search

processhacker / plugins-extra

These are highly unstable, buggy, incomplete plugins that are not included with Process Hacker by default.
https://processhacker.sourceforge.io/
322 stars 113 forks source link

Firmware, Terminator, WaitChain, ExtendedTools & DotNetTools Plugin won't compile on PHNT_WIN10 - Win 10 LTSB (2016) x64 #27

Closed L-a-n-g-o-l-i-e-r-s closed 7 years ago

L-a-n-g-o-l-i-e-r-s commented 7 years ago

Hi there,

I can't seem to get these 3 plugins to compile in 32 or 64 bit under my Windows 10 LTSB (2016) x 64 machine. If I change PHNT_WIN from 10 back to 7 or 8 they will compile without issue. Is this because of API changes/updates differing since the release of Win 10 LTSB (2016)? Does anyone have this issue on an up to date windows 10 pro or otherwise installation?

Thanks, appreciate your time and work.

Here's what VS2015 community said: Severity Code Description Project File Line Suppression State Warning C4013 'NtEnumerateBootEntries' undefined; assuming extern returning int FirmwarePlugin C:\Users*\Downloads\processhacker-3.0.402-src\extraplugin\FirmwarePlugin\efi.c 81
Error C2220 warning treated as error - no 'object' file generated WaitChainPlugin C:\Users*\Downloads\processhacker-3.0.402-src\extraplugin\WaitChainPlugin\main.c 163 Warning C4013 'NtGetNextThread' undefined; assuming extern returning int WaitChainPlugin C:\Users*\Downloads\processhacker-3.0.402-src\extraplugin\WaitChainPlugin\main.c 163 Error C2220 warning treated as error - no 'object' file generated TerminatorPlugin C:\Users*\Downloads\processhacker-3.0.402-src\extraplugin\TerminatorPlugin\kph2.c 231 Warning C4013 'RtlDosPathNameToNtPathName_U_WithStatus' undefined; assuming extern returning int TerminatorPlugin C:\Users*\Downloads\processhacker-3.0.402-src\extraplugin\TerminatorPlugin\kph2.c 231 Error C2220 warning treated as error - no 'object' file generated TerminatorPlugin C:\Users*\Downloads\processhacker-3.0.402-src\extraplugin\TerminatorPlugin\terminator.c 200 Warning C4013 'NtGetNextProcess' undefined; assuming extern returning int TerminatorPlugin C:\Users*\Downloads\processhacker-3.0.402-src\extraplugin\TerminatorPlugin\terminator.c 200 Warning C4013 'NtGetNextThread' undefined; assuming extern returning int TerminatorPlugin C:\Users*\Downloads\processhacker-3.0.402-src\extraplugin\TerminatorPlugin\terminator.c 261 Error C2220 warning treated as error - no 'object' file generated FirmwarePlugin C:\Users*\Downloads\processhacker-3.0.402-src\extraplugin\FirmwarePlugin\efi.c 81

Hope that helps, let me know if there's something else I can do to help, thanks.

L-a-n-g-o-l-i-e-r-s commented 7 years ago

The standard plugins with PHNT_WIN10 two also failed to compile. "ExtendedTools" & "DotNetTools". Using latest Microsoft Visual Studio 2015 with all plugins enabled at install and totally up to date.

Severity Code Description Project File Line Suppression State Warning C4013 'RtlGetUnloadEventTraceEx' undefined; assuming extern returning int ExtendedTools C:\Users*\Downloads\processhacker-3.0.402-src\plugins\ExtendedTools\unldll.c 83
Error C2220 warning treated as error - no 'object' file generated ExtendedTools C:\Users*\Downloads\processhacker-3.0.402-src\plugins\ExtendedTools\thrdact.c 49
Warning C4013 'NtCancelSynchronousIoFile' undefined; assuming extern returning int ExtendedTools C:\Users*\Downloads\processhacker-3.0.402-src\plugins\ExtendedTools\thrdact.c 49
Error C2220 warning treated as error - no 'object' file generated ExtendedTools C:\Users*\Downloads\processhacker-3.0.402-src\plugins\ExtendedTools\objprp.c 205 Warning C4013 'NtAlpcQueryInformation' undefined; assuming extern returning int ExtendedTools C:\Users*\Downloads\processhacker-3.0.402-src\plugins\ExtendedTools\objprp.c 205 Warning C4013 'NtQueryInformationWorkerFactory' undefined; assuming extern returning int ExtendedTools C:\Users*\Downloads\processhacker-3.0.402-src\plugins\ExtendedTools\objprp.c 270 Error C2220 warning treated as error - no 'object' file generated ExtendedTools C:\Users*\Downloads\processhacker-3.0.402-src\plugins\ExtendedTools\unldll.c 83
Error C2220 warning treated as error - no 'object' file generated DotNetTools C:\Users*\Downloads\processhacker-3.0.402-src\plugins\DotNetTools\counters.c 549 Warning C4013 'RtlCreateBoundaryDescriptor' undefined; assuming extern returning int DotNetTools C:\Users*\Downloads\processhacker-3.0.402-src\plugins\DotNetTools\counters.c 549 Warning C4047 '=': 'PVOID' differs in levels of indirection from 'int' DotNetTools C:\Users*\Downloads\processhacker-3.0.402-src\plugins\DotNetTools\counters.c 549 Warning C4013 'RtlAddSIDToBoundaryDescriptor' undefined; assuming extern returning int DotNetTools C:\Users\Porter\Downloads\processhacker-3.0.402-src\plugins\DotNetTools\counters.c 555 Warning C4013 'NtOpenPrivateNamespace' undefined; assuming extern returning int DotNetTools C:\Users*\Downloads\processhacker-3.0.402-src\plugins\DotNetTools\counters.c 607 Warning C4013 'RtlDeleteBoundaryDescriptor' undefined; assuming extern returning int DotNetTools C:\Users*\Downloads\processhacker-3.0.402-src\plugins\DotNetTools\counters.c 691

Thanks.

dmex commented 7 years ago

It looks like you forgot to compile the SDK... Have you tried running "processhacker2\build\sdk\makesdk_rebuild.cmd" ?

L-a-n-g-o-l-i-e-r-s commented 7 years ago

So you're saying I need to rebuild the SDK each time I change PHNT_WIN? I did build the SDK with the most recent source prior to the plugins, compiling those select plugins doesn't fail on my machine if PHNT_WIN8 or WIN7 is set, only on PHNT_WIN10 do those specific ones fail to compile for me on my win 10 x64 LTSB (2016) pc. :cry: :8ball:

dmex commented 7 years ago

So you're saying I need to rebuild the SDK each time I change PHNT_WIN

Yes

doesn't fail on my machine if PHNT_WIN8 or WIN7 is set

The SDK and phlib also need to be changed but they're shared with separate projects... You won't need to getprocaddress or change the PHNT level if you copy/paste the native function definition into your plugin?

L-a-n-g-o-l-i-e-r-s commented 7 years ago

I don't understand what you mean by the latter half "You won't need to getprocaddress or change the PHNT level if you copy/paste the native function definition into your plugin?" not designing a plugin, compiling the plugins here.

VS 2017 community will not download for me no matter what I do, I can't understand why, google hasn't been any help. :cry:

dmex commented 7 years ago

I don't understand what you mean by the latter half

The PHNT headers are shared across multiple projects/plugins and changing the PHNT level will likely cause that very same 'undefined' problem you're seeing... It's not something that can be changed easily.

If there is an API you need to use then just copy the function definition into your code and the linker will automatically preform the work of doing a loadlibrary/getprocaddress just like all the other native functions.

For example you can't use the "NtCreateWaitCompletionPacket" function because the PHNT_VERSION is not high enough so you just the API definition into the plugin:

NTSYSCALLAPI
NTSTATUS
NTAPI
NtCreateWaitCompletionPacket(
    _Out_ PHANDLE WaitCompletionPacketHandle,
    _In_ ACCESS_MASK DesiredAccess,
    _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
    );

Now you can call that API just like normal and without having to change the PHNT_VERSION level or do any loadlibrary/getprocaddress - It's all done for you automatically by the linker.