Process Hacker Forums

Hi,
please have a look at this vulnerability: https://packetstormsecurity.com/files/1 ... cking.html

You have not replied for months, so it is already public now.

Yeah. I also never noticed any problems with it and I also use it on a x64 system for years...

Okay, that's nice.

* Removed Terminator

viewtopic.php?f=1&t=2293

Why was the terminator removed? I really liked this feature and it allowed me to kill nearly all processes and now it is gone. Why?

If you're concerned about security and want to verify signatures for any software, then you really should be upgrading to Windows 8 or Windows 10 ASAP since they are able to check the newer digital signatures - there is nothing we can do that will solve this issue, you have to upgrade. Indeed. I ag...

The links are rotated by our 'load balancer' between the various domains. Okay, nice. This will be fixed in "March 22, 2016". What's the point? HSTS already does the https redirection and forces https for the entire site (just try accessing the site without https). The point is the thing ...

@checksum Compare the hashes with the ones at https://wj32.org/processhacker/downloads.php.

additionally XP and some older browsers don't support our certificate and would be unable to access the project site. This will be fixed in "March 22, 2016". See https://letsencrypt.org/upcoming-features/ We already serve the files from wj32.org, Sourceforge and Github and all 3 do this v...

Nice.

Okay, it sounds all good, but I don't understand the issue with the SHA1 signature. Microsoft is depreciating SHA-1 anyway and you should really be able to check the signature even if it is a SHA-256 hash. BTW as a digital signature do you mean the code signing signature? So if this really does not ...

Windows depreciates SHA-1 code signing on Windows. Your binaries are still signed with a SHA1 hash, so you should probably start signing it with a SHA-256 hash. Sources: https://bugzilla.mozilla.org/show_bug.cgi?id=1079858 https://social.msdn.microsoft.com/Forums/windows/en-US/f9840ddc-e1a6-4fd0-96a...

I tried to upgrade v2.33 to v2.37 and it showed ma a SHA1 error: Sha1Fail.PNG The downloaded file is obviously processhacker-2.37-setup.exe at %temp% and there you'll also see why it fails. The content is: 302 Found The resource was found at http://downloads.sourceforge.net/project/processhacker/pro...

BTW do you want to switch to GitHub as you already released the binaries and source code there?

Thanks, fast reaction. As for the file hashes the only thing they should be is copyable (so do not show them when on mouseover or something like that) and you should show the SHA1 hash and - even better - the SHA-256 hash.

Nice the download page for the PH binaries is finally available over HTTPS. At first a redirect from HTTP to HTTPS would be nice and secondly it would be nice if you could either serve the binaries from the same server too, so they can be downloaded via HTTPS or at least publish the SHA-256 hashes o...

futility of such a formulation of the task. What's futile to create an awesome task manager (from a design and basic features perspective similar to PH) for Linux? Currently no such thing is available, because most task managers for Linux are either CLI-based or are just black/white windows, withou...

Porting Process Hacker to another OS architecture while retaining all of its capabilities simply by replacing the API calls will not work. You already noticed that I said I do not want all features/capabilities ? I also understand that a full port (written from scratch) is not possible, but I'd lik...

@viksoftru We are not here to discuss systemd. :) BTW my "problem" is to have a nice task manager on Linux. And I think with a task manager (similar to PH) for Linux this can be solved. @timofonic This sounds good. Obviously we do not need the full functionality of PH and so call it "...

a ProcessHacker for Linux would be essentially rewritten, not just a port. True. Like Notepadqq . But obviously you do not need all the features of the original Windows PH, but at least the graphs and coloured processes. So already a PH lite for Linux would be a great thing for all people who don't...

Ah yes I also just saw it. Nice.

So stupid I overlooked this. It seems I was too exited about this new feature...