| 网站首页 | 业界新闻 | 小组 | 威客 | 人才 | 下载频道 | 博客 | 代码贴 | 在线编程 | 编程论坛
欢迎加入我们,一同切磋技术
用户名:   
 
密 码:  
共有 551 人关注过本帖
标题:求指导 调用函数功能没实现
只看楼主 加入收藏
wslyz640
Rank: 1
等 级:新手上路
帖 子:2
专家分:0
注 册:2012-11-16
结帖率:0
收藏
已结贴  问题点数:20 回复次数:5 
求指导 调用函数功能没实现
程序代码:
// ss.cpp: 主项目文件。
#include <windows.h>
#include <tlhelp32.h>
#include <aclapi.h>
#include <Psapi.h>
#pragma comment(lib,"Psapi.lib")


int ProcessExit(LPCTSTR szProcName,int x)
{
    PROCESSENTRY32    pe; 
    DWORD    dwRet;
    BOOL    bFound = FALSE;
    HANDLE hProcess;
    char fileName[1024] = {0};
    HANDLE hSP = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
    if (hSP)
    {
        pe.dwSize = sizeof(pe);

        for (dwRet = Process32First(hSP, &pe); 
            dwRet;
            dwRet = Process32Next(hSP, &pe))
        {
            if(x){
                if (lstrcmpi( szProcName, pe.szExeFile) == 0)
                {
                    bFound = TRUE;
                    break;
                }
            }
            else
            {
                hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,FALSE,pe.th32ProcessID);
                if(hProcess)
                {
                    Sleep(1);
                    GetModuleFileNameEx(hProcess,NULL, (LPSTR)fileName,sizeof(fileName));
                    Sleep(1);
                    if (lstrcmpi( szProcName, fileName) == 0)
                    {
                        bFound = TRUE;
                        break;
                    }
                }
                CloseHandle(hProcess);
            }
        }
        CloseHandle(hSP);    
    }
    return bFound;
}
BOOL EnableDebugPriv( LPCTSTR szPrivilege )
{

    HANDLE hToken;
    LUID sedebugnameValue;
    TOKEN_PRIVILEGES tkp;

    if ( !OpenProcessToken( GetCurrentProcess(),
        TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
        &hToken ) )
    {
        return FALSE;
    }
    if ( !LookupPrivilegeValue( NULL, szPrivilege, &sedebugnameValue ) )
    {
        CloseHandle( hToken );
        return FALSE;
    }

    tkp.PrivilegeCount = 1;
    tkp.Privileges[0].Luid = sedebugnameValue;
    tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

    if ( !AdjustTokenPrivileges( hToken, FALSE, &tkp, sizeof tkp, NULL, NULL ) )
    {
        CloseHandle( hToken );
        return FALSE;
    }

    return TRUE;
}


DWORD GetProcessId( LPCTSTR szProcName )
{
    PROCESSENTRY32 pe;  
    DWORD dwPid;
    DWORD dwRet;
    BOOL bFound = FALSE;

    //
    // 通过 TOOHLP32 函数枚举进程
    //

    HANDLE hSP = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
    if ( hSP )
    {
        pe.dwSize = sizeof( pe );

        for ( dwRet = Process32First( hSP, &pe );
            dwRet;
            dwRet = Process32Next( hSP, &pe ) )
        {
            if ( lstrcmpi(szProcName, pe.szExeFile) == 0 )
            {
                dwPid = pe.th32ProcessID;
                bFound = TRUE;
                break;
            }
        }

        CloseHandle( hSP );

        if ( bFound == TRUE )
        {
            return dwPid;
        }
    }

    return NULL;
}


BOOL MySystem( LPTSTR szProcessName )
{
    HANDLE hProcess;
    HANDLE hToken, hNewToken;
    DWORD dwPid;

    PACL pOldDAcl = NULL;
    PACL pNewDAcl = NULL;
    BOOL bDAcl;
    BOOL bDefDAcl;
    DWORD dwRet;

    PACL pSacl = NULL;
    PSID pSidOwner = NULL;
    PSID pSidPrimary = NULL;
    DWORD dwAclSize = 0;
    DWORD dwSaclSize = 0;
    DWORD dwSidOwnLen = 0;
    DWORD dwSidPrimLen = 0;

    DWORD dwSDLen;
    EXPLICIT_ACCESS ea;
    PSECURITY_DESCRIPTOR pOrigSd = NULL;
    PSECURITY_DESCRIPTOR pNewSd = NULL;

    STARTUPINFO si;
    PROCESS_INFORMATION pi;

    BOOL bError;

    if (!EnableDebugPriv("SeDebugPrivilege"))
    {
        bError = TRUE;
        goto Cleanup;
    }

    if ( ( dwPid = GetProcessId("WINLOGON.EXE") ) == NULL )
    {
        bError = TRUE;
        goto Cleanup;
    }

    hProcess = OpenProcess( MAXIMUM_ALLOWED, FALSE, dwPid );
    if ( hProcess == NULL )
    {
        bError = TRUE;
        goto Cleanup;
    }

    if ( !OpenProcessToken( hProcess, READ_CONTROL | WRITE_DAC, &hToken ) )
    {
        bError = TRUE;
        goto Cleanup;
    }

    ZeroMemory( &ea, sizeof( EXPLICIT_ACCESS ) );
    BuildExplicitAccessWithName( &ea,
        "Everyone",
        TOKEN_ALL_ACCESS,
        GRANT_ACCESS,
        0 );

    if ( !GetKernelObjectSecurity( hToken,
        DACL_SECURITY_INFORMATION,
        pOrigSd,
        0,
        &dwSDLen ) )
    {

        if ( GetLastError() == ERROR_INSUFFICIENT_BUFFER )
        {
            pOrigSd = ( PSECURITY_DESCRIPTOR ) HeapAlloc( GetProcessHeap(),
                HEAP_ZERO_MEMORY,
                dwSDLen );
            if ( pOrigSd == NULL )
            {
                bError = TRUE;
                goto Cleanup;
            }

            if ( !GetKernelObjectSecurity( hToken,
                DACL_SECURITY_INFORMATION,
                pOrigSd,
                dwSDLen,
                &dwSDLen ) )
            {
                bError = TRUE;
                goto Cleanup;
            }
        }
        else
        {
            bError = TRUE;
            goto Cleanup;
        }
    }

    if ( !GetSecurityDescriptorDacl( pOrigSd, &bDAcl, &pOldDAcl, &bDefDAcl ) )
    {
        bError = TRUE;
        goto Cleanup;
    }


    dwRet = SetEntriesInAcl( 1, &ea, pOldDAcl, &pNewDAcl ); 
    if ( dwRet != ERROR_SUCCESS )
    {
        pNewDAcl = NULL;

        bError = TRUE;
        goto Cleanup;
    } 

    if ( !MakeAbsoluteSD( pOrigSd,
        pNewSd,
        &dwSDLen,
        pOldDAcl,
        &dwAclSize,
        pSacl,
        &dwSaclSize,
        pSidOwner,
        &dwSidOwnLen,
        pSidPrimary,
        &dwSidPrimLen ) )
    {

        if ( GetLastError() == ERROR_INSUFFICIENT_BUFFER )
        {
            pOldDAcl = ( PACL ) HeapAlloc( GetProcessHeap(),
                HEAP_ZERO_MEMORY,
                dwAclSize );
            pSacl = ( PACL ) HeapAlloc( GetProcessHeap(),
                HEAP_ZERO_MEMORY,
                dwSaclSize );
            pSidOwner = ( PSID ) HeapAlloc( GetProcessHeap(),
                HEAP_ZERO_MEMORY,
                dwSidOwnLen );
            pSidPrimary = ( PSID ) HeapAlloc( GetProcessHeap(),
                HEAP_ZERO_MEMORY,
                dwSidPrimLen );
            pNewSd = ( PSECURITY_DESCRIPTOR ) HeapAlloc( GetProcessHeap(),
                HEAP_ZERO_MEMORY,
                dwSDLen );

            if ( pOldDAcl == NULL ||
                pSacl == NULL ||
                pSidOwner == NULL ||
                pSidPrimary == NULL ||
                pNewSd == NULL )
            {
                bError = TRUE;
                goto Cleanup;
            }

            if ( !MakeAbsoluteSD( pOrigSd,
                pNewSd,
                &dwSDLen,
                pOldDAcl,
                &dwAclSize,
                pSacl,
                &dwSaclSize,
                pSidOwner,
                &dwSidOwnLen,
                pSidPrimary,
                &dwSidPrimLen ) )
            {
                bError = TRUE;
                goto Cleanup;
            }
        }
        else
        {
            bError = TRUE;
            goto Cleanup;
        }
    }

    if ( !SetSecurityDescriptorDacl( pNewSd, bDAcl, pNewDAcl, bDefDAcl ) )
    {
        bError = TRUE;
        goto Cleanup;
    }

    if ( !SetKernelObjectSecurity( hToken, DACL_SECURITY_INFORMATION, pNewSd ) )
    {
        bError = TRUE;
        goto Cleanup;
    }

    if ( !OpenProcessToken( hProcess, TOKEN_ALL_ACCESS, &hToken ) )
    {
        bError = TRUE;
        goto Cleanup;
    }

    if ( !DuplicateTokenEx( hToken,
        TOKEN_ALL_ACCESS,
        NULL,
        SecurityImpersonation,
        TokenPrimary,
        &hNewToken ) )
    {
        bError = TRUE;
        goto Cleanup;
    }


    ZeroMemory( &si, sizeof( STARTUPINFO ) );
    si.cb = sizeof( STARTUPINFO );

    ImpersonateLoggedOnUser( hNewToken );

    if ( !CreateProcessAsUser( hNewToken,
        NULL,
        szProcessName,
        NULL,
        NULL,
        FALSE,
        NULL, //NORMAL_PRIORITY_CLASS | CREATE_NEW_CONSOLE,
        NULL,
        NULL,
        &si,
        &pi ) )
    {
        bError = TRUE;
        goto Cleanup;
    }

    bError = FALSE;

Cleanup:
    if ( pOrigSd )
    {
        HeapFree( GetProcessHeap(), 0, pOrigSd );
    }
    if ( pNewSd )
    {
        HeapFree( GetProcessHeap(), 0, pNewSd );
    }
    if ( pSidPrimary )
    {
        HeapFree( GetProcessHeap(), 0, pSidPrimary );
    }
    if ( pSidOwner )
    {
        HeapFree( GetProcessHeap(), 0, pSidOwner );
    }
    if ( pSacl )
    {
        HeapFree( GetProcessHeap(), 0, pSacl );
    }
    if ( pOldDAcl )
    {
        HeapFree( GetProcessHeap(), 0, pOldDAcl );
    }

    CloseHandle( pi.hProcess );
    CloseHandle( pi.hThread );
    CloseHandle( hToken );
    CloseHandle( hNewToken );
    CloseHandle( hProcess );

    if ( bError )
    {
        return FALSE;
    }

    return TRUE;
}
int main(int argc, char* argv[])
{
    MySystem("cmd.exe");
    return 0;
}

麻烦大家帮我看下这代码  这是原版源码

我用的是VC2010    使用的Unicode字符集   最后我把字符都转过来了  但是在调用MySystem函数的时候 一直没有实现功能  麻烦打击帮帮忙
搜索更多相关主题的帖子: comment include 
2012-11-23 00:42
rjsp
Rank: 20Rank: 20Rank: 20Rank: 20Rank: 20
等 级:版主
威 望:528
帖 子:9025
专家分:54030
注 册:2011-1-18
收藏
得分:4 
调用函数功能没实现
------ 啥功能?

我用的是VC2010    使用的Unicode字符集   最后我把字符都转过来了
------ 听不懂,这中文语法牛,不知道你到底用的是unicode还是非unicode。你的体育老师功不可没

但是在调用MySystem函数的时候 一直没有实现功能  麻烦打击帮帮忙
------ 我不知道你想实现啥功能,帮不了你,只能建议你关闭杀毒软件防火墙等试试
2012-11-23 08:28
mmmmmmmmmmmm
Rank: 10Rank: 10Rank: 10
等 级:青峰侠
威 望:8
帖 子:388
专家分:1809
注 册:2012-11-2
收藏
得分:4 
楼主 别着急 慢慢来哈 支持一个

我们的目标只有一个:消灭0回复!
while(1)
++money;
2012-11-23 14:13
w527705090
Rank: 10Rank: 10Rank: 10
等 级:贵宾
威 望:11
帖 子:441
专家分:1882
注 册:2011-6-28
收藏
得分:4 
慢慢来,说清楚你的功能

有心者,千方百计;无心者,千难万难。
2012-11-23 15:58
zxd543
Rank: 11Rank: 11Rank: 11Rank: 11
来 自:内蒙古
等 级:贵宾
威 望:17
帖 子:453
专家分:2351
注 册:2012-4-12
收藏
得分:4 
这么长的代码 头大了

马马虎虎 不吝赐教 我是路过蹭分滴
2012-11-23 23:38
lyj123
Rank: 3Rank: 3
等 级:论坛游侠
帖 子:60
专家分:152
注 册:2010-11-15
收藏
得分:4 
好长啊,注释多写点啊,看起来真麻烦,
这种规模的程序不写注释,
楼主
您觉得您会不会写了前面忘了后面?
调试起来也麻烦!!!

相互帮助

2012-11-25 16:58
快速回复:求指导 调用函数功能没实现
数据加载中...
 
   



关于我们 | 广告合作 | 编程中国 | 清除Cookies | TOP | 手机版

编程中国 版权所有,并保留所有权利。
Powered by Discuz, Processed in 0.047533 second(s), 8 queries.
Copyright©2004-2024, BCCN.NET, All Rights Reserved