EndIf
EndIf
ProcedureReturn #True
EndProcedure
Procedure FindStringIndex(Text.s, FindString.s, Index.i)
Protected Position = 0
Protected i.i
For i = 1 To Index
Position = FindString(Text, FindString,Position+1)
If Position = 0
ProcedureReturn 0
EndIf
Next
ProcedureReturn Position
EndProcedure
Procedure EnumerateAllHandles(Call.EnumCallBack, User)
Protected Length.i = 50
Protected *Memory.SYSTEM_HANDLE_INFORMATION = AllocateMemory(Length)
Protected PID.i
Protected i.i
Protected HTempProcess.i
Protected DupHandle.i
Protected *ObjectName.UNICODE_STRING
If *Memory
*ObjectName.UNICODE_STRING = AllocateMemory(512)
*ObjectName\MaxiumLength = 254
If *ObjectName
Repeat
Length * 2 ;There is a bug in the Windows API, Windows does not return the right size, so you have to do it that way
*Memory = ReAllocateMemory(*Memory,Length)
If *Memory
Result = NtQuerySystemInformation_(#SystemHandleInformation, *Memory, Length, 0)
EndIf
Until Result <> #STATUS_INFO_LENGTH_MISMATCH Or *Memory = 0
If Result = 0 And *Memory <> 0
SetGadgetAttribute(#GT_PROGRESS, #PB_ProgressBar_Maximum, *Memory\HandleCount) ;Remove this, if you want to use it as include
For i = 0 To *Memory\HandleCount -1
If IsObjectEnabled(*Memory\Handles[i]\ObjectTypeNumber)
If *Memory\Handles[i]\ProcessId = GetCurrentProcessId_()
DupHandle = *Memory\Handles[i]\Handle
Else
HTempProcess = OpenProcess_(#PROCESS_DUP_HANDLE,0,*Memory\Handles[i]\ProcessId)
DupHandle = 0
If HTempProcess
If DuplicateHandle_(HTempProcess, *Memory\Handles[i]\Handle, GetCurrentProcess_(), @DupHandle,0, 0, #DUPLICATE_SAME_ACCESS) = 0
DupHandle = 0
EndIf
EndIf
EndIf
Protected CName.s = ""
Protected Access.i = #True
If DupHandle
Protected Query.QueryTH
Query\Handle = DupHandle
XPError.i = #False
Protected Thread.i
If *Memory\Handles[i]\ObjectTypeNumber = FILE_TYPE
;This is somehow a crazy trick
;NtQueryObject_(*Query\Handle, #ObjectNameInformation,...) would cause a Thread freeze in the kernel
;GetFileType_() also freezes, but it is still possible to kill the thread (not like when you call NTQueryObject)
;If GetFileType_() freezes, NtQueryObject would freeze too, so just dont call it and we will not get zombie Threads
If OSVersion() = #PB_OS_Windows_XP
Thread = CreateThread(@XPTestThread(),DupHandle)
If Thread
If WaitThread(Thread,100) = 0
KillThread(Thread)
XPError = #True
EndIf
EndIf
EndIf
If XPError = #False
QueryNTObject()
If CName <> "" And GetFileType_(DupHandle) = #FILE_TYPE_DISK
Protected Position
Position = FindStringIndex(CName,"\",3)
If Position
Protected DeviceString.s = Space(128)
If GetVolumePathName(CName,@DeviceString,128)
CName = DeviceString + Mid(CName,Position+1)
EndIf
EndIf
EndIf
EndIf
ElseIf Process_TYPE And *Memory\Handles[i]\ObjectTypeNumber = Process_TYPE
QueryProcessName()
ElseIf Thread_TYPE And *Memory\Handles[i]\ObjectTypeNumber = Thread_TYPE
QueryThreadID()
Else
QueryNTObject()
EndIf
Else
CName = "Not enough rights to access this process"
Access = #False
EndIf
Call(*Memory\Handles[i]\ProcessId,ResolveObjectNumber(*Memory\Handles[i]\ObjectTypeNumber), *Memory\Handles[i]\Handle, Cname, Access,User)
If *Memory\Handles[i]\ProcessId <> GetCurrentProcessId_()
If HTempProcess
CloseHandle_(HTempProcess)
If DupHandle
CloseHandle_(DupHandle)
EndIf
EndIf
EndIf
SetGadgetState(#GT_PROGRESS, i+1) ;Remove this, if you want to use it as include
ProcEvents() ;Remove this, if you want to use it as include
EndIf
Next
MessageRequester("Ready", "Enumerated " + Str(*Memory\HandleCount) + " Handles") ;Remove this, if you want to use it as include
EndIf
FreeMemory(*ObjectName)
EndIf
FreeMemory(*Memory)
EndIf
EndProcedure
Procedure EnumerateSystemTypes()
Protected *Memory
*Memory = AllocateMemory(1024*10) ;A bug in Windows, the function does not return the needed size, so we take 10kb, should be enough
If *Memory
Protected Length.i
If ZwQueryObject_(0, #ObjectAllTypesInformation, *Memory, 10214, 0) = 0
If *Types
FreeMemory(*Types)
EndIf
If OSVersion() = #PB_OS_Windows_7
*Types = AllocateMemory(SizeOf(TypeListArray) + (PeekI(*Memory)+2) * SizeOf(TypeList))
Else
*Types = AllocateMemory(SizeOf(TypeListArray) + (PeekI(*Memory)+1) * SizeOf(TypeList))
EndIf
If *Types
*Types\Count = PeekI(*Memory)
Protected Offset = *Memory + SizeOf(Integer)
For i = 0 To PeekI(*Memory) - 1
*Item.OBJECT_TYPE_INFORMATION = Offset
If OSVersion() = #PB_OS_Windows_7 ;Not really sure about it, but i have read it and can not test ist
*Types\Element[i+2]\Name = PeekS(*Item\TypeName\Buffer,*Item\TypeName\Length,#PB_Unicode)
*Types\Element[i+2]\Enabled = #True
Else
*Types\Element[i+1]\Name = PeekS(*Item\TypeName\Buffer,*Item\TypeName\Length,#PB_Unicode)
*Types\Element[i+1]\Enabled = #True
EndIf
Offset = *Item\TypeName\Buffer + *Item\TypeName\MaxiumLength
If *Item\TypeName\MaxiumLength % 4 <> 0
OffSet + (4-*Item\TypeName\MaxiumLength % 4)
EndIf
Next
EndIf
EndIf
FreeMemory(*Memory)
EndIf
EndProcedure
Procedure.s GetPathFromPID(PID.i)
Protected HProcess.i
Protected *Memory.UNICODE_STRING
Protected Name.s = ""
Protected Size.s
Protected Position.i
Protected Library.i
If PID = 4 : ProcedureReturn "SYSTEM" : EndIf
*Memory = AllocateMemory(2*#MAX_PATH)
If *Memory
HProcess = OpenProcess_(#PROCESS_QUERY_INFORMATION,0,PID)
If HProcess
If ZwQueryInformationProcess_(HProcess ,#ProcessImageFileName,*Memory,2*#MAX_PATH,0) = 0
Name = PeekS(*Memory\Buffer,*Memory\Length,#PB_Unicode)
Position = FindStringIndex(Name,"\",3)
If Position
Protected DeviceString.s = Space(128)
If GetVolumePathName(Name,@DeviceString,128)
Name = DeviceString + Mid(Name,Position+1)
EndIf
EndIf
EndIf
CloseHandle_(HProcess)
EndIf
FreeMemory(*Memory)
EndIf
ProcedureReturn Name
EndProcedure
Procedure KillHandle(PID.i, Handle.i)
Protected HTempProcess.i
Protected Result.i = #False
Debug PID
Debug Handle
HTempProcess = OpenProcess_(#PROCESS_DUP_HANDLE,0,PID)
If HTempProcess
If DuplicateHandle_(HTempProcess, Handle, GetCurrentProcess_(), 0,0, 0, #DUPLICATE_CLOSE_SOURCE)
MessageRequester("Information", "Killed... this time you don't have to go to jail")
Result = #True
Else
MessageRequester("Information", "Could not kill the handle, maybe try an axe?")
EndIf
CloseHandle_(HTempProcess)
EndIf
ProcedureReturn Result
EndProcedure
;- GUI Code
Procedure Enum(PID.i, Type.s, Handle.i, Name.s, CouldAcces.i,User.i)
Protected Path.s
Protected EXE.s
Path = GetPathFromPID(PID)
If Path
EXE = StringField(Path,CountString(Path,"\")+1,"\")
EndIf
AddGadgetItem(#GT_LISTICON,-1, Str(PID) + Chr(10)+ EXE +Chr(10)+ Type +Chr(10) + Str(Handle) + Chr(10) + Name)
If CouldAcces = #False
;SetGadgetItemColor(#GT_LISTICON, CountGadgetItems(#GT_LISTICON)-1,#PB_Gadget_BackColor, $BABBFF,-1)
EndIf
EndProcedure
Procedure ProcEvents()
Protected Event.i
Protected Gadget.i
Protected i.i
Protected Find.s
Protected Name.s
Event = WindowEvent()
If EventWindow() = #WIN_MAIN
If Event = #PB_Event_CloseWindow
End
ElseIf Event = #PB_Event_Gadget
Gadget = EventGadget()
If Gadget = #GT_ENUM
DisableGadget(#GT_ENUM, #True)
DisableGadget(#GT_SEARCH,#False)
ClearGadgetItems(#GT_LISTICON)
EnumerateAllHandles(@Enum(),0)
DisableGadget(#GT_ENUM, #False)
ElseIf Gadget = #GT_SEARCH
Find.s = LCase(InputRequester("Search", "What do you search?",""))
For i = 0 To CountGadgetItems(#GT_LISTICON) -1
Name = LCase(GetGadgetItemText(#GT_LISTICON,i,4))
If FindString(Name,Find,1)
SetGadgetState(#GT_LISTICON,i)
Debug "Found " + Str(i)
Break
EndIf
Next
ElseIf Gadget = #GT_LISTICON
If EventType() = #PB_EventType_LeftDoubleClick And GetGadgetState(#GT_LISTICON) <> -1
Protected Item.i = GetGadgetState(#GT_LISTICON)
Protected MSGText.s
Protected Flag.i
If Val(GetGadgetItemText(#GT_LISTICON, Item,0)) = 4
MSGText.s = "WARNING! Do you really want to kill a SYSTEM handle? This can cause a BSOD!"
Flag = #MB_ICONSTOP
Else
MSGText.s = "Do you really want to kill this handle?"
Flag = #MB_ICONWARNING
EndIf
If MessageRequester("Warning", MSGText ,#PB_MessageRequester_YesNo|Flag) = #PB_MessageRequester_Yes
If KillHandle(Val(GetGadgetItemText(#GT_LISTICON, Item,0)),Val(GetGadgetItemText(#GT_LISTICON, Item,3)))
RemoveGadgetItem(#GT_LISTICON, Item)
EndIf
EndIf
EndIf
ElseIf Gadget = #GT_OPTIONS
If IsWindow(#WIN_OPTIONS)
SetActiveWindow(#WIN_OPTIONS)
Else
If *Types
#CheckBox_Width = 150
Protected Width.i = (*Types\Count / 10) * (#CheckBox_Width+5) + 10
If *Types\Count % 10 <> 0
Width + #CheckBox_Width + 5
EndIf
OpenWindow(#WIN_OPTIONS,0,0,Width,300,"Options",#PB_Window_ScreenCentered |#PB_Window_SystemMenu)
ButtonGadget(#OPT_ENABLE_ALL, 5, 260, 100,30,"Enable All")
ButtonGadget(#OPT_DISABLE_ALL, 110, 260, 100,30,"Disable All")
For i = 1 To *Types\Count
*Types\Element[i]\Checkbox = CheckBoxGadget(#PB_Any, ((i -1) / 10) * #CheckBox_Width + 5, ((i -1) % 10) * 25 + 5, #CheckBox_Width, 25, *Types\Element[i]\Name)
SetGadgetState(*Types\Element[i]\Checkbox, *Types\Element[i]\Enabled)
Next
EndIf
EndIf
EndIf
EndIf
Else
If Event = #PB_Event_CloseWindow
CloseWindow(#WIN_OPTIONS)
ElseIf Event = #PB_Event_Gadget
Gadget = EventGadget()
If Gadget = #OPT_ENABLE_ALL
For i = 1 To *Types\Count
*Types\Element[i]\Enabled = #True
SetGadgetState(*Types\Element[i]\Checkbox,#True)
Next
ElseIf Gadget = #OPT_DISABLE_ALL
For i = 1 To *Types\Count
*Types\Element[i]\Enabled = #False
SetGadgetState(*Types\Element[i]\Checkbox,#False)
Next
Else
If *Types
For i = 1 To *Types\Count
If *Types\Element[i]\Checkbox = Gadget
*Types\Element[i]\Enabled = GetGadgetState(*Types\Element[i]\Checkbox)
EndIf
Next
EndIf
EndIf
EndIf
EndIf
EndProcedure
If IsUserAnAdmin_()
AdjustToken()
Else
MessageRequester("Warning", "You should run this program as Administrator to get access to all Handles!" ,#MB_ICONWARNING)
EndIf
EnumerateSystemTypes()
;Overwrite FILE_TYPE if we could get a better one frome the System:
If *Types
Define i.i
For i = 0 To *Types\Count - 1
If *Types\Element[i]\Name = "File"
FILE_TYPE = i
ElseIf *Types\Element[i]\Name = "Process"
Process_TYPE = i
ElseIf *Types\Element[i]\Name = "Thread"
Thread_TYPE = i
EndIf
Next
EndIf
Library = OpenLibrary(#PB_Any,"kernel32.dll")
If Library
CompilerIf #PB_Compiler_Unicode
Global GetVolumePathName.GetVolumePathNameW = GetFunction(Library,"GetVolumePathNameW")
CompilerElse
Global GetVolumePathName.GetVolumePathNameA = GetFunction(Library,"GetVolumePathNameA")
CompilerEndIf
Else
MessageRequester("Warning", "Can not load Kernel32.dll! Stopping Program" ,#MB_ICONWARNING)
End
EndIf
InitNetwork()
OpenWindow(#WIN_MAIN,0,0,640,505,"Handle Manager",#PB_Window_ScreenCentered |#PB_Window_SystemMenu)
ButtonGadget(#GT_ENUM,5,5, 630, 20, "Enumerate Handles")
ButtonGadget(#GT_SEARCH,5,30, 630, 20, "Search for Name")
DisableGadget(#GT_SEARCH,#True)
ButtonGadget(#GT_OPTIONS,5,55, 630, 20, "Options")
ProgressBarGadget(#GT_PROGRESS, 5,80, 630, 20, 0 , 100, #PB_ProgressBar_Smooth)
ListIconGadget(#GT_LISTICON, 5, 105, 630, 400, "PID",40, #PB_ListIcon_FullRowSelect | #PB_ListIcon_GridLines | #PB_ListIcon_AlwaysShowSelection)
AddGadgetColumn(#GT_LISTICON, 1, "PNAME", 80)
AddGadgetColumn(#GT_LISTICON, 2, "TYPE", 60)
AddGadgetColumn(#GT_LISTICON, 3, "HANDLE", 60)
AddGadgetColumn(#GT_LISTICON, 4, "NAME", 350)
Repeat
Delay(1)
ProcEvents()
ForEver
