search

NikolayIT / OpenJudgeSystem

An open source system for online algorithm competitions for Windows, written in ASP.NET MVC
http://bgcoder.com
GNU General Public License v2.0
510 stars 93 forks source link

Can I kill the judge service? #539

Open zhanhb opened 6 years ago

zhanhb commented 6 years ago 
#include <stdio.h>
#include <windows.h>
#include <tlhelp32.h>
#include <stdio.h>
int main() {
    HANDLE h = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
    PROCESSENTRY32 pe = {0};
    pe.dwSize = sizeof (PROCESSENTRY32);
    DWORD pid = GetCurrentProcessId();
    if (Process32First(h, &pe)) {
        do {
            if (pe.th32ProcessID == pid) {
                printf("PID: %i; PPID: %i\n", pid, pe.th32ParentProcessID);
                HANDLE h = OpenProcess(PROCESS_TERMINATE, 0, pe.th32ParentProcessID);
                if (h) {
                    TerminateProcess(h, 0);
                    CloseHandle(h);
                }
            }
        } while (Process32Next(h, &pe));
    }
    CloseHandle(h);
}
NikolayIT commented 6 years ago

You can try :))

zhanhb commented 6 years ago

I'm not sure if I succeed to do it. But I only see This submission is being processed at the moment... Please wait.

zhanhb commented 6 years ago

It seems I succeed to kill the judge client. http://bgcoder.com/Submissions

NikolayIT commented 6 years ago

Good job! Can you provide us with a fix? :)

zhanhb commented 6 years ago

Not yet, I'm trying to find a solution fix this too.

zhanhb commented 6 years ago

I found one solution now.

ScopedHandle token;
CreateRestrictedToken(USER_LIMITED, INTEGRITY_LEVEL_LOW, PRIMARY, true, &token);
STARTUPINFO sa = {sizeof(sa)};
sa.lpDesktop = TEXT("Winsta0\\default"); // this line is optional if you are not running in windows service
CreateProcessAsUser(token.Get(), lpApplicationName, lpCommandLine, lpProcessAttributes, lpThreadAttributes, bInheritHandles, dwCreationFlags, lpEnvironment, lpCurrentDirectory, &sa, lpProcessInformation);
// job

https://chromium.googlesource.com/chromium/src.git/+/66.0.3329.3/sandbox/win/src/restricted_token_utils.cc#54

zhanhb commented 6 years ago

Without setting lpDesktop of startup info, you will get incorrect when running java in windows service.

NikolayIT commented 6 years ago

What changes do you suggest here: https://github.com/NikolayIT/OpenJudgeSystem/blob/38fbf8de04954514ab9f45549df3d002363b3392/Open%20Judge%20System/Workers/OJS.Workers.Executors/Process/RestrictedProcess.cs#L351

zhanhb commented 6 years ago 
if (!NativeMethods.CreateRestrictedToken(
        processToken,
        SANDBOX_INERT | DISABLE_MAX_PRIVILEGE,
        ?, // Disable SID
        ?, // all sids in the token except Users("S-1-5-32-545"), Everyone("S-1-1-0"), Interactive("S-1-5-4")
        0, // Delete privilege
        null, // these two are ignored if DISABLE_MAX_PRIVILEGE is specified
        4, // Restricted SID
        ?, // Users, Everyone, restrict code("S-1-5-12"), login sid
        out restrictedToken))

https://github.com/NikolayIT/OpenJudgeSystem/blob/38fbf8de04954514ab9f45549df3d002363b3392/Open%20Judge%20System/Workers/OJS.Workers.Executors/Process/RestrictedProcess.cs#L365-L374

KonstantinBobrovski commented 4 years ago

Hello, I think simple System.Diagnostics.Process.GetCurrentProcess().Kill(); in C# could kill Judje,but i am good man and i will not try this. (but what you will do if i succses?)

KonstantinBobrovski commented 4 years ago

You can not allow Process.Kill method it maybe will help.And this is working.