c# - How to get strings from other processes -


i'm trying make security software in c# monitors words on other processes , act when specific word found. example: application show message box saying "beware viruses!" when other running process contains word "torrent". hope got idea.

update:
oh, , realize yet, it's still crude idea. that's why gave simple example (which know useless on real program).

update 2: why
know software called block free 4. blocks programs contains blacklisted words. it's lightweight software , works well. i'd improve these features , make better program.

this not sound idea, except maybe joke program. absurdly slow, , become classified malicious, useless. however, there @ least educational value in this.

it should possible long running admin. note admin cannot perform action on system processes.

first, need acquire sedebugprivilege. see this example.

then, need enumerate processes. see example: http://msdn.microsoft.com/en-us/library/windows/desktop/ms682623(v=vs.85).aspx

then, use open process on every pid, using process_all_access. if error_access_denied, didn't acquire sedebugprivilege correctly.

use readprocessmemory read process's memory , store in buffer. processes have massive amount of memory , need break chunks. need robust in error handling.

then, scan buffer desired string, , if find it.

you repeat of above every 10 seconds or so.

note: c#, need p-invoke these api's. c# not best language type of nonsense, it's possible... recommend native code, however.


Comments

Post a Comment

Popular posts from this blog

Android layout hidden on keyboard show -

i have strange problem layout. when tap on edittext , keyboard shown edittext stay on bottom , when tap on to hide keyboard , keyboard hides , edittext go should when want input text. when tap again, keyboard shown , edittext goes down behind keyboard... <relativelayout android:layout_width="match_parent" android:layout_height="match_parent" > <scrollview android:layout_width="match_parent" android:layout_height="fill_parent" android:above="@+id/rl_commands"> <textview android:layout_width="match_parent" android:layout_height="wrap_content"/> </scrollview> <relativelayout android:layout_width="match_parent android:layout_height="24dp" android:id="@+id/rl_commands" android:alignparentbottom="true">
Read more

google app engine - 403 Forbidden POST - Flask WTForms -

i have flask application running on google app engine. trying submit form built using wtform , keep getting following error. 403 forbidden: don't have permission access requested resource. either read-protected or not readable server. location.html (part of code) <form method=post action="/home/location"> .... <button type="submit" class="btn btn-primary" value="submit"> directions </button> </form> main.py @app.route('/home/location', methods=['post', 'get']) def location(): form = cfcdirections.direction(request.form) print(request.method) if request.method == 'post' , form.validate(): print("after if") directions = cfcdirections() street_no = directions.no street = directions.street suburb = directions.suburb postcode = directions.postcode
Read more

c - Why would PK11_GenerateRandom() return an error -8023? -

i looking through internet trying find source of pk11_generaterandom() function see why function fail. have program uses function when moved new flavor of linux, fails after forking ( fork() ) since not believe there problem nss, suspect doing incorrectly disregarded in older versions of linux new 1 there issue. the openssl package same on 'good' , 'bad' server: openssl 0.9.8e-fips-rhel5 01 jul nss rpm differs though. 'good' has nss-3.12.2.0-2.el5 and bas has version nss-3.15.3-4.el5_10 the 'good' server uses quite obsolete linux: linux 2.6.18-128.el5 #1 smp wed jan 21 08:45:05 est 2009 x86_64 x86_64 x86_64 gnu/linux enterprise linux enterprise linux server release 5.3 (carthage) red hat enterprise linux server release 5.3 (tikanga) the 'bad' server newer: linux bad 2.6.18-371.4.1.el5 #1 smp wed jan 29 11:05:49 pst 2014 x86_64 x86_64 x86_64 gnu/linux oracle linux server release 5.10 red hat enterprise linux server release
Read more