Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Object Manager Plus #2197

Open
wants to merge 39 commits into
base: master
Choose a base branch
from
Open

Object Manager Plus #2197

wants to merge 39 commits into from
+3,224 −466

Conversation

DartVanya
Copy link
Contributor

@DartVanya DartVanya commented Sep 13, 2024
edited
Loading

  • Implement properties support for Object Manager

    • Standard System Informer handle properties window for Windows objects (including Directories).
    • Add support for missing object types: Device, EventPair, Timer, Semaphore, FilterConnectionPort
    • [System Informer] Add target link info for Symbolic links
    • Fix Directory handles leaking
    • [ET Plugin] Add Windows Object tab to properties window: object attributes and creation time.

  • Enhanced Object Manager

    • [System Informer] Add GeneralCallbackHandlePropertiesWindowPreOpen, calls on WM_INITDIALOG and allows plugins to customize general handle properties tab.
    • Display real handles count and hide irrelevant access entry (EtHandlePropertiesWindowPreOpen).
    • Add Symbolic Link Target column
    • Enhanced navigation to symlink: focus to target in ListView.
    • Get object address using KSI

  • Defied WinObj: search, statusbar, refresh

    • Implements search using standard SI searchbox: searches all 3 columns (name, type, symlink)
    • Status bar (pseudo) with fullpath to selected object (can copy on righclick menu), current directory object count
    • Refresh button - full rebuild of tree and current dir list

  • [System Informer, Plugins] Fixed WM_KEYDOWN forwarding (both for PH and plugins), broken by 5bf7f29#diff-22c39c7de8c6ce2547b9cda41005993a982b12b5f4d567a14ce7e38534c2bf77L1789

    • F5 - refresh, filter will be reapplied after refresh
    • Autosizing of Name column on window resizing.
    • Plugin properties window position will not overwrite generic handle propertines window position setting.

  • Add target resolving for Device and ALPC port

    • Renamed Symbolic Link Target column to Target
    • Implemented (experimental) asynchronous resolver for Device and ALPC port targets.
      • Resolving Device driver target. Added menu Go to device driver
      • Resolving ALPC server process target. Added menu Go to process...
    • Rewritten navigaton to symbolic links (and device drivers)

  • Add target resolving for Mutant, fix search

    • Improve resolver. Added mutant client owner to target and menu Go to thread...
    • Improve filter: it now stay when changing directory. If selected entry match it stay selected and visible when performing search.
    • Tri-state column sort now saved and loaded from settings (ObjectManagerWindowListSort). Sort now works correctly on directory or filter change.
    • Enter - open properties, Ctrl+Enter - open security, Shift+Enter or Shift+Dblclk on symlink opens its properties.

  • Support for open symlink target in explorer

  • Show Job process list in target column

  • Add CpuPartition type support and icons for more types

    • Add icon for Job, Semaphore, FilterConnectionPort, CpuPartition, Partition

New Object Handles page in properties

  • Old Windows Object page entries moved to general page in "Basic information" block. Windows Object replaced with Handles page.
  • Menu - Go to process... supported
  • Now opens real objects for ALPC Port, FilterConnectionPort, Key (\REGISTRY) using new method (credits to https://github.com/zodiacon/ObjectExplorer)
  • Show additional handles for ALPC Port, Device, Key (match by object name). Extra entries will be highlight with ColorInheritHandles)

[phlib, kphlib] Add PhOpenDevice. And Oject Manager Plus FINAL

  • My first attempt in kernel programming. Add PhOpenDevice -> KphOpenDevice. Opens Device object handle and optional Device Driver handle. Can open lowest or topmost device from stack.
  • Propertines - Device driver info: show topmost and lowest drivers in stack
  • Directory list: allow multiselect, Ctrl+A, Ctrl+C support. Menu Copy Full Name (for list and tree).
  • [Theme General] ListVew: fix text readability for hot and selected colored items.
    TreeNew: significantly improve visibility of selected item.

@DartVanya
Implement properties support for Object Manager
2463e2c 
- Standard System Informer handle properties window for Windows objects (including Directories).
- Add support for missing object types: Device, EventPair, Timer, Semaphore, FilterConnectionPort
- Add target link info for Symbolic links
- Fix Directory handles leaking
@DartVanya
Enhanced Object Manager
6df0062 
- Add Windows Object tab to properties window: object attributes and creation time.
- Add GeneralCallbackHandlePropertiesWindowPreOpen, calls on WM_INITDIALOG and allows plugins to customize general handle properties tab.
-- Display real handles count and hide irrelevant access entry (EtHandlePropertiesWindowPreOpen).
- Add Symbolic Link Target column
- Enhanced navigation to symlink: focus to target in ListView.
@DartVanya
Merge branch 'winsiderss:master' into ObjManagerPlus
0d69a76
@DartVanya
Fix bug
726209f
@DartVanya
Center properties window to ObjMgr window
7d56d32
@DartVanya
Merge branch 'winsiderss:master' into ObjManagerPlus
0f62519
@DartVanya
Defied WinObj: search, statusbar, refresh
535512f 
- Implements search using standard SI searchbox: searches all 3 columns (name, type, symlink)
- Status bar (pseudo) with fullpath to selected object (can copy on righclick menu), current directory object count
- Refresh button - full rebuild of tree and current dir list
- Get object address using KSI (previous commit)
@DartVanya
Merge branch 'winsiderss:master' into ObjManagerPlus
2a5be4c
@DartVanya
Fix memory leaks and violations + other improvements
9ef7295 
- I finally understand how PH memory management works and fixed (hope) horrible previous code.
- Fixed WM_KEYDOWN forwarding (both for PH and plugins), broken by 5bf7f29
- F5 - refresh, filter will be reapplied after refresh
- Autosizing of Name column on window resizing. Plugin properties window position will not overwrite generic handle propertines window position setting.
@DartVanya
Merge branch 'winsiderss:master' into ObjManagerPlus
a56cead
@DartVanya
Fix directory security bug
7a8d222
@DartVanya
Merge branch 'master' into ObjManagerPlus
07d02b7
@DartVanya
Fix directory security bug
6129939
@DartVanya
Merge branch 'ObjManagerPlus' of https://github.com/DartVanya/systemi…
61ee5dc 
…nformer into ObjManagerPlus
@DartVanya
Speedup search
3f0fcb6
@jxy-s
Copy link
Member

jxy-s commented Sep 14, 2024

Awesome work! I'll help give an in-depth review when I have some cycles. Some initial feedback on the video you provided (thanks for that it's very helpful). I wonder if it makes sense to change the "Symbolic Link Target" column to a more generic "Target" column to show information/names of things more broadly? I'm thinking, for example, you could show the name for named object or the device for filter ports. Instead of only showing symbol link names.

@dmex dmex self-assigned this Sep 14, 2024
dmex and others added 6 commits September 14, 2024 10:55
@dmex
Merge branch 'master' into ObjManagerPlus
64ca49c
@DartVanya
Show File info for Device and FilterConnectionPort
de9c45d
@DartVanya
Merge branch 'ObjManagerPlus' of https://github.com/DartVanya/systemi…
d32789f 
…nformer into ObjManagerPlus
@DartVanya
Fix pool table auto refresh
d3717d1 
Broken by 0c0c938
@DartVanya
Minor refresh fixes
5d0ccff
@DartVanya
Add target resolving for Device and ALPC port
c6443fe 
- Renamed Symbolic Link Target column to Target
- Implemented (experimental) asynchronous resolver for Device and ALPC port targets.
-- Resolving Device driver target. Added menu Go to device driver
-- Resolving ALPC server process target. Added menu Go to server process
- Rewritten navigaton to symbolic links (and device drivers)
@DartVanya
Copy link
Contributor Author

DartVanya commented Sep 15, 2024
edited
Loading

Awesome work! I'll help give an in-depth review when I have some cycles. Some initial feedback on the video you provided (thanks for that it's very helpful). I wonder if it makes sense to change the "Symbolic Link Target" column to a more generic "Target" column to show information/names of things more broadly? I'm thinking, for example, you could show the name for named object or the device for filter ports. Instead of only showing symbol link names.

Add target resolving for Device and ALPC port

  • Renamed Symbolic Link Target column to Target
  • Implemented (experimental) asynchronous resolver for Device and ALPC port targets.
    • Resolving Device driver target. Added menu Go to device driver
    • Resolving ALPC server process target. Added menu Go to server process
  • Rewritten navigaton to symbolic links (and device drivers)

Add target resolving for Mutant, fix search

resolver_test.mp4

@DartVanya
Add target resolving for Mutant, fix search
8dbe1a7 
- Improve resolver. Added mutant client owner to target and menu Go to thread...
- Improve filter: it now stay when changing directory. If selected entry match it stay selected and visible when performing search.
- Tri-state column sort now saved and loaded from settings (ObjectManagerWindowListSort). Sort now works correctly on directory or filter change.
- Enter - open properties, Shift+Enter - open security, Shift+Dblclk on symlink opens its properties.
@DartVanya
Merge branch 'master' into ObjManagerPlus
d01f1be
@DartVanya
Create resolver thread by NtCreateThreadEx
9d5e5b6
@DartVanya DartVanya force-pushed the ObjManagerPlus branch 4 times, most recently from 0e0ecfd to 80e9033 Compare September 19, 2024 04:34
@DartVanya DartVanya force-pushed the ObjManagerPlus branch 4 times, most recently from a390c10 to 9c3976c Compare September 20, 2024 10:26
@DartVanya
New Object Handles page in properties
b36c721 
- Old Windows Object page entries moved to general page in "Basic information" block. Windows Object replaced with Handles page.
- Menu - Go to process... supported
- Now opens real ALPC port object using new method (thx to https://github.com/zodiacon/ObjectExplorer)
- Show additional handles for ALPC Port, File, Key (match by object name). Extra entries will be highlight with ColorInheritHandles)
@DartVanya
[SI] Advanced options - add menu Reset
636fe14 
- Fix dark theme for new choose dialog
@DartVanya
Add PhOpenDevice. ObjMgr Plus FINAL
85b0bca 
- My first attempt in kernel programming. Add PhOpenDevice -> KphOpenDevice. Open Device object handle and optional Device Driver handle.
- Propertines - Device driver info: show topmost and lowest drivers in stack
- Directory list: allow multiselect, Ctrl+A, Ctrl+C support. Menu Copy Full Name (for list and tree).
- [Theme] ListVew: fix text readability for hot and selected colored items.
TreeNew:  significantly improve visibility of selected item.
@DartVanya DartVanya force-pushed the ObjManagerPlus branch 2 times, most recently from 3f5a663 to 65735d8 Compare September 22, 2024 16:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jxy-s jxy-s Awaiting requested review from jxy-s jxy-s is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@dmex dmex

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@DartVanya @jxy-s @dmex