Skip to content

Commit

Permalink
No commit message
Browse files Browse the repository at this point in the history
  • Loading branch information
@DavidXanatos
DavidXanatos committed Dec 16, 2019
1 parent eed788d commit ae1ae46
Show file tree
Hide file tree
Showing 36 changed files with 545 additions and 290 deletions.
25 changes: 25 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,31 @@ All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](http://semver.org/).


## [0.71] - 2019-12-16

### Added
- added side bar button tooltips
- added cleanup options for DNS inspector
- added cname host mane display

### Changed
- when sellecting the "All processes" placeholder entry the detail tabs (except rules) shows data of all processes
- reduced cpu usage when sorting the program tree
- improved firewall settign handling
- changed settings layout
- reworked app package handling to peoperly operate as a service
- simple list is now availabel also in "full height" view mode

### Fixed
- issue with socket associaction resulting in memory leak
- issues with rule guard enaling/disabling
- fixed issues when running priv 10 not as admin
- fixed issue with DNS cache
- fixed minor issue with process monitor commandline handling




## [0.70] - 2019-12-14

### Added
Expand Down
122 changes: 34 additions & 88 deletions PrivateWin10/API/AppManager.cs
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
using System;
using Microsoft.Win32;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
Expand All @@ -14,10 +15,14 @@

public class AppManager
{

// WARNING Dont use in a Service !!!
// Note: AppContainerLookupMoniker do not work properly when running under the system user !!!

public AppManager()
{
}

}

[DllImport("kernelbase", CharSet = CharSet.Unicode, SetLastError = true)]
public static extern int AppContainerLookupMoniker(IntPtr Sid, [In, Out, MarshalAs(UnmanagedType.LPWStr)] ref string packageFamilyName);
Expand All @@ -41,6 +46,13 @@ public string SidToAppPackage(string sid)
int ret = AppContainerLookupMoniker(pSid, ref packageID);

Marshal.FreeHGlobal(pSid);

/*if (ret != ERROR_SUCCESS)
{
var subKey = Registry.ClassesRoot.OpenSubKey(@"Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\" + sid, false);
if (subKey != null)
packageID = subKey.GetValue("Moniker").ToString();
}*/

return packageID;
}
Expand Down Expand Up @@ -96,68 +108,14 @@ public string GetAppPackageByPID_(int PID)
return sResult;
}


[StructLayout(LayoutKind.Sequential)]
public struct TOKEN_APPCONTAINER_INFORMATION
{
public IntPtr Sid;
}

[DllImport("ntdll.dll")]
public static extern uint NtQueryInformationToken([In] IntPtr TokenHandle, [In] uint TokenInformationClass, [In] IntPtr TokenInformation, [In] int TokenInformationLength, [Out] [Optional] out int ReturnLength);


public string GetAppPackageSidByPID(int PID)
{
//var process = System.Diagnostics.Process.GetProcessById(PID); // throws error if pid is not found
var processHandle = ProcFunc.OpenProcess(0x1000/*PROCESS_QUERY_LIMITED_INFORMATION*/, false, PID);
if (processHandle == IntPtr.Zero)
return null;

string strSID = null;

IntPtr tokenHandle = IntPtr.Zero;
if (ProcFunc.OpenProcessToken(processHandle, 8, out tokenHandle))
{
int retLen;
NtQueryInformationToken(tokenHandle, 31 /*TokenAppContainerSid*/, IntPtr.Zero, 0, out retLen);

IntPtr buffer = Marshal.AllocHGlobal((int)retLen);
ulong status = NtQueryInformationToken(tokenHandle, 31 /*TokenAppContainerSid*/, buffer, retLen, out retLen);
if (status >= 0)
{
var appContainerInfo = (TOKEN_APPCONTAINER_INFORMATION)Marshal.PtrToStructure(buffer, typeof(TOKEN_APPCONTAINER_INFORMATION));

ConvertSidToStringSid(appContainerInfo.Sid, ref strSID);
}
Marshal.FreeHGlobal(buffer);

ProcFunc.CloseHandle(tokenHandle);
}

ProcFunc.CloseHandle(processHandle);

return strSID;
}


[Serializable()]
public struct AppInfo
{
public string Name;
public string Logo;
public string ID;
public string SID;
}

private Dictionary<string, AppInfo?> AppInfosBySid = new Dictionary<string, AppInfo?>();
private Dictionary<string, UwpFunc.AppInfo> AppInfosBySid = new Dictionary<string, UwpFunc.AppInfo>();
private ReaderWriterLockSlim AppInfosBySidLock = new ReaderWriterLockSlim();

private Windows.Management.Deployment.PackageManager packageManager = new Windows.Management.Deployment.PackageManager();

public AppInfo? GetAppInfoBySid(string sid)
public UwpFunc.AppInfo GetAppInfoBySid(string sid)
{
AppInfo? info = null;
UwpFunc.AppInfo info = null;
AppInfosBySidLock.EnterReadLock();
AppInfosBySid.TryGetValue(sid, out info);
AppInfosBySidLock.ExitReadLock();
Expand Down Expand Up @@ -196,7 +154,7 @@ public struct AppInfo
}


private AppInfo? GetInfo(Windows.ApplicationModel.Package package, string sid)
private UwpFunc.AppInfo GetInfo(Windows.ApplicationModel.Package package, string sid)
{
string path;
try
Expand Down Expand Up @@ -290,27 +248,27 @@ public struct AppInfo
AppLog.Exception(err);
}

return new AppInfo() { Name = displayName, Logo = logoPath, ID = package.Id.FamilyName, SID = sid };
return new UwpFunc.AppInfo() { Name = displayName, Logo = logoPath, ID = package.Id.FamilyName, SID = sid };
}

bool FullListFetched = false;

public void UpdateAppCache()
{
Dictionary<string, AppInfo?> AppInfos = new Dictionary<string, AppInfo?>();
Dictionary<string, UwpFunc.AppInfo> AppInfos = new Dictionary<string, UwpFunc.AppInfo>();

IEnumerable<Windows.ApplicationModel.Package> packages = (IEnumerable<Windows.ApplicationModel.Package>)packageManager.FindPackages();
foreach (var package in packages)
{
string appSID = AppPackageToSid(package.Id.FamilyName).ToLower();

AppInfo? info = GetInfo(package, appSID);
UwpFunc.AppInfo info = GetInfo(package, appSID);
if (info != null)
{
if (!AppInfos.ContainsKey(appSID))
AppInfos.Add(appSID, info.Value);
AppInfos.Add(appSID, info);
/*
AppInfo? old_info;
UwpFunc.AppInfo old_info;
if (AppInfos.TryGetValue(appSID, out old_info))
AppLog.Debug("Warning an app with the SID: {0} is already listed", appSID);
*/
Expand All @@ -323,47 +281,35 @@ public void UpdateAppCache()
FullListFetched = true;
}

public List<AppInfo> GetAllApps()
public List<UwpFunc.AppInfo> GetAllApps(bool bReload = false)
{
if (!FullListFetched)
if (!FullListFetched || bReload)
UpdateAppCache();

List<AppInfo> Apps = new List<AppInfo>();
List<UwpFunc.AppInfo> Apps = new List<UwpFunc.AppInfo>();
AppInfosBySidLock.EnterReadLock();
foreach (AppInfo info in AppInfosBySid.Values)
foreach (UwpFunc.AppInfo info in AppInfosBySid.Values)
Apps.Add(info);
AppInfosBySidLock.ExitReadLock();
return Apps;
}

private Dictionary<string, string> AppResourceStrCache = new Dictionary<string, string>();
private ReaderWriterLockSlim AppResourceStrLock = new ReaderWriterLockSlim();
//////////////////////////////////////////////////////////////////////////////////////////////
// App resource handling


public string GetAppResourceStr(string resourcePath)
{
string resourceStr = null;
AppResourceStrLock.EnterReadLock();
AppResourceStrCache.TryGetValue(resourcePath, out resourceStr);
AppResourceStrLock.ExitReadLock();
if (resourceStr != null)
return resourceStr;
// Note: PackageManager requirers admin privilegs

var AppResource = TextHelpers.Split2(resourcePath.Substring(2, resourcePath.Length - 3), "?");
Windows.ApplicationModel.Package package = packageManager.FindPackage(AppResource.Item1);
var package = packageManager.FindPackage(AppResource.Item1);
if (package != null)
{
string pathToPri = Path.Combine(package.InstalledLocation.Path, "resources.pri");
resourceStr = MiscFunc.GetResourceStr(pathToPri, AppResource.Item2);
}

if (resourceStr != null)
{
AppResourceStrLock.EnterWriteLock();
if(!AppResourceStrCache.ContainsKey(resourcePath))
AppResourceStrCache.Add(resourcePath, resourceStr);
AppResourceStrLock.ExitWriteLock();
return MiscFunc.GetResourceStr(pathToPri, AppResource.Item2);
}

return resourceStr == null ? resourcePath : resourceStr;
return resourcePath;
}
}
47 changes: 47 additions & 0 deletions PrivateWin10/API/ProcFunc.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,53 @@ public static long GetProcessCreationTime(int pid)
return RawCreationTime;
}

[DllImport("advapi32", CharSet = CharSet.Unicode)]
public static extern bool ConvertStringSidToSid([In, MarshalAs(UnmanagedType.LPWStr)] string pStringSid, ref IntPtr pSID);

[DllImport("advapi32", CharSet = CharSet.Unicode)]
public static extern bool ConvertSidToStringSid(IntPtr pSID, [In, Out, MarshalAs(UnmanagedType.LPWStr)] ref string pStringSid);

[StructLayout(LayoutKind.Sequential)]
public struct TOKEN_APPCONTAINER_INFORMATION
{
public IntPtr Sid;
}

[DllImport("ntdll.dll")]
public static extern uint NtQueryInformationToken([In] IntPtr TokenHandle, [In] uint TokenInformationClass, [In] IntPtr TokenInformation, [In] int TokenInformationLength, [Out] [Optional] out int ReturnLength);

static public string GetAppPackageSidByPID(int PID)
{
//var process = System.Diagnostics.Process.GetProcessById(PID); // throws error if pid is not found
var processHandle = OpenProcess(0x1000/*PROCESS_QUERY_LIMITED_INFORMATION*/, false, PID);
if (processHandle == IntPtr.Zero)
return null;

string strSID = null;

IntPtr tokenHandle = IntPtr.Zero;
if (OpenProcessToken(processHandle, 8, out tokenHandle))
{
int retLen;
NtQueryInformationToken(tokenHandle, 31 /*TokenAppContainerSid*/, IntPtr.Zero, 0, out retLen);

IntPtr buffer = Marshal.AllocHGlobal((int)retLen);
ulong status = NtQueryInformationToken(tokenHandle, 31 /*TokenAppContainerSid*/, buffer, retLen, out retLen);
if (status >= 0)
{
var appContainerInfo = (TOKEN_APPCONTAINER_INFORMATION)Marshal.PtrToStructure(buffer, typeof(TOKEN_APPCONTAINER_INFORMATION));

ConvertSidToStringSid(appContainerInfo.Sid, ref strSID);
}
Marshal.FreeHGlobal(buffer);

CloseHandle(tokenHandle);
}

CloseHandle(processHandle);

return strSID;
}

/*
[DllImport("Kernel32.dll")]
Expand Down
51 changes: 30 additions & 21 deletions PrivateWin10/API/UwpFunc.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,27 +33,27 @@ static public bool IsRunningAsUwp()
}
}

/*
+------------------------------------------------------------------------------+
| | PlatformID | Major version | Minor version |
+------------------------------------------------------------------------------+
| Windows 95 | Win32Windows | 4 | 0 |
| Windows 98 | Win32Windows | 4 | 10 |
| Windows Me | Win32Windows | 4 | 90 |
| Windows NT 4.0 | Win32NT | 4 | 0 |
| Windows 2000 | Win32NT | 5 | 0 |
| Windows XP | Win32NT | 5 | 1 |
| Windows 2003 | Win32NT | 5 | 2 |
| Windows Vista | Win32NT | 6 | 0 |
| Windows 2008 | Win32NT | 6 | 0 |
| Windows 7 | Win32NT | 6 | 1 |
| Windows 2008 R2 | Win32NT | 6 | 1 |
| Windows 8 | Win32NT | 6 | 2 |
| Windows 8.1 | Win32NT | 6 | 3 |
+------------------------------------------------------------------------------+
| Windows 10 | Win32NT | 10 | 0 |
+------------------------------------------------------------------------------+
*/
/*
+------------------------------------------------------------------------------+
| | PlatformID | Major version | Minor version |
+------------------------------------------------------------------------------+
| Windows 95 | Win32Windows | 4 | 0 |
| Windows 98 | Win32Windows | 4 | 10 |
| Windows Me | Win32Windows | 4 | 90 |
| Windows NT 4.0 | Win32NT | 4 | 0 |
| Windows 2000 | Win32NT | 5 | 0 |
| Windows XP | Win32NT | 5 | 1 |
| Windows 2003 | Win32NT | 5 | 2 |
| Windows Vista | Win32NT | 6 | 0 |
| Windows 2008 | Win32NT | 6 | 0 |
| Windows 7 | Win32NT | 6 | 1 |
| Windows 2008 R2 | Win32NT | 6 | 1 |
| Windows 8 | Win32NT | 6 | 2 |
| Windows 8.1 | Win32NT | 6 | 3 |
+------------------------------------------------------------------------------+
| Windows 10 | Win32NT | 10 | 0 |
+------------------------------------------------------------------------------+
*/

static public bool IsWindows7OrLower
{
Expand All @@ -76,4 +76,13 @@ static public bool IsWindows8
return version == 6.2 || version == 6.3;
}
}

[Serializable()]
public class AppInfo
{
public string Name;
public string Logo;
public string ID;
public string SID;
}
}
Loading

0 comments on commit ae1ae46

Please sign in to comment.