KillProcess – Terminate any application

KillProcess – Terminate any application

Private Type LUID   lowpart As Long   highpart As LongEnd TypePrivate Type TOKEN_PRIVILEGES    PrivilegeCount As Long    LuidUDT As LUID    Attributes As LongEnd TypeConst TOKEN_ADJUST_PRIVILEGES = &H20Const TOKEN_QUERY = &H8Const SE_PRIVILEGE_ENABLED = &H2Const PROCESS_ALL_ACCESS = &H1F0FFFPrivate Declare Function GetVersion Lib "kernel32" () As LongPrivate Declare Function GetCurrentProcess Lib "kernel32" () As LongPrivate Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As _    LongPrivate Declare Function OpenProcessToken Lib "advapi32" (ByVal ProcessHandle _    As Long, ByVal DesiredAccess As Long, TokenHandle As Long) As LongPrivate Declare Function LookupPrivilegeValue Lib "advapi32" Alias _    "LookupPrivilegeValueA" (ByVal lpSystemName As String, _    ByVal lpName As String, lpLuid As LUID) As LongPrivate Declare Function AdjustTokenPrivileges Lib "advapi32" (ByVal _    TokenHandle As Long, ByVal DisableAllPrivileges As Long, _    NewState As TOKEN_PRIVILEGES, ByVal BufferLength As Long, _    PreviousState As Any, ReturnLength As Any) As LongPrivate Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As _    Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As LongPrivate Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As _    Long, ByVal uExitCode As Long) As Long' Terminate any application and return an exit code to Windows' This works under NT/2000, even when the calling process' doesn't have the privilege to terminate the application' (for example, this may happen when the process was launched'  by yet another program)'' Usage:  Dim pID As Long'         pID = Shell("Notepad.Exe", vbNormalFocus)'         '...'         If KillProcess(pID, 0) Then'             MsgBox "Notepad was terminated"'         End IfFunction KillProcess(ByVal hProcessID As Long, Optional ByVal ExitCode As Long) _    As Boolean    Dim hToken As Long    Dim hProcess As Long    Dim tp As TOKEN_PRIVILEGES        ' Windows NT/2000 require a special treatment    ' to ensure that the calling process has the    ' privileges to shut down the system        ' under NT the high-order bit (that is, the sign bit)    ' of the value retured by GetVersion is cleared    If GetVersion() >= 0 Then        ' open the tokens for the current process        ' exit if any error        If OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES Or _            TOKEN_QUERY, hToken) = 0 Then            GoTo CleanUp        End If                ' retrieves the locally unique identifier (LUID) used        ' to locally represent the specified privilege name        ' (first argument = "" means the local system)        ' Exit if any error        If LookupPrivilegeValue("", "SeDebugPrivilege", tp.LuidUDT) = 0 Then            GoTo CleanUp        End If            ' complete the TOKEN_PRIVILEGES structure with the # of        ' privileges and the desired attribute        tp.PrivilegeCount = 1        tp.Attributes = SE_PRIVILEGE_ENABLED            ' try to acquire debug privilege for this process        ' exit if error        If AdjustTokenPrivileges(hToken, False, tp, 0, ByVal 0&, _            ByVal 0&) = 0 Then            GoTo CleanUp        End If    End If        ' now we can finally open the other process    ' while having complete access on its attributes    ' exit if any error    hProcess = OpenProcess(PROCESS_ALL_ACCESS, 0, hProcessID)    If hProcess Then        ' call was successful, so we can kill the application        ' set return value for this function        KillProcess = (TerminateProcess(hProcess, ExitCode) <> 0)        ' close the process handle        CloseHandle hProcess    End If        If GetVersion() >= 0 Then        ' under NT restore original privileges        tp.Attributes = 0        AdjustTokenPrivileges hToken, False, tp, 0, ByVal 0&, ByVal 0&        CleanUp:        If hToken Then CloseHandle hToken    End IfEnd Function

Share the Post:
XDR solutions

The Benefits of Using XDR Solutions

May 24, 2023

Cybercriminals constantly adapt their strategies, developing newer, more powerful, and intelligent ways to attack your network. Since security professionals must innovate as well, more conventional endpoint detection solutions have evolved

AI is revolutionizing fraud detection

How AI is Revolutionizing Fraud Detection

May 23, 2023

Artificial intelligence – commonly known as AI – means a form of technology with multiple uses. As a result, it has become extremely valuable to a number of businesses across

AI innovation

Companies Leading AI Innovation in 2023

May 22, 2023

Artificial intelligence (AI) has been transforming industries and revolutionizing business operations. AI’s potential to enhance efficiency and productivity has become crucial to many businesses. As we move into 2023, several

data fivetran pricing

Fivetran Pricing Explained

May 17, 2023

One of the biggest trends of the 21st century is the massive surge in analytics. Analytics is the process of utilizing data to drive future decision-making. With so much of

kubernetes logging

Kubernetes Logging: What You Need to Know

May 16, 2023

Kubernetes from Google is one of the most popular open-source and free container management solutions made to make managing and deploying applications easier. It has a solid architecture that makes

ransomware cyber attack

Why Is Ransomware Such a Major Threat?

May 15, 2023

One of the most significant cyber threats faced by modern organizations is a ransomware attack. Ransomware attacks have grown in both sophistication and frequency over the past few years, forcing

data dictionary

Tools You Need to Make a Data Dictionary

May 12, 2023

Data dictionaries are crucial for organizations of all sizes that deal with large amounts of data. they are centralized repositories of all the data in organizations, including metadata such as

Show More