· 5 years ago · Jul 08, 2020, 11:46 PM
1Imports System.Runtime.Versioning
2Imports System.Security
3Imports System.Security.Permissions
4Imports Kai.Classes.Processes.Enums
5Imports Kai.Classes.Processes.Structures
6Imports Kai.Classes.Services.Structures
7
8Namespace Classes
9
10 ''' <summary>
11 ''' <copyright file="NativeMethods.vb" company="SimpleCoders">
12 ''' Copyright (c) Simple Coders. All rights reserved.
13 ''' </copyright>
14 ''' </summary>
15 <SecurityCritical, PermissionSet(SecurityAction.LinkDemand, Name:="FullTrust")>
16 <SuppressUnmanagedCodeSecurity>
17 Friend Class NativeMethods
18
19 ''' <summary>
20 ''' The maximum length of a path according to the Windows API, defined as 260 characters.
21 ''' </summary>
22 Friend Const MaxPath = 260
23
24 ''' <summary>
25 ''' A file that does not have other attributes set. This attribute is valid only when used alone.
26 ''' </summary>
27 Friend Const FileAttributeNormal As Integer = &H80
28
29 ''' <summary>
30 ''' An invalid handle to the specified snapshot.
31 ''' </summary>
32 Friend Shared ReadOnly InvalidHandleValue As New IntPtr(-1)
33
34 ''' <summary>
35 ''' Probably some shitty programming :/
36 ''' </summary>
37 Friend Shared ReadOnly NullHandleValue As IntPtr = IntPtr.Zero
38
39 ''' <summary>
40 ''' Retrieves information about the specified process.
41 ''' </summary>
42 ''' <param name="processHandle">
43 ''' A handle to the process for which information is to be retrieved.
44 ''' </param>
45 ''' <param name="processInformationClass">
46 ''' The type of process information to be retrieved. This parameter can be one of the following values from the
47 ''' PROCESSINFOCLASS enumeration.
48 ''' </param>
49 ''' <param name="processInformation">
50 ''' A pointer to a buffer supplied by the calling application into which the function writes the requested information.
51 ''' The size of the information written varies depending on the data type of the ProcessInformationClass parameter:
52 ''' </param>
53 ''' <param name="processInformationLength">
54 ''' The size of the buffer pointed to by the ProcessInformation parameter, in bytes.
55 ''' </param>
56 ''' <param name="returnLength">
57 ''' A pointer to a variable in which the function returns the size of the requested information. If the function was successful,
58 ''' this is the size of the information written to the buffer pointed to by the ProcessInformation parameter,
59 ''' but if the buffer was too small, this is the minimum size of buffer needed to receive the information successfully.
60 ''' </param>
61 ''' <returns>
62 ''' The function returns an NTSTATUS success or error code.
63 '''
64 ''' The forms and significance of NTSTATUS error codes are listed in the Ntstatus.h header file available in the DDK, and are
65 ''' described in the DDK documentation under Kernel-Mode Driver Architecture / Design Guide / Driver Programming Techniques /
66 ''' Logging Errors.
67 ''' </returns>
68 ''' <remarks>
69 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/winternl/nf-winternl-ntqueryinformationprocess
70 ''' </remarks>
71 <DllImport(ExternDll.Ntdll, CharSet:=CharSet.Auto, SetLastError:=True)>
72 Friend Shared Function NtQueryInformationProcess(processHandle As IntPtr, processInformationClass As Integer, ByRef processInformation As ULong, processInformationLength As IntPtr,
73 ByRef returnLength As IntPtr) As Integer
74 End Function
75
76 ''' <summary>
77 ''' Sets information about the specified process.
78 ''' </summary>
79 ''' <param name="hProcess">
80 ''' A handle to the process for which information is to be retrieved.
81 ''' </param>
82 ''' <param name="processInformationClass">
83 ''' The type of process information to be retrieved. This parameter can be one of the following values from the
84 ''' PROCESSINFOCLASS enumeration.
85 ''' </param>
86 ''' <param name="processInformation">
87 ''' A pointer to a buffer supplied by the calling application into which the function writes the requested information.
88 ''' The size of the information written varies depending on the data type of the ProcessInformationClass parameter:
89 ''' </param>
90 ''' <param name="processInformationLength">
91 ''' The size of the buffer pointed to by the ProcessInformation parameter, in bytes.
92 ''' </param>
93 ''' <remarks>
94 ''' See https://undocumented.ntinternals.net/index.html?page=UserMode%2FUndocumented%20Functions%2FNT%20Objects%2FProcess%2FNtSetInformationProcess.html
95 ''' Must be noted this is an undocumented API.
96 ''' </remarks>
97 <DllImport(ExternDll.Ntdll, SetLastError:=True)>
98 Friend Shared Function NtSetInformationProcess(hProcess As IntPtr, processInformationClass As Integer, ByRef processInformation As Integer, processInformationLength As Integer) As Integer
99 End Function
100
101 ''' <summary>
102 ''' The ConvertSidToStringSid function converts a security identifier (SID) to a string format suitable for
103 ''' display, storage, or transmission.
104 ''' </summary>
105 ''' <param name="sid">
106 ''' A pointer to the SID structure to be converted.
107 ''' </param>
108 ''' <param name="StringSid">
109 ''' A pointer to a variable that receives a pointer to a null-terminated SID string.
110 ''' To free the returned buffer, call the LocalFree function.
111 ''' </param>
112 ''' <returns>
113 ''' If the function succeeds, the return value is nonzero.
114 ''' </returns>
115 ''' <remarks>
116 ''' See https://msdn.microsoft.com/en-us/library/windows/desktop/aa376399(v=vs.85).aspx
117 ''' </remarks>
118 <DllImport(ExternDll.Advapi32, SetLastError:=True)>
119 Friend Shared Function ConvertSidToStringSid(sid As IntPtr, ByRef stringSid As String) As IntPtr
120 End Function
121
122 ''' <summary>
123 ''' Retrieves a pseudo handle for the current process.
124 ''' </summary>
125 ''' <returns>
126 ''' The return value is a pseudo handle to the current process.
127 ''' </returns>
128 ''' <remarks>
129 ''' A pseudo handle is a special constant, currently (HANDLE)-1, that is interpreted as the current process handle.
130 ''' For compatibility with future operating systems, it is best to call GetCurrentProcess instead of hard-coding this constant value.
131 ''' The calling process can use a pseudo handle to specify its own process whenever a process handle is required.
132 ''' Pseudo handles are not inherited by child processes.
133 '''
134 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/processthreadsapi/nf-processthreadsapi-getcurrentprocess
135 ''' </remarks>
136 <DllImport(ExternDll.Kernel32, SetLastError:=True)>
137 Friend Shared Function GetCurrentProcess() As IntPtr
138 End Function
139
140 ''' <summary>
141 ''' Retrieves the full name of the executable image for the specified process.
142 ''' </summary>
143 ''' <param name="hProcess">
144 ''' A handle to the process. This handle must be created with the PROCESS_QUERY_INFORMATION or PROCESS_QUERY_LIMITED_INFORMATION access right.
145 ''' </param>
146 ''' <param name="dwFlags">
147 ''' This parameter can be one of the following values.
148 ''' </param>
149 ''' <param name="lpExeName">
150 ''' The path to the executable image. If the function succeeds, this string is null-terminated.
151 ''' </param>
152 ''' <param name="lpdwSize">
153 ''' On input, specifies the size of the lpExeName buffer, in characters. On success, receives the number of characters
154 ''' written to the buffer, not including the null-terminating character.
155 ''' </param>
156 ''' <returns>
157 ''' If the function succeeds, the return value is nonzero.
158 ''' </returns>
159 ''' <remarks>
160 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/winbase/nf-winbase-queryfullprocessimagenamea
161 ''' </remarks>
162 <DllImport(ExternDll.Kernel32, SetLastError:=True)>
163 Friend Shared Function QueryFullProcessImageName(hProcess As IntPtr, dwFlags As Integer, lpExeName As StringBuilder, ByRef lpdwSize As Integer) As Boolean
164 End Function
165
166
167 ''' <summary>
168 ''' Terminates the specified process and all of its threads.
169 ''' </summary>
170 ''' <param name="hProcess">
171 ''' A handle to the process to be terminated. The handle must have the PROCESS_TERMINATE access right.
172 ''' For more information, see Process Security and Access Rights.
173 ''' https://msdn.microsoft.com/en-us/library/windows/desktop/ms684880(v=vs.85).aspx
174 ''' </param>
175 ''' <param name="exitCode">
176 ''' The exit code to be used by the process and threads terminated as a result of this call. Use the
177 ''' GetExitCodeProcess function to retrieve a process's exit value. Use the GetExitCodeThread function
178 ''' to retrieve a thread's exit value.
179 ''' </param>
180 ''' <returns>
181 ''' If the function succeeds, the return value is nonzero.
182 ''' </returns>
183 ''' <remarks>
184 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/processthreadsapi/nf-processthreadsapi-terminateprocess
185 ''' </remarks>
186 <DllImport(ExternDll.Kernel32, SetLastError:=True)>
187 Friend Shared Function TerminateProcess(<[In]()> hProcess As IntPtr,
188 <[In]()> exitCode As Integer) As Boolean
189 End Function
190
191 ''' <summary>
192 ''' The OpenProcessToken function opens the access token associated with a process.
193 ''' </summary>
194 ''' <param name="ProcessToken">
195 ''' A handle to the process whose access token is opened.
196 ''' The process must have the PROCESS_QUERY_INFORMATION access permission.
197 ''' </param>
198 ''' <param name="DesiredAccess">
199 ''' Specifies an access mask that specifies the requested types of access to the access token.
200 ''' These requested access types are compared with the discretionary access control list (DACL) of the token to
201 ''' determine which accesses are granted or denied.
202 ''' </param>
203 ''' <param name="tokenHandle">
204 ''' A pointer to a handle that identifies the newly opened access token when the function returns.
205 ''' </param>
206 ''' <returns>
207 ''' If the function succeeds, the return value is nonzero.
208 ''' </returns>
209 ''' <remarks>
210 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/processthreadsapi/nf-processthreadsapi-openprocesstoken
211 ''' </remarks>
212 <DllImport(ExternDll.Advapi32, CharSet:=CharSet.Unicode, SetLastError:=True)>
213 Friend Shared Function OpenProcessToken(<[In]()> processToken As IntPtr,
214 <[In]()> desiredAccess As Integer,
215 <[Out]()> ByRef tokenHandle As IntPtr) As IntPtr
216 End Function
217
218 ''' <summary>
219 ''' Closes an open object handle.
220 ''' </summary>
221 ''' <param name="hObject">
222 ''' A valid handle to an open object.
223 ''' </param>
224 ''' <returns>
225 ''' If the function succeeds, the return value is nonzero.
226 ''' </returns>
227 ''' <remarks>
228 ''' See https://msdn.microsoft.com/en-us/library/windows/desktop/ms724211(v=vs.85).aspx
229 ''' </remarks>
230 <DllImport(ExternDll.Kernel32, CharSet:=CharSet.Auto, SetLastError:=True)>
231 Friend Shared Function CloseHandle(<[In]> hObject As IntPtr) As <MarshalAs(UnmanagedType.Bool)> Boolean
232 End Function
233
234 ''' <summary>
235 ''' Opens an existing local process object.
236 ''' </summary>
237 ''' <param name="dwDesiredAccess">
238 ''' The access to the process object. This access right is checked against the
239 ''' security descriptor for the process. This parameter can be one or more of the process access rights.
240 ''' </param>
241 ''' <param name="bInheritHandle">
242 ''' If this value is TRUE, processes created by this process will inherit the handle.
243 ''' Otherwise, the processes do not inherit this handle.
244 ''' </param>
245 ''' <param name="dwProcessId">
246 ''' The identifier of the local process to be opened.
247 ''' </param>
248 ''' <returns>
249 ''' If the function succeeds, the return value is an open handle to the specified process.
250 ''' If the function fails, the return value is NULL.
251 ''' </returns>
252 ''' <remarks>
253 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/processthreadsapi/nf-processthreadsapi-openprocess
254 ''' </remarks>
255 <DllImport(ExternDll.Kernel32, CharSet:=CharSet.Auto, SetLastError:=True)>
256 Friend Shared Function OpenProcess(<[In]> dwDesiredAccess As SecurityFlags,
257 <[In]> bInheritHandle As Boolean,
258 <[Out]> dwProcessId As Integer) As IntPtr
259 End Function
260
261 ''' <summary>
262 ''' Sends a control code to a service.
263 ''' </summary>
264 ''' <param name="hService">
265 ''' A handle to the service. This handle is returned by the OpenService or CreateService function.
266 ''' The access rights required for this handle depend on the dwControl code requested.
267 ''' </param>
268 ''' <param name="dwControl">
269 ''' This parameter can be one of the following control codes.
270 ''' </param>
271 ''' <param name="lpServiceStatus">
272 ''' A pointer to a SERVICE_STATUS structure that receives the latest service status information.
273 ''' The information returned reflects the most recent status that the service reported to the service control manager.
274 ''' </param>
275 ''' <returns>
276 ''' If the function succeeds, the return value is nonzero.
277 ''' </returns>
278 ''' <remarks>
279 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/winsvc/nf-winsvc-controlservice
280 ''' </remarks>
281 <DllImport(ExternDll.Advapi32, SetLastError:=True)>
282 Friend Shared Function ControlService(hService As IntPtr,
283 dwControl As Services.Enums.ServiceControlManager.ServiceControlManagerType,
284 ByRef lpServiceStatus As ServiceStatusProcess) As Boolean
285 End Function
286
287 ''' <summary>
288 ''' Starts a service.
289 ''' </summary>
290 ''' <param name="hService">
291 ''' A handle to the service. This handle is returned by the OpenService or CreateService function,
292 ''' and it must have the SERVICE_START access right. For more information, see Service Security and Access Rights.
293 ''' </param>
294 ''' <param name="dwNumServiceArgs">
295 ''' The number of strings in the lpServiceArgVectors array. If lpServiceArgVectors is NULL, this parameter can be zero.
296 ''' </param>
297 ''' <param name="lpServiceArgVectors">
298 ''' The null-terminated strings to be passed to the ServiceMain function for the service as arguments. If there are no arguments, this parameter can be NULL.
299 ''' Otherwise, the first argument (lpServiceArgVectors[0]) is the name of the service, followed by any additional arguments (lpServiceArgVectors[1] through
300 ''' lpServiceArgVectors[dwNumServiceArgs-1]).
301 ''' </param>
302 ''' <returns>
303 ''' If the function succeeds, the return value is nonzero.
304 ''' </returns>
305 ''' <remarks>
306 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/winsvc/nf-winsvc-startservicea
307 ''' </remarks>
308 <DllImport("advapi32", SetLastError:=True)>
309 Friend Shared Function StartService(hService As IntPtr,
310 dwNumServiceArgs As Integer,
311 lpServiceArgVectors() As String) As <MarshalAs(UnmanagedType.Bool)> Boolean
312 End Function
313
314 ''' <summary>
315 ''' Marks the specified service for deletion from the service control manager database.
316 ''' </summary>
317 ''' <param name="hService">
318 ''' A handle to the service. This handle is returned by the OpenService or CreateService function,
319 ''' and it must have the DELETE access right. For more information, see Service Security and Access Rights.
320 ''' </param>
321 ''' <returns>
322 ''' If the function succeeds, the return value is nonzero.
323 ''' </returns>
324 ''' <remarks>
325 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/winsvc/nf-winsvc-deleteservice
326 ''' </remarks>
327 <DllImport(ExternDll.Advapi32, SetLastError:=True)>
328 Friend Shared Function DeleteService(hService As IntPtr) As <MarshalAs(UnmanagedType.Bool)> Boolean
329 End Function
330
331 ''' <summary>
332 ''' Opens an existing service.
333 ''' </summary>
334 ''' <param name="hScManager">
335 ''' A handle to the service control manager database. The OpenSCManager function returns this handle. For more information, see Service Security
336 ''' and Access Rights.
337 ''' </param>
338 ''' <param name="lpServiceName">
339 ''' The name of the service to be opened. This is the name specified by the lpServiceName parameter of
340 ''' the CreateService function when the service object was created, not the service display name that is shown by user interface
341 ''' applications to identify the service.
342 ''' </param>
343 ''' <param name="dwDesiredAccess">
344 ''' The access to the service.
345 ''' </param>
346 ''' <returns>
347 ''' If the function succeeds, the return value is a handle to the service.
348 ''' </returns>
349 ''' <remarks>
350 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/winsvc/nf-winsvc-openservicea
351 ''' </remarks>
352 <DllImport(ExternDll.Advapi32, SetLastError:=True, CharSet:=CharSet.Auto)>
353 Friend Shared Function OpenService(hScManager As IntPtr, lpServiceName As String, dwDesiredAccess As Int32) As IntPtr
354 End Function
355
356
357 ''' <summary>
358 ''' Closes a handle to a service control manager or service object.
359 ''' </summary>
360 ''' <param name="hScObject">
361 ''' A handle to the service control manager object or the service object to close. Handles to service control manager objects are
362 ''' returned by the OpenSCManager function, and handles to service objects are returned by either the OpenService or CreateService
363 ''' function.
364 ''' </param>
365 ''' <returns>
366 ''' If the function succeeds, the return value is nonzero.
367 ''' </returns>
368 ''' <remarks>
369 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/winsvc/nf-winsvc-closeservicehandle
370 ''' </remarks>
371 <DllImport(ExternDll.Advapi32, SetLastError:=True)>
372 Friend Shared Function CloseServiceHandle(hScObject As IntPtr) As Boolean
373 End Function
374
375 ''' <summary>
376 ''' Establishes a connection to the service control manager on the specified computer and opens the specified service control manager database.
377 ''' </summary>
378 ''' <param name="lpMachineName">
379 ''' The name of the target computer. If the pointer is NULL or points to an empty string, the function connects to the service control
380 ''' manager on the local computer.
381 ''' </param>
382 ''' <param name="lpDatabaseName">
383 ''' The name of the service control manager database. This parameter should be set to SERVICES_ACTIVE_DATABASE. If it is NULL, the
384 ''' SERVICES_ACTIVE_DATABASE database is opened by default.
385 ''' </param>
386 ''' <param name="dwDesiredAccess">
387 ''' The access to the service control manager. For a list of access rights, see Service Security and Access Rights.
388 ''' </param>
389 ''' <returns>
390 ''' If the function succeeds, the return value is a handle to the specified service control manager database.
391 ''' </returns>
392 ''' <remarks>
393 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/winsvc/nf-winsvc-openscmanagera
394 ''' </remarks>
395 <DllImport(ExternDll.Advapi32, SetLastError:=True), ResourceExposure(ResourceScope.Machine)>
396 Friend Shared Function OpenSCManager(lpMachineName As String,
397 lpDatabaseName As String,
398 dwDesiredAccess As Int32) As IntPtr
399 End Function
400
401 ''' <summary>
402 ''' Creates a service object and adds it to the specified service control manager database.
403 ''' </summary>
404 ''' <param name="hScManager">
405 ''' A handle to the service control manager database. This handle is returned by the OpenSCManager function and must have the
406 ''' SC_MANAGER_CREATE_SERVICE access right.
407 ''' </param>
408 ''' <param name="lpServiceName">
409 ''' The name of the service to install. The maximum string length is 256 characters. The service control manager database preserves
410 ''' the case of the characters, but service name comparisons are always case insensitive. Forward-slash (/) and backslash () are
411 ''' not valid service name characters.
412 ''' </param>
413 ''' <param name="lpDisplayName">
414 ''' The display name to be used by user interface programs to identify the service. This string has a maximum length of 256 characters.
415 ''' The name is case-preserved in the service control manager. Display name comparisons are always case-insensitive.
416 ''' </param>
417 ''' <param name="dwDesiredAccess">
418 ''' The access to the service. Before granting the requested access, the system checks the access token of the calling process. For a list
419 ''' of values, see Service Security and Access Rights.
420 ''' </param>
421 ''' <param name="dwServiceType">
422 ''' The service type. This parameter can be one of the following values.
423 ''' </param>
424 ''' <param name="dwStartType">
425 ''' The service start options. This parameter can be one of the following values.
426 ''' </param>
427 ''' <param name="dwErrorControl">
428 ''' The severity of the error, and action taken, if this service fails to start. This parameter can be one of the following values.
429 ''' </param>
430 ''' <param name="lpBinaryPathName">
431 ''' The fully qualified path to the service binary file. If the path contains a space, it must be quoted so that it is correctly interpreted.
432 ''' </param>
433 ''' <param name="lpLoadOrderGroup">
434 ''' The names of the load ordering group of which this service is a member. Specify NULL or an empty string if the service does not belong to a group.
435 ''' </param>
436 ''' <param name="lpdwTagId">
437 ''' A pointer to a variable that receives a tag value that is unique in the group specified in the lpLoadOrderGroup parameter.
438 ''' Specify NULL if you are not changing the existing tag.
439 ''' </param>
440 ''' <param name="lpDependencies">
441 ''' A pointer to a double null-terminated array of null-separated names of services or load ordering groups that the system must start before
442 ''' this service. Specify NULL or an empty string if the service has no dependencies.
443 ''' </param>
444 ''' <param name="lpServiceStartName">
445 ''' The name of the account under which the service should run. If the service type is SERVICE_WIN32_OWN_PROCESS, use an account name in the
446 ''' form DomainName UserName.
447 ''' </param>
448 ''' <param name="lpPassword">
449 ''' The password to the account name specified by the lpServiceStartName parameter.
450 ''' </param>
451 ''' <returns>
452 ''' If the function succeeds, the return value is a handle to the service.
453 ''' </returns>
454 ''' <remarks>
455 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/winsvc/nf-winsvc-createservicea
456 ''' </remarks>
457 <DllImport(ExternDll.Advapi32, SetLastError:=True, CharSet:=CharSet.Auto)>
458 Friend Shared Function CreateService(hScManager As IntPtr, lpServiceName As String,
459 lpDisplayName As String, dwDesiredAccess As Int32, dwServiceType As Int32,
460 dwStartType As Integer, dwErrorControl As Int32, lpBinaryPathName As String,
461 lpLoadOrderGroup As String, lpdwTagId As Int32, lpDependencies As String,
462 lpServiceStartName As String, lpPassword As String) As IntPtr
463 End Function
464
465 ''' <summary>
466 ''' Enumerates services in the specified service control manager database. The name and status of each service are provided,
467 ''' along with additional data based on the specified information level.
468 ''' </summary>
469 ''' <param name="hScManager">
470 ''' A handle to the service control manager database. This handle is returned by the OpenSCManager function, and must have the SC_MANAGER_ENUMERATE_SERVICE access right.
471 ''' For more information, see Service Security and Access Rights.
472 ''' </param>
473 ''' <param name="infoLevel">
474 ''' The service attributes that are to be returned. Use SC_ENUM_PROCESS_INFO to retrieve the name and service status information for
475 ''' each service in the database.
476 ''' </param>
477 ''' <param name="dwServiceType">
478 ''' The type of services to be enumerated. This parameter can be one or more of the following values.
479 ''' </param>
480 ''' <param name="dwServiceState">
481 ''' The state of the services to be enumerated. This parameter can be one of the following values.
482 ''' </param>
483 ''' <param name="lpServices">
484 ''' A pointer to the buffer that receives the status information. The format of this data depends on the value of the InfoLevel parameter.
485 ''' </param>
486 ''' <param name="cbBufSize">
487 ''' The size of the buffer pointed to by the lpServices parameter, in bytes.
488 ''' </param>
489 ''' <param name="pcbBytesNeeded">
490 ''' A pointer to a variable that receives the number of bytes needed to return the remaining service entries, if the buffer is too small.
491 ''' </param>
492 ''' <param name="lpServicesReturned">
493 ''' A pointer to a variable that receives the number of service entries returned.
494 ''' </param>
495 ''' <param name="lpResumeHandle">
496 ''' A pointer to a variable that, on input, specifies the starting point of enumeration. You must set this value to zero the first time the
497 ''' EnumServicesStatusEx function is called.
498 ''' </param>
499 ''' <param name="pszGroupName">
500 ''' The load-order group name. If this parameter is a string, the only services enumerated are those that belong to the group that has the name
501 ''' specified by the string.
502 ''' </param>
503 ''' <returns>
504 ''' If the function succeeds, the return value is nonzero.
505 ''' </returns>
506 ''' <remarks>
507 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/winsvc/nf-winsvc-enumservicesstatusexa
508 ''' </remarks>
509 <DllImport(ExternDll.Advapi32, SetLastError:=True, CharSet:=CharSet.Auto)>
510 Friend Shared Function EnumServicesStatusEx(hScManager As IntPtr, infoLevel As Integer,
511 dwServiceType As Integer, dwServiceState As Integer,
512 lpServices As IntPtr, cbBufSize As UInt32,
513 ByRef pcbBytesNeeded As UInteger, ByRef lpServicesReturned As UInteger,
514 ByRef lpResumeHandle As UInteger, pszGroupName As String) As IntPtr
515 End Function
516
517
518 ''' <summary>
519 ''' Frees the specified local memory object and invalidates its handle.
520 ''' </summary>
521 ''' <param name="hMem">
522 ''' A handle to the local memory object. This handle is returned by either the LocalAlloc or LocalReAlloc function.
523 ''' It is not safe to free memory allocated with GlobalAlloc.
524 ''' </param>
525 ''' <returns>
526 ''' If the function fails, the return value is equal to a handle to the local memory object. To get extended error information, call GetLastError.
527 ''' </returns>
528 ''' <remarks>
529 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/winbase/nf-winbase-localfree
530 ''' </remarks>
531 <DllImport(ExternDll.Kernel32, SetLastError:=True)>
532 Friend Shared Function LocalFree(hMem As IntPtr) As IntPtr
533 End Function
534
535 ''' <summary>
536 ''' Formats a message string. The function requires a message definition as input. The message definition can come from a
537 ''' buffer passed into the function. It can come from a message table resource in an already-loaded module.
538 ''' </summary>
539 ''' <param name="dwFlags">
540 ''' The formatting options, and how to interpret the lpSource parameter. The low-order byte of dwFlags specifies how the
541 ''' function handles line breaks in the output buffer.
542 ''' </param>
543 ''' <param name="lpSource">
544 ''' The location of the message definition.
545 ''' </param>
546 ''' <param name="dwMessageId">
547 ''' The message identifier for the requested message. This parameter is ignored if dwFlags includes FORMAT_MESSAGE_FROM_STRING.
548 ''' </param>
549 ''' <param name="dwLanguageId">
550 ''' The language identifier for the requested message. This parameter is ignored if dwFlags includes FORMAT_MESSAGE_FROM_STRING.
551 ''' </param>
552 ''' <param name="lpBuffer">
553 ''' A pointer to a buffer that receives the null-terminated string that specifies the formatted message. If dwFlags includes FORMAT_MESSAGE_ALLOCATE_BUFFER,
554 ''' the function allocates a buffer using the LocalAlloc function, and places the pointer to the buffer at the address specified in lpBuffer.
555 ''' </param>
556 ''' <param name="nSize">
557 ''' If the FORMAT_MESSAGE_ALLOCATE_BUFFER flag is not set, this parameter specifies the size of the output buffer, in TCHARs. If FORMAT_MESSAGE_ALLOCATE_BUFFER is set,
558 ''' this parameter specifies the minimum number of TCHARs to allocate for an output buffer.
559 ''' </param>
560 ''' <param name="Arguments">
561 ''' An array of values that are used as insert values in the formatted message. A %1 in the format string indicates the first value in the Arguments array;
562 ''' a %2 indicates the second argument; and so on.
563 ''' </param>
564 ''' <remarks>
565 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/winbase/nf-winbase-formatmessage
566 ''' </remarks>>
567 <DllImport(ExternDll.Kernel32, EntryPoint:="FormatMessageW", SetLastError:=True, CharSet:=CharSet.Unicode, CallingConvention:=CallingConvention.StdCall)>
568 Friend Shared Function FormatMessage(dwFlags As Integer, ByRef lpSource As IntPtr, dwMessageId As Integer,
569 dwLanguageId As Integer, ByRef lpBuffer As IntPtr, nSize As Integer,
570 ByRef arguments As IntPtr) As IntPtr
571 End Function
572
573 ''' <summary>
574 ''' Retrieves information about the first process encountered in a system snapshot.
575 ''' </summary>
576 ''' <param name="hSnapshot">
577 ''' A handle to the snapshot returned from a previous call to the CreateToolhelp32Snapshot function.
578 ''' </param>
579 ''' <param name="lppe">
580 ''' A pointer to a PROCESSENTRY32 structure. It contains process information such as the name of the executable file, the process
581 ''' identifier, and the process identifier of the parent process.
582 ''' </param>
583 ''' <remarks>
584 ''' See https://docs.microsoft.com/en-us/windows/desktop/api/tlhelp32/nf-tlhelp32-process32first
585 ''' </remarks>
586 <DllImport(ExternDll.Kernel32, CharSet:=CharSet.Ansi, SetLastError:=True)>
587 Friend Shared Function Process32First(hSnapshot As IntPtr, ByRef lppe As WinProcessEntry) As <MarshalAs(UnmanagedType.Bool)> Boolean
588 End Function
589
590 ''' <summary>
591 ''' Retrieves information about the first process encountered in a system snapshot.
592 ''' </summary>
593 ''' <param name="hSnapshot">
594 ''' A handle to the snapshot returned from a previous call to the CreateToolhelp32Snapshot function.
595 ''' </param>
596 ''' <param name="lppe">
597 ''' A pointer to a PROCESSENTRY32 structure. It contains process information such as the name of the executable file, the process
598 ''' identifier, and the process identifier of the parent process.
599 ''' </param>
600 ''' <remarks>
601 ''' See https://docs.microsoft.com/en-gb/windows/desktop/api/tlhelp32/nf-tlhelp32-process32next
602 ''' </remarks>
603 <DllImport(ExternDll.Kernel32, CharSet:=CharSet.Ansi, SetLastError:=True)>
604 Friend Shared Function Process32Next(hSnapshot As IntPtr, ByRef lppe As WinProcessEntry) As <MarshalAs(UnmanagedType.Bool)> Boolean
605 End Function
606
607 ''' <summary>
608 ''' Takes a snapshot of the specified processes, as well as the heaps, modules, and threads used by these processes.
609 ''' </summary>
610 ''' <param name="dwFlags">
611 ''' The portions of the system to be included in the snapshot. This parameter can be one or more of the following values.
612 ''' </param>
613 ''' <param name="th32ProcessId">
614 ''' The process identifier of the process to be included in the snapshot. This parameter can be zero to indicate the current process.
615 ''' This parameter is used when the TH32CS_SNAPHEAPLIST, TH32CS_SNAPMODULE, TH32CS_SNAPMODULE32, or TH32CS_SNAPALL value is specified.
616 ''' </param>
617 ''' <remarks>
618 ''' See https://docs.microsoft.com/en-gb/windows/desktop/api/tlhelp32/nf-tlhelp32-createtoolhelp32snapshot
619 ''' </remarks>
620 <DllImport(ExternDll.Kernel32, CharSet:=CharSet.Auto, SetLastError:=True)>
621 Friend Shared Function CreateToolhelp32Snapshot(dwFlags As UInteger, th32ProcessId As UInteger) As IntPtr
622 End Function
623
624 ''' <summary>
625 ''' Displays a modal dialog box that contains a system icon, a set of buttons, and a brief application-specific message,
626 ''' such as status or error information. The message box returns an integer value that indicates which button the user clicked.
627 ''' </summary>
628 ''' <param name="hWnd">
629 ''' A handle to the owner window of the message box to be created. If this parameter is NULL, the message box has no owner window.
630 ''' </param>
631 ''' <param name="text">
632 ''' The message to be displayed. If the string consists of more than one line, you can separate the lines using a
633 ''' carriage return and/or linefeed character between each line.
634 ''' </param>
635 ''' <param name="caption">
636 ''' The dialog box title. If this parameter is NULL, the default title is Error.
637 ''' </param>
638 ''' <param name="type">
639 ''' The contents and behavior of the dialog box. This parameter can be a combination of flags from the following groups of flags.
640 ''' </param>
641 ''' <returns>
642 ''' If a message box has a Cancel button, the function returns the IDCANCEL value if either the ESC key is pressed or the Cancel button is selected.
643 ''' If the message box has no Cancel button, pressing ESC has no effect.
644 ''' </returns>
645 ''' <remarks>
646 ''' See https://docs.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-messagebox
647 ''' </remarks>
648 <DllImport(ExternDll.User32, CharSet:=CharSet.Auto, SetLastError:=True)>
649 Friend Shared Function MessageBox(hWnd As IntPtr, text As String, caption As String, type As UInteger) As Integer
650 End Function
651
652 ''' <summary>
653 ''' Deletes an existing file.
654 ''' </summary>
655 ''' <param name="lpFileName">
656 ''' The name of the file to be deleted.
657 ''' </param>
658 ''' <returns>
659 ''' If the function succeeds, the return value is nonzero.
660 ''' </returns>
661 ''' <remarks>
662 ''' See https://docs.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-deletefile
663 ''' </remarks>
664 <DllImport(ExternDll.Kernel32, SetLastError:=True, CharSet:=CharSet.Unicode)>
665 Friend Shared Function DeleteFile(lpFileName As String) As Boolean
666 End Function
667
668 ''' <summary>
669 ''' Retrieves file system attributes for a specified file or directory.
670 ''' </summary>
671 ''' <param name="lpFileName">
672 ''' The name of the file or directory.
673 ''' </param>
674 ''' <returns>
675 ''' If the function succeeds, the return value contains the attributes of the specified file or directory.
676 ''' </returns>
677 ''' <remarks>
678 ''' See https://docs.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-getfileattributesa
679 ''' </remarks>
680 <DllImport(ExternDll.Kernel32, SetLastError:=True, CharSet:=CharSet.Unicode)>
681 Friend Shared Function GetFileAttributes(lpFileName As String) As integer
682 End Function
683
684 ''' <summary>
685 ''' Sets the attributes for a file or directory.
686 ''' </summary>
687 ''' <param name="lpFileName">
688 ''' The name of the file whose attributes are to be set.
689 ''' </param>
690 ''' <param name="dwFileAttributes">
691 ''' The file attributes to set for the file.
692 ''' </param>
693 ''' <returns>
694 ''' If the function succeeds, the return value is nonzero.
695 ''' </returns>
696 ''' <remarks>
697 ''' See https://docs.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-setfileattributesa
698 ''' </remarks>
699 <DllImport(ExternDll.Kernel32, SetLastError:=True, CharSet:=CharSet.Unicode)>
700 Friend Shared Function SetFileAttributes(lpFileName As String, dwFileAttributes As integer) As boolean
701 End Function
702 End Class
703End Namespace