Added x86/x64 check.

KN4CK3R · KN4CK3R · commit 773312ed6096 · 2017-09-02T00:22:02.000+02:00
diff --git a/PipeServer/Messages.cpp b/PipeServer/Messages.cpp
@@ -76,14 +76,60 @@ bool EnumerateRemoteSectionsAndModulesRequest::Handle(MessageClient& client)
 //---------------------------------------------------------------------------
 bool EnumerateProcessHandlesRequest::Handle(MessageClient& client)
 {
+	enum class Platform
+	{
+		Unknown,
+		X86,
+		X64
+	};
+
+	const auto GetProcessPlatform = [](HANDLE process) -> Platform
+	{
+		static USHORT processorArchitecture = PROCESSOR_ARCHITECTURE_UNKNOWN;
+		if (processorArchitecture == PROCESSOR_ARCHITECTURE_UNKNOWN)
+		{
+			SYSTEM_INFO info = {};
+			GetNativeSystemInfo(&info);
+
+			processorArchitecture = info.wProcessorArchitecture;
+		}
+
+		switch (processorArchitecture)
+		{
+		case PROCESSOR_ARCHITECTURE_INTEL:
+			return Platform::X86;
+		case PROCESSOR_ARCHITECTURE_AMD64:
+			BOOL isWow64 = FALSE;
+			if (IsWow64Process(process, &isWow64))
+			{
+				return isWow64 ? Platform::X86 : Platform::X64;
+			}
+
+#ifdef RECLASSNET64
+			return Platform::X64;
+#else
+			return Platform::X86;
+#endif
+		}
+		return Platform::Unknown;
+	};
+
 	auto handles = GetAvailableHandles(PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE);
 
 	for (auto handle : handles)
 	{
-		WCHAR path[PATH_MAXIMUM_LENGTH];
-		GetModuleFileNameExW(handle, nullptr, path, PATH_MAXIMUM_LENGTH);
-
-		client.Send(EnumerateProcessHandlesResponse(handle, path));
+		auto platform = GetProcessPlatform(handle);
+#ifdef RECLASSNET64
+		if (platform == Platform::X64)
+#else
+		if (platform == Platform::X86)
+#endif
+		{
+			WCHAR path[PATH_MAXIMUM_LENGTH];
+			GetModuleFileNameExW(handle, nullptr, path, PATH_MAXIMUM_LENGTH);
+
+			client.Send(EnumerateProcessHandlesResponse(handle, path));
+		}
 	}
 
 	client.Send(StatusResponse(nullptr, true));
diff --git a/PipeServer/PipeServer.vcxproj b/PipeServer/PipeServer.vcxproj
@@ -104,7 +104,7 @@
       </PrecompiledHeader>
       <WarningLevel>Level3</WarningLevel>
       <Optimization>Disabled</Optimization>
-      <PreprocessorDefinitions>_DEBUG;_WINDOWS;_USRDLL;PIPESERVER_EXPORTS;NOMINMAX;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>_DEBUG;_WINDOWS;_USRDLL;PIPESERVER_EXPORTS;NOMINMAX;RECLASSNET64;%(PreprocessorDefinitions)</PreprocessorDefinitions>
     </ClCompile>
     <Link>
       <SubSystem>Windows</SubSystem>
@@ -136,7 +136,7 @@
       <Optimization>MaxSpeed</Optimization>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <IntrinsicFunctions>true</IntrinsicFunctions>
-      <PreprocessorDefinitions>NDEBUG;_WINDOWS;_USRDLL;PIPESERVER_EXPORTS;NOMINMAX;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>NDEBUG;_WINDOWS;_USRDLL;PIPESERVER_EXPORTS;NOMINMAX;RECLASSNET64;%(PreprocessorDefinitions)</PreprocessorDefinitions>
     </ClCompile>
     <Link>
       <SubSystem>Windows</SubSystem>
