Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Show "??" entry in Object Manager #2074

Open
alabuzhev opened this issue May 24, 2024 · 0 comments
Open

Show "??" entry in Object Manager #2074

alabuzhev opened this issue May 24, 2024 · 0 comments
Assignees
@dmex
Labels
enhancement

Comments

@alabuzhev
Copy link
Contributor

Description of the feature, modification, idea or suggestion

Tools - System - Object Manager shows the content of "\" by calling NtQueryDirectoryObject recursively.
This approach overlooks one particular directory - ?? (a.k.a. "local \DosDevices"), which is not returned when querying the root directory, unlike the global version of \DosDevices (GLOBAL??).
This directory typically contains a symbolic link to Global, network drives, subst drives and whatever else the user defined with DefineDosDevice.

This information is also available under \Sessions\<SESSION_ID>\DosDevices\<LOGON_SESSION_ID>, but getting there is more cumbersome and requires Administrator rights.

Proposed implementation details (optional)

It can be added manually (I'm not familiar with the code, so apologies if something is horribly wrong):

diff --git a/plugins/ExtendedTools/objmgr.c b/plugins/ExtendedTools/objmgr.c
index 229e7b279..efb1b83d6 100644
--- a/plugins/ExtendedTools/objmgr.c
+++ b/plugins/ExtendedTools/objmgr.c
@@ -14,6 +14,8 @@
 #include <hndlinfo.h>
 
 static PH_STRINGREF EtObjectManagerRootDirectoryObject = PH_STRINGREF_INIT(L"\\"); // RtlNtPathSeperatorString
+static PH_STRINGREF EtObjectManagerUserDirectoryObject = PH_STRINGREF_INIT(L"??");
+static PH_STRINGREF DirectoryObjectType = PH_STRINGREF_INIT(L"Directory");
 static HWND EtObjectManagerDialogHandle = NULL;
 static HANDLE EtObjectManagerDialogThreadHandle = NULL;
 static PH_EVENT EtObjectManagerDialogInitializedEvent = PH_EVENT_INIT;
@@ -875,6 +877,14 @@ INT_PTR CALLBACK WinObjDlgProc(
                 EtObjectManagerRootDirectoryObject
                 );
 
+            DIRECTORY_ENUM_CONTEXT enumContext;
+
+            enumContext.TreeViewHandle = context->TreeViewHandle;
+            enumContext.RootTreeItem = context->RootTreeObject;
+            enumContext.DirectoryPath = EtObjectManagerRootDirectoryObject;
+
+            EtEnumDirectoryObjectsCallback(&EtObjectManagerUserDirectoryObject, &DirectoryObjectType, &enumContext);
+
             PhInitializeWindowTheme(hwndDlg, !!PhGetIntegerSetting(L"EnableThemeSupport"));
 
             SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM)context->TreeViewHandle, TRUE);

The result:

image

Links:
https://learn.microsoft.com/en-us/windows-hardware/drivers/kernel/local-and-global-ms-dos-device-names
https://www.osronline.com/article.cfm%5Earticle=381.htm
https://superuser.com/questions/884347/win32-and-the-global-namespace
https://stackoverflow.com/questions/4686897/sessions-window-stations-and-desktops
@dmex dmex self-assigned this May 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dmex dmex

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dmex @alabuzhev