Skip to content

feat: make it case insensitive and work without an extension #81

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
supervoidcoder merged 8 commits into from
Feb 11, 2026
Merged

feat: make it case insensitive and work without an extension #81

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
f9c1fbe
feat: make it case insensitive and work without an extension
supervoidcoder Feb 11, 2026
271c09a
ci: remove extensions
supervoidcoder Feb 11, 2026
253d8b2
fix: move
supervoidcoder Feb 11, 2026
34a82c0
fix: add mising parenthehsesssersrseesrsereserseserserserseseserserse…
supervoidcoder Feb 11, 2026
0f7cc06
fix: convert procname to string
supervoidcoder Feb 11, 2026
bcd3e1d
aaaaaaaaaaaaaaaa
supervoidcoder Feb 11, 2026
a89f834
fix: recompute exename inside loop or elese
supervoidcoder Feb 11, 2026
13fd625
Update process.ps1
supervoidcoder Feb 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 19 additions & 4 deletions main.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2006,12 +2006,27 @@ ProcInfos findMyProc(const char *procname) {

// info about first process encountered in a system snapshot
hResult = Process32First(hSnapshot, &pe);

std::string procstr = procname;
// retrieve information about the processes
// and exit if unsuccessful
// if we find the process: return process ID


std::transform(procstr.begin(), procstr.end(), procstr.begin(), [](unsigned char c){ return std::tolower(c); });// same lowercasing as the otther
std::string ex = procstr;
if (!procstr.ends_with(".exe")) {// no joke i almost typed endsWith here, the J*vaScript mind virus is spreading
ex += ".exe";
}
while (hResult) {
// if we find the process: return process ID
if (strcmp(procname, WideToString(pe.szExeFile).c_str()) == 0) {


std::string exeName = WideToString(pe.szExeFile);
std::transform(exeName.begin(), exeName.end(), exeName.begin(), [](unsigned char c){ return std::tolower(c); });
// for the comparison make it lowercase so that it does the thingy mammombbers insensitiviityness case
// this is only for the compariason either way


if (exeName == ex || exeName == procstr) {
result.names.push_back(WideToString(pe.szExeFile)); // let me cook
// while you might think its less performant to waste all this
// on storing related names for no reason
Expand All @@ -2027,7 +2042,7 @@ ProcInfos findMyProc(const char *procname) {
CloseHandle(hSnapshot);
return result;
}
// The above function is taken from https://cocomelonc.github.io/pentest/2021/09/29/findmyprocess.html , modified simply to use WideToString for the process name comparison among other things.
// The above function is taken from https://cocomelonc.github.io/pentest/2021/09/29/findmyprocess.html, modified simply to use WideToString for the process name comparison among other things.
// Thanks!


Expand Down
44 changes: 22 additions & 22 deletions tests/process/process.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,71 +1,71 @@
$time = Measure-Command { win-witr winlogon.exe | Out-Default }
$time = Measure-Command { win-witr winlogon | Out-Default }
"winlogon.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr lsass.exe | Out-Default }
$time = Measure-Command { win-witr lsass | Out-Default }
"lsass.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr win-witr.exe | Out-Default }
$time = Measure-Command { win-witr win-witr | Out-Default }
"win-witr.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr wininit.exe | Out-Default }
$time = Measure-Command { win-witr wininit | Out-Default }
"wininit.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr explorer.exe | Out-Default }
$time = Measure-Command { win-witr explorer | Out-Default }
"explorer.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr Registry | Out-Default }
"Registry check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr csrss.exe | Out-Default }
$time = Measure-Command { win-witr csrss | Out-Default }
"csrss.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr fontdrvhost.exe | Out-Default }
$time = Measure-Command { win-witr fontdrvhost | Out-Default }
"fontdrvhost.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr svchost.exe | Out-Default }
$time = Measure-Command { win-witr svchost | Out-Default }
"svchost.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr smss.exe | Out-Default }
$time = Measure-Command { win-witr smss | Out-Default }
"smss.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr services.exe | Out-Default }
$time = Measure-Command { win-witr services | Out-Default }
"services.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr powershell.exe | Out-Default }
$time = Measure-Command { win-witr powershell | Out-Default }
"powershell.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr Runner.Listener.exe | Out-Default }
"Runner.Listener.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr cmd.exe | Out-Default }
$time = Measure-Command { win-witr cmd | Out-Default }
"cmd.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr pwsh.exe | Out-Default }
$time = Measure-Command { win-witr pwsh | Out-Default }
"pwsh.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr Runner.Worker.exe | Out-Default }
$time = Measure-Command { win-witr Runner.Worker | Out-Default }
"Runner.Worker.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr hosted-compute-agent | Out-Default }
"hosted-compute-agent check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr conhost.exe | Out-Default }
$time = Measure-Command { win-witr conhost | Out-Default }
"conhost.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr dwm.exe | Out-Default }
$time = Measure-Command { win-witr dwm | Out-Default }
"dwm.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr RuntimeBroker.exe | Out-Default }
$time = Measure-Command { win-witr RuntimeBroker | Out-Default }
"RuntimeBroker.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr SearchIndexer.exe | Out-Default }
$time = Measure-Command { win-witr SearchIndexer | Out-Default }
"SearchIndexer.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr spoolsv.exe | Out-Default }
$time = Measure-Command { win-witr spoolsv | Out-Default }
"spoolsv.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr taskhostw.exe | Out-Default }
$time = Measure-Command { win-witr taskhostw | Out-Default }
"taskhostw.exe check took {0} ms" -f $time.TotalMilliseconds

$time = Measure-Command { win-witr dllhost.exe | Out-Default }
"dllhost.exe check took {0} ms" -f $time.TotalMilliseconds