RamFlusher.cpp

1. // RamFlusher.exe -- minified, silent, and "stand-alone"
2. // contact me (Alaestor) via http://discord.FutureGadgetLab.net/
3.  
4. #define WINVER _WIN32_WINNT_WIN7
5. #include <stdexcept>
6. #include <vector>
7. #include <windows.h>
8. #include <psapi.h>
9.  
10. bool RanAsAdmin() // stolen from our FGL.h standard header
11. {
12.     TOKEN_ELEVATION te;
13.  
14.     if (void* h = nullptr;
15.         OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &h))
16.     {
17.         if (h == nullptr) return false;
18.         unsigned long cbSize = sizeof(TOKEN_ELEVATION);
19.         GetTokenInformation(h, TokenElevation, &te, sizeof(te), &cbSize);
20.         CloseHandle(h);
21.     }
22.  
23.     return te.TokenIsElevated ? true : false;
24. }
25.  
26. int main()
27. {
28.     if (!RanAsAdmin()) // if you get a GUI, use a prompt instead
29.         throw std::runtime_error("Must be run as administrator to work!");
30.  
31.     // get pids
32.     static constexpr const std::size_t MaxPIDs = 1024;
33.     std::vector<unsigned long> pids(MaxPIDs);
34.     pids.resize(MaxPIDs); // "theoretically" unneeded
35.  
36.     if (unsigned long bytesWriten = 0;
37.         EnumProcesses(pids.data(), pids.size(), &bytesWriten))
38.     { pids.resize(bytesWriten / sizeof(decltype(pids)::value_type)); }
39.     else throw std::runtime_error("EnumProcesses() failed");
40.  
41.     // flush pids down toilet
42.     static constexpr const unsigned long AccessFlags =
43.         PROCESS_QUERY_INFORMATION | PROCESS_SET_QUOTA;
44.  
45.     for (const auto& pid : pids) // best effort
46.         if (const auto& h(OpenProcess(AccessFlags, false, pid)); h != nullptr)
47.         { EmptyWorkingSet(h); CloseHandle(h); }
48.  
49.     return 0;
50. }