Help with security program

juggernot

juggernot

Well-known member
Joined
Sep 28, 2006
Messages
173
Programming Experience
Beginner
I've got an idea for a security program, or part of one, which I would like to create. I need help organizing my thoughts into code. My program would find all current running processes. For a process to run, the user would have to add it to the list of acceptable processes(unless it is a windows process) on its first start up. There would also be a list of unacceptable processes, which the program would not allow to run.

Here is where I am. I just found out how to access the processes. This is my code so far:
Dim processes() As System.Diagnostics.Process
Dim process As New System.Diagnostics.Process
Dim array1 As Array
processes = process.GetProcesses("MyComputer")
For Each process In processes
Me.TextBox1.Text += process.ProcessName & vbNewLine
Next

So my question is really, what to do next?, do you have any tips?, etc.
 
Sort by date Sort by votes
Maybe use the My.Settings variables to contain a string array of acceptable process names. Then, if a process isn't on the list, it gets killed.

It might be tricky determining if it is a Windows process though, unless you already have an idea of how to do this.
 
Upvote 0 Downvote
Here's an update. I'm now using serilization to save and load my files, which save from, and load to the arrays acceptarray or unacceptarray. I then check to see if my processes() array contains any of the entries of the acceptarray or unacceptarray. If it finds a match under the acceptarray, nothing happens, if it finds a match under the unacceptarray, the process is killed and the user is notified in a messagebox. It it is not found on either list, the user is notified and must choose which list it belongs in.

The problem I'm having is that It isn't finding the processes that should be in acceptarray, or the ones in unacceptarray. I'm going to post the majority of my code below, I hope someone can point out my error(s). Sorry, I know It's a lot of code to go through.

Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
Dim processes() As System.Diagnostics.Process
Dim process As New System.Diagnostics.Process
Dim acceptcheck As New Acceptable
Dim unacceptcheck As New Unacceptable
If IO.File.Exists(Application.StartupPath & "\accept.cfg") = False Then
Dim myFileStream As New FileStream(Application.StartupPath & "\accept.cfg", FileMode.OpenOrCreate) 'Open the file stream...
Dim myBinaryFormatter As New BinaryFormatter
'adding some windows process to the accept list, so it doesn't try to deserialize an empty stream later
acceptcheck.Strprocess = "svchost"
acceptarray.Add(acceptcheck)
acceptcheck.Strprocess = ""
acceptcheck.Strprocess = "explorer"
acceptarray.Add(acceptcheck)
acceptcheck.Strprocess = ""
acceptcheck.Strprocess = "taskmgr"
acceptarray.Add(acceptcheck)
acceptcheck = Nothing

myBinaryFormatter.Serialize(myFileStream, acceptarray) 'Using our formatter, write the alAllUsers to disk.

myFileStream.Close()
myBinaryFormatter = Nothing
End If
If IO.File.Exists(Application.StartupPath & "\unaccept.cfg") = False Then
Dim myfilestream As New FileStream(Application.StartupPath & "\unaccept.cfg", FileMode.OpenOrCreate)
Dim mybinaryformatter As New BinaryFormatter
'I chose winamp just for testing purposes, and so it didn't deserialize an empty stream
unacceptcheck.Strprocess = "winamp"
unacceptarray.Add(unacceptcheck)
unacceptcheck = Nothing

mybinaryformatter.Serialize(myfilestream, unacceptarray)
myFileStream.Close()
myBinaryFormatter = Nothing
End If

End Sub

Private Sub Timer1_Tick(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Timer1.Tick
Dim processes() As System.Diagnostics.Process
Dim process As New System.Diagnostics.Process

Dim myFileStream As New FileStream(Application.StartupPath & "\accept.cfg", FileMode.Open)
Dim myfilestream2 As New FileStream(Application.StartupPath & "\unaccept.cfg", FileMode.Open)
Dim myBinaryFormatter As New BinaryFormatter
Dim mybinaryformatter2 As New BinaryFormatter

acceptarray = DirectCast(myBinaryFormatter.Deserialize(myFileStream), ArrayList)
myFileStream.Close()
myBinaryFormatter = Nothing

unacceptarray = DirectCast(mybinaryformatter2.Deserialize(myfilestream2), ArrayList)

myfilestream2.Close()

mybinaryformatter2 = Nothing
processes = process.GetProcesses("MyComputer")
For Each process In processes

If acceptarray.Contains(process.ProcessName) Then
ElseIf unacceptarray.Contains(process.ProcessName) Then
process.Kill()
MessageBox.Show("An unathorized process has been terminated. If this is a legitimate process, please transfer it from the unacceptable list to the acceptable list." & vbNewLine & "Process Name: " & process.ToString, "Unathorized Process", MessageBoxButtons.OK, MessageBoxIcon.Warning)
Else
MessageBox.Show("A process is trying to run for the first time. Add it to the acceptable processes list? Choosing no will automatically add the process to the unacceptable process list" & vbNewLine & process.ToString, "New Process", MessageBoxButtons.YesNo, MessageBoxIcon.Warning)
End If
 
Upvote 0 Downvote
You have this:

VB.NET: 
If acceptarray.Contains(process.ProcessName) Then
ElseIf unacceptarray.Contains(process.ProcessName) Then

It looks like you aren't telling it to do anything if the process is acceptable. You might want something like:

VB.NET: 
If unacceptarray.Contains(process.ProcessName) Then
process.Kill()
Else If Not acceptarray.Contains(process.ProcessName) Then
'do your code to let the user decide what to do about a new process
.....
 
Upvote 0 Downvote
I agree that would be more effecient, However I am still having problems with it recognizing the processes. When I run my program, for every process I have running it says it is not in acceptarray or unacceptarray. As shown in my code, I've tried to add some windows processes to the acceptarray , and I use winamp as my gunie pig for the unacceptarray. However, All those processes are being treated as processes that aren't in either list.
 
Last edited:
Upvote 0 Downvote
Wow, I'm an Idiot. Anyhow, I've got my code working now, I realized I was using classes when I really didn't need to. My next question is, how do I find the filepath for a process? When a user is prompted about a process, I would like to tell him where the .exe file is. I did some googling, but the only answers I could find involved API, which I find complicated. Is there a simpler way to do this?
 
Upvote 0 Downvote
Read it from the MainModule property of the process.
VB.NET: 
MsgBox(Process.GetCurrentProcess.MainModule.FileName)
 
Upvote 0 Downvote

Similar threads

L
  • Question
Advice needed
Replies
3
Views
482
jdelano
J
Pixel-Ink
  • Question
Resolved No Windows Explorer in Enumerated Window List in Listbox
Replies
7
Views
1K
Pixel-Ink
Pixel-Ink
J
  • Solved
Can't find where my mistake is
Replies
11
Views
689
jdelano
J
RobertAlanGustafsonII
  • Solved
Question How do I determine when Skype for Desktop is "ready" to process an argument-supplied action?
Replies
7
Views
2K
jmcilhinney
jmcilhinney
J
  • Question
I can see the Excel Workbook, but the WorkSheet methods etc don't work :(
Replies
4
Views
2K
johnhoens
J

Share this page

Latest posts

Back
Top