Jump to content

Kill an Entire Process Tree


Recommended Posts

I am building a RunAs Manager that runs applications under alternate credentials. I am using this application in locked down computing environments where a Manager may need to use one of our custom applications with elevated privileges. We are having problems with the Managers leaving the applications they opened with elevated privileges running when they are done. This poses some serious security risks.

I am trying to compensate for human "stupidity" by adding a timer to my RunAs Manager that will automatically close all applications opened by the manager after X amount of minutes, and alternately will terminate all applications opened once it is closed. I thought that I would simply keep track of all PIDs returned by the Run method, but some applications spawn other processes once run. In these cases, this approach won't work.

I need to find a way to terminate an entire process tree. I noticed that any application started by my RunAs Manager becomes part of a process tree that resides under my RunAs Manager's process. I found this out by using Process Explorer. Does anyone know how to find parent/child relationships between processes in AutoIT?

Link to comment
Share on other sites

Here are the fruits of my short labor. I haven't tested this UDF to much beyond the scope of my little project, but it should prove useful to someone. If anything it will point someone in the right direction.

The functions in this UDF are as follows:

_processChildren( $pidItem [, $identifier] )

Description: Returns a 2 dimensional array of a given PID's children's PIDs and Names

Syntax: _processChildren( $pidItem [, $identifier] )

_processKillTree($pid)

Description: Terminates a given PID and all it's decendants.

Syntax: _processKillTree($pid)

_processPidByName($pName)

Description: Returns the PID of a process by its name

Syntax: _processPidByName($pName)

Enjoy!! I will add more functions to this when I get time.

processFunctions.au3

Edited by ktuimala
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...