How to Enumerate Names of All Named Pipes in a Process?

StackOverflow https://stackoverflow.com/questions/19778885

  •  03-07-2022
  •  | 
  •  

Question

I need to open a certain named pipe so I can fuzz test it, however my test code does not have access to the same data used to generate the name of the named pipe. However I can recognize the name of the pipe and then use that name to open up the pipe for fuzzing.

I used this forum post to start enumerating names of the handles on the system: http://forum.sysinternals.com/howto-enumerate-handles_topic18892.html

However it seems that won't work with named pipes for some reason.

TL;DR: What API(s) do I need to use to list the names of all named pipes in the current process on Windows?

Was it helpful?

Solution

This will enumerate all named pipes in the system, or at the very least put you a step in the right direction.

This works in MinGW when built with -fpermissive. It should work with similar settings in MSVC.

#ifndef _WIN32_WINNT
// Windows XP
#define _WIN32_WINNT 0x0501
#endif

#include <Windows.h>
#include <Psapi.h>


// mycreatepipeex.c is at http://www.davehart.net/remote/PipeEx.c
// I created a simple header based on that.    
#include "mycreatepipeex.h"

#include <iostream>
#include <cstdio>
#include <errno.h>

void EnumeratePipes()
{
    WIN32_FIND_DATA FindFileData;
    HANDLE hFind;

#define TARGET_PREFIX "//./pipe/"
    const char *target = TARGET_PREFIX "*";

    memset(&FindFileData, 0, sizeof(FindFileData));
    hFind = FindFirstFileA(target, &FindFileData);
    if (hFind == INVALID_HANDLE_VALUE) 
    {
        std::cerr << "FindFirstFileA() failed: " << GetLastError() << std::endl;
        return;
    }
    else 
    {
        do
        {
            std::cout << "Pipe: " << TARGET_PREFIX << FindFileData.cFileName << std::endl;
        }
        while (FindNextFile(hFind, &FindFileData));

        FindClose(hFind);
    }
#undef TARGET_PREFIX

    return;
}

int main(int argc, char**argv)
{
    HANDLE read = INVALID_HANDLE_VALUE;
    HANDLE write = INVALID_HANDLE_VALUE;
    unsigned char pipe_name[MAX_PATH+1];

    BOOL success = MyCreatePipeEx(&read, &write, NULL, 0, 0, 0, pipe_name);

    EnumeratePipes();

    if ( success == FALSE )
    {
        std::cerr << "MyCreatePipeEx() failed: " << GetLastError() << std::endl;
        return 1;
    }

    FILE *f = fopen((const char*)pipe_name, "rwb");
    if ( f == NULL )
    {
        std::cerr << "fopen(\"" << pipe_name << "\") failed: " << (int)errno << std::endl;
    }

    CloseHandle(read);
    CloseHandle(write);

    return 0;
}
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top