Results 1 to 7 of 7

Thread: Accessing "in Use" Files == ?

  1. #1
    shakuni
    Guest

    Accessing "in Use" Files == ?

    How can I access the files that are in-use by other processes. Say there is this file called "locked.txt", which is in use by process A. Now how can I copy this file to another location programmatically. Normal methods will fail with the error "The process cannot access the file because it is being used by another
    process.".

    Any ideas ?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Location
    Ring -1
    Posts
    4,206
    Blog Entries
    5
    Pause all threads of the process having opened the file. Then inject your own code into the same process, which reads the contents of the file and then restores the file pointer. Then restore all threads of the process. Done.

    Oh, and please stop the annoying "==" subjects of your threads...
    "Give a man a quote from the FAQ, and he'll ignore it. Print the FAQ, shove it up his ass, kick him in the balls, DDoS his ass and kick/ban him, and the point usually gets through eventually."

  3. #3
    Duplicate the handle into your own process to avoid injecting code...
    --
    Best regards,
    Alex Ionescu

  4. #4
    Registered User
    Join Date
    Jan 2008
    Posts
    163
    Blog Entries
    19
    Ionescu is right, you should duplicate the handle. You can easily adapt the code of this article:

    http://ntcore.com/Files/wfp.htm

    It's a bit old (2004), but it will do the job. It also shows how to retrieve any opened handle through SystemHandleInformation.

  5. #5
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Location
    Ring -1
    Posts
    4,206
    Blog Entries
    5
    Alex, how would you recommend getting hold of the value of the handle to be duplicated in the first place (without "intrusive" operations into the target process address space)?

    The best I can find is the undocumented:

    #define SystemHandleInformation 16
    ZwQuerySystemInformation(SystemHandleInformation,pBuffer,cbBuffer * sizeof(ULONG),&re);

    and then a DuplicateHandle(...).

    Is there a better (and foremost cleaner/documented) way?

    [EDIT]
    Didn't see Daniel's post when writing the above, but the problem is still the same, with the messy undocumented stuff that might not work in different Windows versions (or am I wrong?).
    "Give a man a quote from the FAQ, and he'll ignore it. Print the FAQ, shove it up his ass, kick him in the balls, DDoS his ass and kick/ban him, and the point usually gets through eventually."

  6. #6
    That's how you'd do it, but make sure to use the NDK structures instead of unreliable/hacked information on the net
    --
    Best regards,
    Alex Ionescu

  7. #7
    Registered User
    Join Date
    Jan 2008
    Posts
    163
    Blog Entries
    19
    Well, dELTA don't take my code for right. As I said it's old I can't guarantee anything. At the time I wrote it I found those structures (I don't rememember where I took them from), they might as well be wrong. If we're talking about "just a method" to make it work locally, my code might as well do the job. If the program is meant to work on every system, more precautions (like the one suggested by aionescu) should be taken.

Similar Threads

  1. Replies: 0
    Last Post: February 13th, 2014, 07:42
  2. how to generat "1" instead of "uncounted" license
    By joyung in forum The Newbie Forum
    Replies: 38
    Last Post: April 10th, 2012, 03:57
  3. Replies: 4
    Last Post: May 28th, 2009, 13:02
  4. Replies: 1
    Last Post: December 14th, 2007, 13:35
  5. Replies: 3
    Last Post: September 15th, 2005, 00:01

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •