wraithdu Posted October 23, 2008 Share Posted October 23, 2008 Finally done. There's a few cool things in there, like how to get the SE_DEBUG privilege Just replace your header file with this one. My only gripe now, is that the WMI query phase takes forever You don't really need the _GetDeviceStrings() function now, but I didn't remove it. expandcollapse popup#include <array.au3> #include <winapi.au3> ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;; Copyright Disclaimer! ;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ; ; This header file & its functions are provided for educational uses ONLY, you may NOT use this header ; in your own application without my direct permission. ; Question can be asked in the official thread on autoitscript.com/forums or by emailing me @ addeehdning@hotmail.com ; © Andreas Karlsson (2008) ; monoceres @ autoit forums ; ; Global $Percentage_Done=0 Global $PRIVILIGE_SEDEBUG_GRANTED = False If @OSVersion == "WIN_VISTA" Or @OSVersion == "WIN_2008" Then Global $OS_FILE = 25 ElseIf @OSVersion=="WIN_XP" Or @OSVersion="WIN_2003" Then Global $OS_FILE = 26 Else MsgBox(16,"Error!","This program cannot be run on this OS"&@CRLF&"Exiting") Exit EndIf #Region Enums ; OBJECT_INFORMATION_CLASS Global Enum $ObjectBasicInformation, $ObjectNameInformation, $ObjectTypeInformation, $ObjectAllInformation, $ObjectDataInformation ;FILE_INFORMATION_CLASS Global Enum $FileDirectoryInformation = 1, $FileFullDirectoryInformation, $FileBothDirectoryInformation, $FileBasicInformation, _ $FileStandardInformation, $FileInternalInformation, $FileEaInformation, $FileAccessInformation, $FileNameInformation, _ $FileRenameInformation, $FileLinkInformation, $FileNamesInformation, $FileDispositionInformation, $FilePositionInformation, _ $FileFullEaInformation, $FileModeInformation, $FileAlignmentInformation, $FileAllInformation, $FileAllocationInformation, _ $FIleEndOfFileInformation, $FileAlternateNameInformation, $FileStreamInformation, $FilePipeInformation, $FilePipeLocalInformation, $FIlePipeRemoteInformation, _ $FileMailslotQueryInformation, $FileMailslotSetInformation, $FileCompressionInformation, $FileCopyOnWriteInformation, $FileCompletionInformation, _ $FileMoveClusterInformation, $FileQuotaInformation, $FileReparsePointInformation, $FileNetworkOpenInformation, $FileObjectIdInformation, $FileTrackingInformation, _ $FileOleDirectoryInformation, $FileContentIndexInformation, $FileInheritContentIndexInformation, $FIleOleInformation, $FileMaximumInformation ; POOL_TYPE Global Enum $NonPagedPool, $PagedPool, $NonPagedPoolMustSucceed, $DontUseThisType, $NonPagedPoolCacheAligned, $PagedPoolCacheAligned, $NonPagedPoolCacheAlignedMustS #EndRegion Enums #Region Structs $IO_STATUS_BLOCK = "long Status;ulong uInformation;" $OBJECT_TYPE_INFORMATION = "ushort Length;ushort MaximumLength;ptr Buffer;" & _ ;UNICODE_STRING struct "ulong TotalNumberOfHandles;ulong TotalNumberOfObjects;wchar Unused1[8];ulong HighWaterNumberOfHandles;" & _ "ulong HighWaterNumberOfObjects;wchar Unused2[8];dword InvalidAttributes;" & _ "dword GenericRead;dword GenericWrite;dword GenericExecute;dword GenericAll;" & _ ;GENERAL_MAPPING struct "dword ValidAttributes;ubyte SecurityRequired;ubyte MaintainHandleCount;ushort MainTainTypeList;" & _ "int PoolType;ulong DefaultPagedPoolCharge;ulong DefaultNonPagedPoolCharge" $PUBLIC_OBJECT_TYPE_INFORMATION = "ushort Length;ushort MaximumLength;ptr Buffer;" & _ ;UNICODE_STRING struct "ulong Reserved[22];" $SYSTEM_HANDLE = "dword dwProcessId;ubyte bObjectType;ubyte bFlags;ushort wValue;ptr pAddress;dword GrantedAccess" $PROCESS_QUERY_INFORMATION = 0x0400 $PROCESS_VM_READ = 0x0010 $PROCESS_DUP_HANDLE = 0x0040 #EndRegion Structs Func _GetAllHandlesInfo() If Not $PRIVILIGE_SEDEBUG_GRANTED Then If _GetPrivilege_SEDEBUG() Then $PRIVILIGE_SEDEBUG_GRANTED = True ConsoleWrite("Grant SE_DEBUG: Success" & @CRLF) EndIf Local $sysdrive = StringLeft(@SystemDir, 2) Local $ret[1][3], $iPID, $hProc, $hMod, $mName Local $aPID = DllStructCreate("dword[1024]") ; array of PID Local $aModules = DllStructCreate("dword[1024]") ; array of HMODULE Local $psapi = DllOpen("psapi.dll") Local $kernel = DllOpen("kernel32.dll") $call = DllCall($psapi, "int", "EnumProcesses", "ptr", DllStructGetPtr($aPID), "dword", DllStructGetSize($aPID), "dword*", "") If $call[0] == 0 Then Return SetError(1, 0, 1) Local $iNumPIDs = $call[3] / 4 ; sizeof PID array / sizeof DWORD For $i = 1 To $iNumPIDs $Percentage_Done = ($i / $iNumPIDs) * 100 $iPID = DllStructGetData($aPID, 1, $i) $call = DllCall($kernel, "ptr", "OpenProcess", "dword", BitOR($PROCESS_QUERY_INFORMATION, $PROCESS_VM_READ), "int", 0, "dword", $iPID) $hProc = $call[0] ;~ ConsoleWrite($iPID & " : " & $hProc & @CRLF) If $hProc Then $call = DllCall($psapi, "int", "EnumProcessModules", "ptr", $hProc, "ptr", DllStructGetPtr($aModules), "dword", DllStructGetSize($aModules), "dword*", "") ;~ ConsoleWrite(@TAB & "Num loaded modules: " & ($call[4] / 4) & @CRLF) If $call[0] <> 0 Then ; success For $j = 1 To ($call[4] / 4) ; bytes returned / sizeof dword = # modules loaded $hMod = DllStructGetData($aModules, 1, $j) $call = DllCall($psapi, "dword", "GetModuleFileNameExW", "ptr", $hProc, "ptr", $hMod, "wstr", "", "dword", 260) ; mod path = $call[3] If $call[0] <> 0 Then $mName = $call[3] If StringMid($mName, 2, 1) <> ":" Then $mName = $sysdrive & $mName ; assume if no drive letter, then located on system drive ;~ ConsoleWrite(@TAB & @TAB & $mName & @CRLF) ReDim $ret[UBound($ret) + 1][3] $ret[UBound($ret) - 1][0] = $iPID $ret[UBound($ret) - 1][1] = $hMod $ret[UBound($ret) - 1][2] = $mName EndIf Next EndIf $call = DllCall($kernel, "int", "CloseHandle", "ptr", $hProc) If $call[0] == 0 Then ConsoleWrite("Error closing " & $iPID & @CRLF) EndIf Next DllClose($kernel) DllClose($psapi) Return $ret EndFunc ;==>_GetAllHandlesInfo Func _GetPrivilege_SEDEBUG() Local $tagLUIDANDATTRIB = "int64 Luid;dword Attributes" Local $count = 1 Local $tagTOKENPRIVILEGES = "dword PrivilegeCount;byte LUIDandATTRIB[" & $count * 12 & "]" ; count of LUID structs * sizeof LUID struct Local $TOKEN_ADJUST_PRIVILEGES = 0x20 Local $call = DllCall("advapi32.dll", "int", "OpenProcessToken", "ptr", _WinAPI_GetCurrentProcess(), "dword", $TOKEN_ADJUST_PRIVILEGES, "ptr*", "") Local $hToken = $call[3] $call = DllCall("advapi32.dll", "int", "LookupPrivilegeValue", "str", Chr(0), "str", "SeDebugPrivilege", "int64*", "") Local $iLuid = $call[3] Local $TP = DllStructCreate($tagTOKENPRIVILEGES) Local $LUID = DllStructCreate($tagLUIDANDATTRIB, DllStructGetPtr($TP, "LUIDandATTRIB")) DllStructSetData($TP, "PrivilegeCount", $count) DllStructSetData($LUID, "Luid", $iLuid) DllStructSetData($LUID, "Attributes", $SE_PRIVILEGE_ENABLED) $call = DllCall("advapi32.dll", "int", "AdjustTokenPrivileges", "ptr", $hToken, "int", 0, "ptr", DllStructGetPtr($TP), "dword", 0, "ptr", Chr(0), "ptr", Chr(0)) Return ($call[0] <> 0) ; $call[0] <> 0 is success EndFunc ;==>_GetPrivilege_SEDEBUG Func _CloseRemoteHandle($pid, $handle) $call = DllCall("Kernel32.dll", "ptr", "OpenProcess", "dword", $PROCESS_DUP_HANDLE, "int", 0, "dword", $pid) $process = $call[0] If $process = 0 Then Return -1 EndIf $call = DllCall("Kernel32.dll", "int", "DuplicateHandle", "ptr", $process, "ptr", $handle, "ptr", _WinAPI_GetCurrentProcess(), "ptr", 0, "dword", 2, "int", 0, "dword", 1) _WinAPI_CloseHandle($process) ;~ If $call[0] = 0 Then Return -2 Return 0 EndFunc ;==>_CloseRemoteHandle Func _GetDeviceStrings() Local $struct = DllStructCreate("char[255];") Local $temp = DriveGetDrive("ALL") ;~ _ArrayDisplay($temp) Local $r[UBound($temp) - 1][2] For $i = 0 To UBound($r) - 1 $r[$i][0] = $temp[$i + 1] $call = DllCall("Kernel32.dll", "dword", "QueryDosDevice", "str", $r[$i][0], "ptr", DllStructGetPtr($struct), "dword", 255) $r[$i][1] = DllStructGetData($struct, 1) Next Return $r EndFunc ;==>_GetDeviceStrings Link to comment Share on other sites More sharing options...
engine Posted October 24, 2008 Share Posted October 24, 2008 @ wraithduHi did a "Privilege.au3" UDF here -> http://www.autoitscript.com/forum/index.ph...mp;#entry545798which can restore the previous state of a set of privileges.in your case it would be something like:#include "Privilege.au3" Local $avCurr[2] = [$SE_DEBUG_NAME, $SE_PRIVILEGE_ENABLED], $avPrev $avPrev = _SetPrivilege($avCurr) ; Do you stuff here _SetPrivilege($avPrev)Just a thought.Regards. My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url] Link to comment Share on other sites More sharing options...
wraithdu Posted October 24, 2008 Share Posted October 24, 2008 Hmm, finally got around to a full test. My version enumerates all loaded modules, but not necessarily all opened handles. For example I tried it on an MP3 playing and it doesn't find it. Right now it seems to just be returning loaded DLLs / EXEs. I'll have to look into it further...darn. I wish I knew why the one module was freezing it on my system, then maybe I could figure out an exception. Link to comment Share on other sites More sharing options...
wraithdu Posted October 24, 2008 Share Posted October 24, 2008 Well after A LOT of messing around, I made it back to your original function, with some minor changes. It seems the freezing problem with running NtQueryObject on a NamedPipe that is opened for file synchronous io, and has pending read or write operations (or something like that). It a common problem and causes the operation to hang. In other languages, the solution is to run the query in a thread and kill it if it hangs, which can't be done in autoit. So I think I found another GrantedAccess value to skip that fixes the problem. This way you can also skip the uncompiled checks for SciTE, Autoit3Wrapper, etc. Also, the last param of the PUBLIC_OBJECT_TYPE_INFORMATION structure seems to like being an array of MAX_PATH, as this will return the full path of the object. You can cut out one function call too. I don't know..., this method catches, for example, the playing MP3 file, while my other method gets all loaded system DLLs which this one misses. I think this open handle thing is a really tricky thing. Maybe there's a good way to combine the 2 methods? Anyway, here's what I ended up with. expandcollapse popup#include <array.au3> #include <winapi.au3> ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;; Copyright Disclaimer! ;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ; ; This header file & its functions are provided for educational uses ONLY, you may NOT use this header ; in your own application without my direct permission. ; Question can be asked in the official thread on autoitscript.com/forums or by emailing me @ addeehdning@hotmail.com ; © Andreas Karlsson (2008) ; monoceres @ autoit forums ; ; Global $Percentage_Done=0 Global $PRIVILIGE_SEDEBUG_GRANTED = False If @OSVersion == "WIN_VISTA" Or @OSVersion == "WIN_2008" Then Global $OS_FILE = 25 ElseIf @OSVersion=="WIN_XP" Or @OSVersion="WIN_2003" Then Global $OS_FILE = 26 Else MsgBox(16,"Error!","This program cannot be run on this OS"&@CRLF&"Exiting") Exit EndIf #Region Enums ; OBJECT_INFORMATION_CLASS Global Enum $ObjectBasicInformation, $ObjectNameInformation, $ObjectTypeInformation, $ObjectAllInformation, $ObjectDataInformation ;FILE_INFORMATION_CLASS Global Enum $FileDirectoryInformation = 1, $FileFullDirectoryInformation, $FileBothDirectoryInformation, $FileBasicInformation, _ $FileStandardInformation, $FileInternalInformation, $FileEaInformation, $FileAccessInformation, $FileNameInformation, _ $FileRenameInformation, $FileLinkInformation, $FileNamesInformation, $FileDispositionInformation, $FilePositionInformation, _ $FileFullEaInformation, $FileModeInformation, $FileAlignmentInformation, $FileAllInformation, $FileAllocationInformation, _ $FIleEndOfFileInformation, $FileAlternateNameInformation, $FileStreamInformation, $FilePipeInformation, $FilePipeLocalInformation, $FIlePipeRemoteInformation, _ $FileMailslotQueryInformation, $FileMailslotSetInformation, $FileCompressionInformation, $FileCopyOnWriteInformation, $FileCompletionInformation, _ $FileMoveClusterInformation, $FileQuotaInformation, $FileReparsePointInformation, $FileNetworkOpenInformation, $FileObjectIdInformation, $FileTrackingInformation, _ $FileOleDirectoryInformation, $FileContentIndexInformation, $FileInheritContentIndexInformation, $FIleOleInformation, $FileMaximumInformation ; POOL_TYPE Global Enum $NonPagedPool, $PagedPool, $NonPagedPoolMustSucceed, $DontUseThisType, $NonPagedPoolCacheAligned, $PagedPoolCacheAligned, $NonPagedPoolCacheAlignedMustS #EndRegion Enums #Region Structs $IO_STATUS_BLOCK = "long Status;ulong uInformation;" $OBJECT_TYPE_INFORMATION = "ushort Length;ushort MaximumLength;ptr Buffer;" & _ ;UNICODE_STRING struct "ulong TotalNumberOfHandles;ulong TotalNumberOfObjects;wchar Unused1[8];ulong HighWaterNumberOfHandles;" & _ "ulong HighWaterNumberOfObjects;wchar Unused2[8];dword InvalidAttributes;" & _ "dword GenericRead;dword GenericWrite;dword GenericExecute;dword GenericAll;" & _ ;GENERAL_MAPPING struct "dword ValidAttributes;ubyte SecurityRequired;ubyte MaintainHandleCount;ushort MainTainTypeList;" & _ "int PoolType;ulong DefaultPagedPoolCharge;ulong DefaultNonPagedPoolCharge" $PUBLIC_OBJECT_TYPE_INFORMATION = "ushort Length;ushort MaximumLength;ptr Buffer;" & _ ;UNICODE_STRING struct "wchar Reserved[260];" $SYSTEM_HANDLE = "dword dwProcessId;ubyte bObjectType;ubyte bFlags;ushort wValue;ptr pAddress;dword GrantedAccess" #EndRegion Structs Func _GetAllHandlesInfo() If Not $PRIVILIGE_SEDEBUG_GRANTED Then If _GetPrivilege_SEDEBUG() Then $PRIVILIGE_SEDEBUG_GRANTED = True ;~ ConsoleWrite("Grant SE_DEBUG: Success" & @CRLF) EndIf Local $drivesinfo = _GetDeviceStrings() Local $ret[1][3] Local $oldpid = -1 Local $process = -1 Local $bannedpid = -1 Local $handle Local $bytearraysize = 1024 ; a byte array, used as generic buffer Local $bytearray = DllStructCreate("ubyte[" & $bytearraysize & "];") Local $iob = DllStructCreate($IO_STATUS_BLOCK) Local $poti = DllStructCreate($PUBLIC_OBJECT_TYPE_INFORMATION) $ntdll = DllOpen("ntdll.dll") $kernel = DllOpen("kernel32.dll") Local $BufferSize = (1024 ^ 2) * 50 ;~ ConsoleWrite("Function called " & @CRLF) $buffer = DllStructCreate("ubyte[" & $BufferSize & "];") If @error Then MsgBox(0, "", @error) $call = DllCall($ntdll, "ulong", "NtQuerySystemInformation", "int", 16, "ptr", DllStructGetPtr($buffer), "ulong", DllStructGetSize($buffer), "ulong*", "") $datasize = $call[4] Local $totaltogo=$datasize For $pointer = 4 To $datasize Step 16 ; size of SYSTEM_HANDLE $Percentage_Done=($pointer/$totaltogo)*100 $shandle = DllStructCreate($SYSTEM_HANDLE, DllStructGetPtr($buffer) + $pointer) If DllStructGetData($shandle, "GrantedAccess") == 0x12019f Then ContinueLoop ; Unamed pipe! Can cause bluescreen if process tries to access it!!! If DllStructGetData($shandle, "GrantedAccess") == 0x120189 Then ContinueLoop ; some other bad thing ;) If DllStructGetData($shandle, "bObjectType") <> $OS_FILE Then ContinueLoop ; Not a file handle, not interested If DllStructGetData($shandle, "dwProcessId") = $bannedpid Then ContinueLoop ;~ If Not @Compiled Then ;~ If DllStructGetData($shandle, "dwProcessId") = ProcessExists("Scite.exe") Then ContinueLoop ;~ If DllStructGetData($shandle, "dwProcessId") = ProcessExists("AutoIt3Wrapper.exe") Then ContinueLoop ;~ If DllStructGetData($shandle, "dwProcessId") = ProcessExists("AutoIt3.exe") Then ContinueLoop ;~ EndIf ;~ ConsoleWrite("PID: " & DllStructGetData($shandle, "dwProcessId") & @CRLF) If DllStructGetData($shandle, "dwProcessId") <> $oldpid Then If $process <> -1 Then _WinAPI_CloseHandle($process) $call = DllCall($kernel, "ptr", "OpenProcess", "dword", 0x0040, "int", 0, "dword", DllStructGetData($shandle, "dwProcessId")) If $call[0] = 0 Then $process = -1 $bannedpid = DllStructGetData($shandle, "dwProcessId") ContinueLoop EndIf $process = $call[0] EndIf $call = DllCall($kernel, "int", "DuplicateHandle", "ptr", $process, "ptr", DllStructGetData($shandle, "wValue"), "ptr", _WinAPI_GetCurrentProcess(), "ptr*", $handle, "dword", 2, "int", 0, "dword", 2) ;~ ConsoleWrite("Duplicate Handle was called" & @CRLF) ;~ _ArrayDisplay($call) $handle = $call[4] ;~ Msgbox(0,"",$handle) ;~ $call = DllCall($ntdll, "ulong", "NtQueryInformationFile", "ptr", $handle, "ptr", DllStructGetPtr($iob), "ptr", DllStructGetPtr($bytearray), "ulong", $bytearraysize, "int", $FileNameInformation) ;~ _ArrayDisplay($call) ;~ $stringlen = DllStructCreate("int", DllStructGetPtr($bytearray)) ;~ If @error Then MsgBox(0, "", @error) ;~ $stringbuf = DllStructCreate("wchar[" & Ceiling(DllStructGetData($stringlen, 1) / 2) & "]", DllStructGetPtr($bytearray) + 4) ;~ ConsoleWrite(DllStructGetData($stringbuf,1)&@CRLF) ;~ $fname = DllStructGetData($stringbuf, 1) $call = DllCall($ntdll, "ulong", "NtQueryObject", "ptr", $handle, "int", $ObjectNameInformation, "ptr", DllStructGetPtr($poti), "ulong", DllStructGetSize($poti), "ulong*", "") $devicestr = DllStructCreate("wchar[" & Ceiling(DllStructGetData($poti, "Length") / 2) & "];", DllStructGetData($poti, "buffer")) $devicestr = DllStructGetData($devicestr, 1) For $i = 0 To UBound($drivesinfo) - 1 If StringLeft($devicestr, StringLen($drivesinfo[$i][1])) = $drivesinfo[$i][1] Then $fname = $drivesinfo[$i][0] & StringTrimLeft($devicestr, StringLen($drivesinfo[$i][1])) ReDim $ret[UBound($ret) + 1][3] $ret[UBound($ret) - 1][0] = DllStructGetData($shandle, "dwProcessId") $ret[UBound($ret) - 1][1] = DllStructGetData($shandle, "wValue") $ret[UBound($ret) - 1][2] = $fname ;~ ConsoleWrite(@TAB & $fname & @CRLF) ExitLoop EndIf Next DllCall($kernel, "int", "CloseHandle", "ptr", $handle) Next If $process > 0 Then msgbox(0,"","") _WinAPI_CloseHandle($process) Endif DllClose($kernel) DllClose($ntdll) Return $ret EndFunc ;==>_GetAllHandlesInfo Func _GetPrivilege_SEDEBUG() Local $tagLUIDANDATTRIB = "int64 Luid;dword Attributes" Local $count = 1 Local $tagTOKENPRIVILEGES = "dword PrivilegeCount;byte LUIDandATTRIB[" & $count * 12 & "]" ; count of LUID structs * sizeof LUID struct Local $TOKEN_ADJUST_PRIVILEGES = 0x20 Local $call = DllCall("advapi32.dll", "int", "OpenProcessToken", "ptr", _WinAPI_GetCurrentProcess(), "dword", $TOKEN_ADJUST_PRIVILEGES, "ptr*", "") Local $hToken = $call[3] $call = DllCall("advapi32.dll", "int", "LookupPrivilegeValue", "str", Chr(0), "str", "SeDebugPrivilege", "int64*", "") Local $iLuid = $call[3] Local $TP = DllStructCreate($tagTOKENPRIVILEGES) Local $LUID = DllStructCreate($tagLUIDANDATTRIB, DllStructGetPtr($TP, "LUIDandATTRIB")) DllStructSetData($TP, "PrivilegeCount", $count) DllStructSetData($LUID, "Luid", $iLuid) DllStructSetData($LUID, "Attributes", $SE_PRIVILEGE_ENABLED) $call = DllCall("advapi32.dll", "int", "AdjustTokenPrivileges", "ptr", $hToken, "int", 0, "ptr", DllStructGetPtr($TP), "dword", 0, "ptr", Chr(0), "ptr", Chr(0)) _WinAPI_CloseHandle($hToken) Return ($call[0] <> 0) ; $call[0] <> 0 is success EndFunc ;==>_GetPrivilege_SEDEBUG Func _CloseRemoteHandle($pid, $handle) $call = DllCall("Kernel32.dll", "ptr", "OpenProcess", "dword", 0x0040, "int", 0, "dword", $pid) $process = $call[0] If $process = 0 Then Return -1 EndIf $call = DllCall("Kernel32.dll", "int", "DuplicateHandle", "ptr", $process, "ptr", $handle, "ptr", _WinAPI_GetCurrentProcess(), "ptr", 0, "dword", 2, "int", 0, "dword", 1) _WinAPI_CloseHandle($process) ;~ If $call[0] = 0 Then Return -2 Return 0 EndFunc ;==>_CloseRemoteHandle Func _GetDeviceStrings() Local $struct = DllStructCreate("char[255];") Local $temp = DriveGetDrive("ALL") ;~ _ArrayDisplay($temp) Local $r[UBound($temp) - 1][2] For $i = 0 To UBound($r) - 1 $r[$i][0] = $temp[$i + 1] $call = DllCall("Kernel32.dll", "dword", "QueryDosDevice", "str", $r[$i][0], "ptr", DllStructGetPtr($struct), "dword", 255) $r[$i][1] = DllStructGetData($struct, 1) Next Return $r EndFunc ;==>_GetDeviceStrings Link to comment Share on other sites More sharing options...
WeMartiansAreFriendly Posted November 10, 2008 Share Posted November 10, 2008 I'm getting different results from two separate programs. Basic File Unlocker reports no handles are open for a file, while OpenedFilesView does.I know the file is opened by 1by1 player, because I'm listening to the song. Don't bother, It's inside your monitor!------GUISetOnEvent should behave more like HotKeySet() Link to comment Share on other sites More sharing options...
monoceres Posted November 10, 2008 Author Share Posted November 10, 2008 I'm getting different results from two separate programs. Basic File Unlocker reports no handles are open for a file, while OpenedFilesView does.I know the file is opened by 1by1 player, because I'm listening to the song. I really don't know. The success of this script seems to be different for each setup it is created for. I have it working on my desktop computer (Win Vista Ultimate Sp1) and on my laptop (Win XP Sp3 ).Try the code wraithdu posted, maybe it helps. Broken link? PM me and I'll send you the file! Link to comment Share on other sites More sharing options...
LarryDalooza Posted February 3, 2009 Share Posted February 3, 2009 For those who need to unlock files or folders in x64, you can script the PSTOOLS handle.exe capturing the stdout. I did three passes... - handle "c:\file path\or file" - capture stdout - parse stdout and loop next - handle -c <handle here> -y -p <pid here> - handle "c:\file path\or file" - parse stdout to be sure all handles are closed. google pstools handle Lar. AutoIt has helped make me wealthy Link to comment Share on other sites More sharing options...
Aladdin Posted February 3, 2009 Share Posted February 3, 2009 is it like the Famous app "Unlocker" which is used to delete locked files? forces it's process to be killed or close the file. _______________________________ Link to comment Share on other sites More sharing options...
monoceres Posted February 3, 2009 Author Share Posted February 3, 2009 is it like the Famous app "Unlocker" which is used to delete locked files? forces it's process to be killed or close the file.Yeah, it doesn't unlock as good as the original, but it does the job in a similar way Broken link? PM me and I'll send you the file! Link to comment Share on other sites More sharing options...
LarryDalooza Posted February 3, 2009 Share Posted February 3, 2009 is it like the Famous app "Unlocker" which is used to delete locked files? forces it's process to be killed or close the file.handle.exe is my only alternative to "Unlocker" for x64 until the author of Unlocker updates his code. Here is the script I use to unlock a file path... with handle.exe in the %path% compile and use like... CompiledScript.EXE c:\DevFolder expandcollapse popup#Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_UseUpx=n #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** If $cmdline[0] <> 1 Or Not FileExists($cmdline[1]) Then Exit 1 If StringLeft($cmdline[1],StringLen(@UserProfileDir)) = @UserProfileDir Then Exit 1 If StringLeft($cmdline[1],StringLen(@WindowsDir)) = @WindowsDir Then Exit 1 Global $pos, $pid, $handle, $buffer = "" $pid = Run("handle """ & $cmdline[1] & """", @WindowsDir, @SW_HIDE, 2) If @error Then Exit 1 While ProcessExists($pid) $buffer &= StdoutRead($pid) WEnd $buffer = StringTrimLeft($buffer,StringInStr($buffer,@LF,0,5)) While StringInStr($buffer,@LF) $pos = StringInStr($buffer,":") If $pos = 0 Then ExitLoop $pid = StringTrimLeft($buffer,$pos+1) $pid = StringLeft($pid,StringInStr($pid," ")-1) $handle = StringLeft($buffer,StringInStr($buffer,":",0,2)-1) $handle = StringTrimLeft($handle,StringInStr($handle," ",0,-1)) $buffer = StringTrimLeft($buffer,StringInStr($buffer,@LF)) RunWait("handle -c " & $handle & " -y -p " & $pid, @WindowsDir, @SW_HIDE) WEnd $buffer = "" $pid = Run("handle """ & $cmdline[1] & """", @WindowsDir, @SW_HIDE, 2) If @error Then Exit 1 While ProcessExists($pid) $buffer &= StdoutRead($pid) WEnd If StringInStr($buffer,":") Then Exit 1 Exit 0 Lar. AutoIt has helped make me wealthy Link to comment Share on other sites More sharing options...
SharpShooter Posted September 11, 2010 Share Posted September 11, 2010 Download link is down. Link to comment Share on other sites More sharing options...
Bluesmaster Posted January 3, 2014 Share Posted January 3, 2014 Hi monoceres, could you reup this please? Even under your new domain its not available. Thank you very much regards Bluesmaster My UDF: [topic='156155']_shellExecuteHidden[/topic] Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now