BOOL GetTokenByName(HANDLE &hToken,LPSTR lpName)
{
if(!lpName)
{
return FALSE;
}
HANDLE hProcessSnap = NULL;
BOOL bRet = FALSE;
PROCESSENTRY32 pe32 = {0};hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hProcessSnap == INVALID_HANDLE_VALUE)
return (FALSE);pe32.dwSize = sizeof(PROCESSENTRY32);if (Process32First(hProcessSnap, &pe32))
{
do
{
if(!strcmp(_strupr(pe32.szExeFile),_strupr(lpName)))
{
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION,
FALSE,pe32.th32ProcessID);
bRet = OpenProcessToken(hProcess,TOKEN_ALL_ACCESS,&hToken);
CloseHandle (hProcessSnap);
return (bRet);
}
}
while (Process32Next(hProcessSnap, &pe32));
bRet = TRUE;
}
else
bRet = FALSE;CloseHandle (hProcessSnap);
return (bRet);
}软件开发网BOOL RunProcess(LPCSTR lpImage)
{
if(!lpImage)
{
return FALSE;
}
HANDLE hToken;
if(!GetTokenByName(hToken,"EXPLORER.EXE"))
{
return FALSE;
}
STARTUPINFO si;
PROCESS_INFORMATION pi;ZeroMemory(&si, sizeof(STARTUPINFO));
si.cb= sizeof(STARTUPINFO);
si.lpDesktop = TEXT("winsta0\\default");BOOL bResult = CreateProcessAsUser(hToken,lpImage,NULL,NULL,NULL,
FALSE,NORMAL_PRIORITY_CLASS,NULL,NULL,&si,&pi);
CloseHandle(hToken);
if(bResult)
{
OutputDebugString("CreateProcessAsUser ok!\r\n");
}
else
{
OutputDebugString("CreateProcessAsUser false!\r\n");
}
return bResult;
}
{
if(!lpName)
{
return FALSE;
}
HANDLE hProcessSnap = NULL;
BOOL bRet = FALSE;
PROCESSENTRY32 pe32 = {0};hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hProcessSnap == INVALID_HANDLE_VALUE)
return (FALSE);pe32.dwSize = sizeof(PROCESSENTRY32);if (Process32First(hProcessSnap, &pe32))
{
do
{
if(!strcmp(_strupr(pe32.szExeFile),_strupr(lpName)))
{
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION,
FALSE,pe32.th32ProcessID);
bRet = OpenProcessToken(hProcess,TOKEN_ALL_ACCESS,&hToken);
CloseHandle (hProcessSnap);
return (bRet);
}
}
while (Process32Next(hProcessSnap, &pe32));
bRet = TRUE;
}
else
bRet = FALSE;CloseHandle (hProcessSnap);
return (bRet);
}软件开发网BOOL RunProcess(LPCSTR lpImage)
{
if(!lpImage)
{
return FALSE;
}
HANDLE hToken;
if(!GetTokenByName(hToken,"EXPLORER.EXE"))
{
return FALSE;
}
STARTUPINFO si;
PROCESS_INFORMATION pi;ZeroMemory(&si, sizeof(STARTUPINFO));
si.cb= sizeof(STARTUPINFO);
si.lpDesktop = TEXT("winsta0\\default");BOOL bResult = CreateProcessAsUser(hToken,lpImage,NULL,NULL,NULL,
FALSE,NORMAL_PRIORITY_CLASS,NULL,NULL,&si,&pi);
CloseHandle(hToken);
if(bResult)
{
OutputDebugString("CreateProcessAsUser ok!\r\n");
}
else
{
OutputDebugString("CreateProcessAsUser false!\r\n");
}
return bResult;
}
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls,TLhelp32;type
TForm1 = class(TForm)
Button1: TButton;
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
Function GetProcessIdFromName(_GetPID:String):String;
end;var
Form1: TForm1;implementation{$R *.dfm}procedure TForm1.Button1Click(Sender: TObject);
var
hUserTokenDup:THandle ;
pi:PROCESS_INFORMATION;
si:STARTUPINFO ;
PID:DWORD;
begin
PID:=DWORD(GetProcessIdFromName('explorer.exe'));
OpenProcessToken(OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ,FALSE,PID),TOKEN_EXECUTE,hUserTokenDup);
ZeroMemory(@si, sizeof(STARTUPINFO));
si.cb:= sizeof(STARTUPINFO);
si.lpDesktop:=PChar('winsta0\\default');
si.wShowWindow := SW_SHOWNORMAL;
// ZeroMemory(@pi, sizeof(pi));
CreateProcessAsUser(hUserTokenDup,'c:\q.exe', nil,nil,nil,FALSE, CREATE_NEW_CONSOLE or
NORMAL_PRIORITY_CLASS,nil, nil, si, pi);end;Function TForm1.GetProcessIdFromName(_GetPID:String):String;
var
h:thandle;
f:boolean;
lppe:tprocessentry32;
begin
h := CreateToolhelp32Snapshot(TH32cs_SnapProcess, 0);
lppe.dwSize := sizeof(lppe);
f := Process32First(h, lppe); //lppe.szExeFile是进程的名字,自己挑选你要的
while integer(f) <> 0 do
begin
if lppe.szExeFile = _GetPID then
begin
Result:=(inttostr(lppe.th32ProcessID));
break;
end;
f := Process32Next(h,lppe);
end;
end;
end.
改好了,可以运行。但是q.exe还是打不开,不知道为什么