This commit is contained in:
love-code-yeyixiao 2024-05-26 20:24:52 +08:00
parent da14f5eed6
commit cae33d599b
1 changed files with 15 additions and 5 deletions

View File

@ -259,7 +259,8 @@ _FX void SysInfo_DiscardProcesses(SYSTEM_PROCESS_INFORMATION *buf)
WCHAR* hiddenProcessesPtr = NULL; WCHAR* hiddenProcessesPtr = NULL;
ULONG hiddenProcessesLen = 100 * 110; // we can hide up to 100 processes, should be enough ULONG hiddenProcessesLen = 100 * 110; // we can hide up to 100 processes, should be enough
WCHAR hiddenProcess[110]; WCHAR hiddenProcess[110];
ULONG tempSession = 0,tempSid=0; ULONG tempSession = 0;
WCHAR* tempSid = L"";
for (ULONG index = 0; ; ++index) { for (ULONG index = 0; ; ++index) {
NTSTATUS status = SbieApi_QueryConfAsIs(NULL, L"HideHostProcess", index, hiddenProcess, 108 * sizeof(WCHAR)); NTSTATUS status = SbieApi_QueryConfAsIs(NULL, L"HideHostProcess", index, hiddenProcess, 108 * sizeof(WCHAR));
@ -295,7 +296,7 @@ _FX void SysInfo_DiscardProcesses(SYSTEM_PROCESS_INFORMATION *buf)
break; break;
SbieApi_QueryProcess(next->UniqueProcessId, boxname, NULL, &tempSid, &tempSession); SbieApi_QueryProcess(next->UniqueProcessId, boxname, NULL, &tempSid, &tempSession);
DWORD currentSession = WTSGetActiveConsoleSessionId(); DWORD currentSession = tempSession;
HANDLE token1; HANDLE token1;
Terminal_WTSQueryUserToken(currentSession, &token1); Terminal_WTSQueryUserToken(currentSession, &token1);
SID_AND_ATTRIBUTES attrs; SID_AND_ATTRIBUTES attrs;
@ -303,9 +304,18 @@ _FX void SysInfo_DiscardProcesses(SYSTEM_PROCESS_INFORMATION *buf)
ZeroMemory(&attrs, sizeof(attrs)); ZeroMemory(&attrs, sizeof(attrs));
NtQueryInformationToken(token1, TokenUser, &attrs, sizeof(attrs), &uRtn); NtQueryInformationToken(token1, TokenUser, &attrs, sizeof(attrs), &uRtn);
BOOL hideProcess = FALSE; BOOL hideProcess = FALSE;
if (attrs.Sid == tempSid) { UNICODE_STRING uni;
if (SbieApi_QueryConfBool(NULL,L"HideInteractionProcess", FALSE)) WCHAR* buf = L"";
hideProcess = TRUE; uni.Length = 0;
uni.MaximumLength = 512;
uni.Buffer = buf;
if(NT_SUCCESS(RtlConvertSidToUnicodeString(&uni,attrs.Sid,FALSE))){
if (_wcsicmp(buf,tempSid)==0) {
if (SbieApi_QueryConfBool(NULL, L"HideInteractionProcess", FALSE)) {
hideProcess = TRUE;
}
}
RtlFreeUnicodeString(&uni);
} }
else else
if (hideOther && *boxname && _wcsicmp(boxname, Dll_BoxName) != 0) { if (hideOther && *boxname && _wcsicmp(boxname, Dll_BoxName) != 0) {