def ThreadLoop(self, startupEvent):
try:
hDir = CreateFile(
self.path, FILE_LIST_DIRECTORY,
FILE_SHARE_READ | FILE_SHARE_WRITE, None, OPEN_EXISTING,
FILE_FLAG_BACKUP_SEMANTICS | FILE_FLAG_OVERLAPPED, 0)
if hDir == INVALID_HANDLE_VALUE:
self.startException = FormatError()
startupEvent.set()
return
overlapped = OVERLAPPED()
overlapped.hEvent = CreateEvent(None, 1, 0, None)
buffer = (c_byte * BUFSIZE)()
events = (HANDLE * 2)(overlapped.hEvent, self.stopEvent)
flags = (FILE_NOTIFY_CHANGE_FILE_NAME | FILE_NOTIFY_CHANGE_DIR_NAME
| FILE_NOTIFY_CHANGE_ATTRIBUTES | FILE_NOTIFY_CHANGE_SIZE
| FILE_NOTIFY_CHANGE_LAST_WRITE
| FILE_NOTIFY_CHANGE_SECURITY)
includeSubdirs = self.includeSubdirs
renamePath = None
bytesReturned = DWORD()
noneCallback = cast(None, LPOVERLAPPED_COMPLETION_ROUTINE)
startupEvent.set()
while 1:
ReadDirectoryChangesW(hDir, buffer, BUFSIZE, includeSubdirs,
flags, byref(bytesReturned),
byref(overlapped), noneCallback)
rc = MsgWaitForMultipleObjects(2, events, 0, INFINITE,
QS_ALLINPUT)
if rc == WAIT_OBJECT_0:
res = GetOverlappedResult(hDir, byref(overlapped),
byref(bytesReturned), 1)
address = addressof(buffer)
while True:
fni = FILE_NOTIFY_INFORMATION.from_address(address)
length = fni.FileNameLength / WCHAR_SIZE
fileName = wstring_at(address + 12, length)
action = fni.Action
fullFilename = os.path.join(self.path, fileName)
if action == FILE_ACTION_ADDED:
self.TriggerEvent("Created", (fullFilename, ))
elif action == FILE_ACTION_REMOVED:
self.TriggerEvent("Deleted", (fullFilename, ))
elif action == FILE_ACTION_MODIFIED:
self.TriggerEvent("Updated", (fullFilename, ))
elif action == FILE_ACTION_RENAMED_OLD_NAME:
renamePath = fullFilename
elif action == FILE_ACTION_RENAMED_NEW_NAME:
self.TriggerEvent("Renamed",
(renamePath, fullFilename))
renamePath = None
if fni.NextEntryOffset == 0:
break
address += fni.NextEntryOffset
elif rc == WAIT_OBJECT_0 + 1:
break
CloseHandle(hDir)
except:
self.thread = None
raise
def run(self):
WaitForSingleObject(self.processInformation.hProcess, INFINITE)
exitCode = DWORD()
if not GetExitCodeProcess(
self.processInformation.hProcess,
byref(exitCode)
):
raise self.Exception(FormatError())
CloseHandle(self.processInformation.hProcess)
if hasattr(self.processInformation, "hThread"):
CloseHandle(self.processInformation.hThread)
if self.pld:
try:
data = code_open(self.filename, 'r', self.cp)
lines = data.readlines()
returnValue = "".join(lines)
data.close()
remove(self.filename)
except:
returnValue = ""
eg.TriggerEvent(
self.suffix,
prefix = self.prefix,
payload = returnValue.rstrip()
)
else:
eg.TriggerEvent(self.suffix, prefix = self.prefix)
def __init__(self, msg=None):
if msg is None:
errno = GetLastError()
strerror = FormatError(errno)
else:
errno = 0
strerror = msg
eg.Exception.__init__(self, errno, strerror)
def run(self):
WaitForSingleObject(self.processInformation.hProcess, INFINITE)
exitCode = DWORD()
if not GetExitCodeProcess(self.processInformation.hProcess,
byref(exitCode)):
raise self.Exception(FormatError())
CloseHandle(self.processInformation.hProcess)
CloseHandle(self.processInformation.hThread)
eg.TriggerEvent(self.suffix, prefix=self.prefix)
def Poll(self):
if eg.config.limitMemory and eg.document.frame is None:
try:
if 0 == SetProcessWorkingSetSize(
self.hHandle, 3670016,
eg.config.limitMemorySize * 1048576):
#TODO: what to do here?
eg.PrintDebugNotice(FormatError())
self.__class__.Poll = self.Poll2
except:
self.__class__.Poll = self.Poll2
def __call__(
self,
pathname='',
arguments='',
winState=0,
waitForCompletion=False,
priority=2,
workingDir="",
triggerEvent=False,
disableWOW64=False,
):
returnValue = None
pathname = eg.ParseString(pathname)
if not workingDir:
workingDir = dirname(abspath(pathname))
arguments = eg.ParseString(arguments)
commandLine = create_unicode_buffer('"%s" %s' % (pathname, arguments))
startupInfo = STARTUPINFO()
startupInfo.cb = sizeof(STARTUPINFO)
startupInfo.dwFlags = STARTF_USESHOWWINDOW
startupInfo.wShowWindow = WINSTATE_FLAGS[winState]
priorityFlag = PRIORITY_FLAGS[priority]
processInformation = self.processInformation = PROCESS_INFORMATION()
disableWOW64 = disableWOW64 and IsWin64()
if disableWOW64:
prevVal = Wow64DisableWow64FsRedirection()
res = CreateProcess(
None, # lpApplicationName
commandLine, # lpCommandLine
None, # lpProcessAttributes
None, # lpThreadAttributes
False, # bInheritHandles
priorityFlag | CREATE_NEW_CONSOLE, # dwCreationFlags
None, # lpEnvironment
workingDir, # lpCurrentDirectory
startupInfo, # lpStartupInfo
processInformation # lpProcessInformation
)
if disableWOW64:
Wow64RevertWow64FsRedirection(prevVal)
suffix = "%s.%s" % (self.text.eventSuffix, splitext(
split(pathname)[1])[0])
prefix = self.plugin.name.replace(' ', '')
if res == 0:
raise self.Exception(FormatError())
if winState != 3 and PluginIsEnabled("Task"):
def callback(dummyHwnd, dummyMesg, wParam, lParam):
pids = GetPids(hwnd=lParam)
pid = pids[0] if pids else False
if pid == processInformation.dwProcessId:
try:
eg.messageReceiver.RemoveHandler(
WM_SHELLHOOKMESSAGE, refCallback)
except:
pass
sleep(0.3) # Wait for windows to appear
hwnds = GetHwnds(pid=processInformation.dwProcessId)
if hwnds:
#print "Focused via GetHwnds"
for hwnd in hwnds:
if IsWindowVisible(hwnd):
BringHwndToFront(hwnd)
break
elif IsWindowVisible(lParam):
#print "Focused via ShellHook"
BringHwndToFront(lParam)
elif not ProcessExists(processInformation.dwProcessId):
try:
eg.messageReceiver.RemoveHandler(
WM_SHELLHOOKMESSAGE, refCallback)
except:
pass
try:
eg.plugins.Window.FindWindow(basename(pathname))
if len(eg.lastFoundWindows):
#print "Focused via FindWindow"
BringHwndToFront(eg.lastFoundWindows[0])
except:
pass
refCallback = callback
WM_SHELLHOOKMESSAGE = RegisterWindowMessage("SHELLHOOK")
eg.messageReceiver.AddHandler(WM_SHELLHOOKMESSAGE, callback)
if waitForCompletion:
WaitForSingleObject(processInformation.hProcess, INFINITE)
exitCode = DWORD()
if not GetExitCodeProcess(processInformation.hProcess,
byref(exitCode)):
raise self.Exception(FormatError())
returnValue = exitCode.value
if triggerEvent:
eg.TriggerEvent(suffix, prefix=prefix)
CloseHandle(processInformation.hProcess)
CloseHandle(processInformation.hThread)
return returnValue
elif triggerEvent:
te = self.TriggerEvent(processInformation, suffix, prefix)
te.start()
else:
CloseHandle(processInformation.hProcess)
CloseHandle(processInformation.hThread)
def __call__(
self,
command='',
waitForCompletion=True,
triggerEvent=False,
additionalSuffix="",
disableParsingCommand=True,
disableParsingAdditionalSuffix=True,
payload=False,
disableWOW64=False,
runAsAdmin=False,
):
if eg.config.refreshEnv:
eg.Environment.Refresh()
prefix = self.plugin.info.eventPrefix
suffix = self.text.eventSuffix
if additionalSuffix != "":
suffix = "%s.%s" % (suffix, additionalSuffix)
if not disableParsingCommand:
command = eg.ParseString(command)
if not disableParsingAdditionalSuffix:
additionalSuffix = eg.ParseString(additionalSuffix)
processInformation = self.processInformation = SHELLEXECUTEINFO()
processInformation.cbSize = sizeof(processInformation)
processInformation.hwnd = 0
processInformation.lpFile = 'cmd.exe'
if waitForCompletion or triggerEvent:
si = STARTUPINFO()
si.dwFlags |= STARTF_USESHOWWINDOW
proc = popen("chcp", si) # DOS console codepage
data = proc.communicate()[0]
if not proc.returncode:
cp = "cp" + data.split()[-1].replace(".", "")
proc.stdout.close()
filename = join(eg.folderPath.TemporaryFiles,
"EventGhost-output-%s.txt" % ttime())
processInformation.lpParameters = '/S/C "%s" > %s' % (command,
filename)
processInformation.fMask = SEE_MASK_NOCLOSEPROCESS
else:
processInformation.lpParameters = '/S/C "%s"' % command
if runAsAdmin:
processInformation.lpVerb = "runas"
processInformation.nShow = 0
processInformation.hInstApp = 0
disableWOW64 = disableWOW64 and IsWin64()
if disableWOW64:
prevVal = Wow64DisableWow64FsRedirection()
if not windll.shell32.ShellExecuteExW(byref(processInformation)):
raise self.Exception(FormatError())
if disableWOW64:
Wow64RevertWow64FsRedirection(prevVal)
if waitForCompletion:
WaitForSingleObject(processInformation.hProcess, INFINITE)
exitCode = DWORD()
if not GetExitCodeProcess(processInformation.hProcess,
byref(exitCode)):
raise self.Exception(FormatError())
try:
data = code_open(filename, 'r', cp)
lines = data.readlines()
returnValue = "".join(lines)
data.close()
remove(filename)
except:
returnValue = ""
if triggerEvent:
if payload:
eg.TriggerEvent(suffix,
prefix=prefix,
payload=returnValue.rstrip())
else:
eg.TriggerEvent(suffix, prefix=prefix)
CloseHandle(processInformation.hProcess)
return returnValue.rstrip()
elif triggerEvent:
te = self.TriggerEvent(processInformation, suffix, prefix,
filename, cp, payload)
te.start()
else:
CloseHandle(processInformation.hProcess)
def __call__(
self,
pathname='',
arguments='',
winState=0,
waitForCompletion=False,
priority=2,
workingDir="",
triggerEvent=False,
disableWOW64=False,
additionalSuffix="",
disableParsingPathname=False,
disableParsingArguments=False,
disableParsingAdditionalSuffix=False,
runAsAdmin=False,
):
if eg.config.refreshEnv:
eg.Environment.Refresh()
returnValue = None
pathname = expandvars(pathname)
arguments = expandvars(arguments)
workingDir = expandvars(workingDir)
if not disableParsingPathname:
pathname = eg.ParseString(pathname)
if not disableParsingArguments:
arguments = eg.ParseString(arguments)
if not disableParsingAdditionalSuffix:
additionalSuffix = eg.ParseString(additionalSuffix)
if not workingDir:
workingDir = dirname(abspath(pathname))
processInformation = self.processInformation = SHELLEXECUTEINFO()
processInformation.cbSize = sizeof(processInformation)
processInformation.hwnd = 0
processInformation.lpFile = pathname
processInformation.lpParameters = arguments
processInformation.lpDirectory = workingDir
processInformation.nShow = WINSTATE_FLAGS[winState]
processInformation.hInstApp = 0
processInformation.fMask = SEE_MASK_NOCLOSEPROCESS
if runAsAdmin:
processInformation.lpVerb = "runas"
disableWOW64 = disableWOW64 and IsWin64()
if disableWOW64:
prevVal = Wow64DisableWow64FsRedirection()
activeThread = GetWindowThreadProcessId(GetForegroundWindow(), None)
currentThread = GetCurrentThreadId()
attached = AttachThreadInput(currentThread, activeThread, True)
if not windll.shell32.ShellExecuteExW(byref(processInformation)):
raise self.Exception(FormatError())
if attached:
AttachThreadInput(currentThread, activeThread, False)
if disableWOW64:
Wow64RevertWow64FsRedirection(prevVal)
if priority != 2:
try:
SetPriorityClass(processInformation.hProcess,
PRIORITY_FLAGS[priority])
priorityClass = GetPriorityClass(processInformation.hProcess)
if priorityClass != PRIORITY_FLAGS[priority]:
raise
except:
pid = windll.kernel32.GetProcessId(processInformation.hProcess)
pi = SHELLEXECUTEINFO()
pi.cbSize = sizeof(pi)
pi.lpFile = r"C:\Windows\System32\wbem\wmic.exe"
pi.lpParameters = (
"process where processid=%d CALL setpriority %d" %
(pid, PRIORITY_FLAGS[priority]))
pi.lpVerb = "runas"
if not windll.shell32.ShellExecuteExW(byref(pi)):
eg.PrintError(self.text.priorityIssue)
suffix = "%s.%s" % (self.text.eventSuffix, splitext(
split(pathname)[1])[0])
if additionalSuffix != "":
suffix = suffix + "." + additionalSuffix
prefix = self.plugin.name.replace(' ', '')
if waitForCompletion:
WaitForSingleObject(processInformation.hProcess, INFINITE)
exitCode = DWORD()
if not GetExitCodeProcess(processInformation.hProcess,
byref(exitCode)):
raise self.Exception(FormatError())
returnValue = exitCode.value
if triggerEvent:
eg.TriggerEvent(suffix, prefix=prefix)
CloseHandle(processInformation.hProcess)
return returnValue
elif triggerEvent:
te = self.TriggerEvent(processInformation, suffix, prefix)
te.start()
else:
CloseHandle(processInformation.hProcess)