ProcessClientThread() creates a named pipe handle but never closes it, resulting in a handle leak. #2
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
ProcessClientThreadcreates a named pipe handlehPipebut never closes it, resulting in a handle leak.if (success) { responseMsg = $"[*] Impersonating token {capturedSession.Value.TokenHandle} for LUID {capturedSession.Value.Luid} to {pipeName}"; // 0x80000000 | 0x40000000 -> GENERIC_READ | GENERIC_WRITE // 3 -> OPEN_EXISTING Thread.Sleep(1000); IntPtr hPipe = Interop.CreateFile($"{pipeName}", 0x80000000 | 0x40000000, 0, 0, 3, 0, 0); if (hPipe.ToInt64() == -1) { var ex = new Win32Exception(Marshal.GetLastWin32Error()); Console.WriteLine($" [X] Error conecting to {pipeName} : {ex.Message} ({ex.ErrorCode})"); } else { // write a single byte out so we can fulfil the ReadFile() requirement on the other side of the pipe byte[] bytes = new byte[1]; uint written = 0; Interop.WriteFile(hPipe, bytes, (uint)bytes.Length, out written, IntPtr.Zero); Thread.Sleep(500); + CloseHandle(hPipe); <<< need to close this handle before the variable goes out of scope } Interop.RevertToSelf();Koh/Koh/Pipe.cs
Line 289 in 0283d9f
The text was updated successfully, but these errors were encountered: