如题设置进程的debug权限我已经知道
解决方案 »
- 数据库事务回滚异常
- 请人做程序,把文件夹做成 目录,
- 100分,秒结贴,VB如何读取远程网站上的ini文件
- 关于ACCESS数据库的一个概念问题
- 一个查询语句总是提示操作符丢失。请高手帮我看一下。高分送上
- 关于vb获取页面点的颜色。并生成16进制
- 如何让webBrowser控件只加载特定网页的特定内容,其他的不加载?
- ×××××× 关于注册表 ×××××××
- 怎样才能在自已的程序中加入接收服务器发来的数据的功能(如ASP)
- 请问vb中接受条形码输入的控件是哪一个?在access2000中有没有?
- 如何插入U盘后自动显示一段文字?
- 请问如何让VB与VBA有机结合起来呢?(或者说完全让VB代替VBA?)
LPCTSTR lpSystemName, //系统的名称,若为空,则在当前的sysytem查找。
LPCTSTR lpName, // 指明了权限的名称,如“SeDebugPrivilege”。
PLUID lpLuid // 返回LUID的指针
); 第一个参数是系统的名称,如果是本地系统只要指明为NULL就可以了,第三个参数就是返回LUID的指针,第二个参数就是指明了权限的名称,如“SeDebugPrivilege”。
本文在原文基础上增加了两个转换函数LookupPrivilegeName和LookupPrivilegeDisplayName,从而可以完美的输出权限的名称和权限的描述。
(声明:魏滔序原创,转贴请注明出处。)'::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
' VB6实现枚举进程所拥有的特权(增强版)
' Programmed by 魏滔序
' WebSite: http://www.chenoe.com
' Blog: http://blog.csdn.net/Modest
':::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::Option ExplicitPrivate Const ANYSIZE_ARRAY As Long = 100
Private Const TokenPrivileges = 3
Private Const TOKEN_QUERY = &H8Private Type LUID
lowpart As Long
highpart As Long
End TypePrivate Type LUID_AND_ATTRIBUTES
pLuid As LUID
Attributes As Long
End TypePrivate Type TOKEN_PRIVILEGES
PrivilegeCount As Long
Privileges(ANYSIZE_ARRAY) As LUID_AND_ATTRIBUTES
End TypePrivate Type PRIVILEGE
lValue As Long
sName As String
sDisplay As String
End TypePrivate Declare Function GetCurrentProcess Lib "kernel32" () As Long
Private Declare Function OpenProcessToken Lib "Advapi32" (ByVal ProcessHandle As Long, ByVal DesiredAccess As Long, TokenHandle As Long) As Long
Private Declare Function GetTokenInformation Lib "Advapi32" (ByVal TokenHandle As Long, TokenInformationClass As Integer, TokenInformation As Any, ByVal TokenInformationLength As Long, ReturnLength As Long) As Long
Private Declare Function RtlMoveMemory Lib "kernel32" (Dest As Any, Source As Any, ByVal lSize As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function LookupPrivilegeName Lib "advapi32.dll" Alias "LookupPrivilegeNameA" (ByVal lpSystemName As String, ByRef lpLuid As LUID, ByVal lpName As String, ByRef cbName As Long) As Long
Private Declare Function LookupPrivilegeDisplayName Lib "advapi32.dll" Alias "LookupPrivilegeDisplayNameA" (ByVal lpSystemName As String, ByVal lpName As String, ByVal lpDisplayName As String, ByRef cbDisplayName As Long, ByRef lpLanguageID As Long) As LongPrivate Function GetProcressPrivileges(ByVal hProcess As Long, Optional ByRef LanguageID As Long = 0) As PRIVILEGE()
Dim hToken As Long
Dim BufferSize As Long
Dim InfoBuffer() As Long
Dim i As Long, r() As PRIVILEGE, x As Long
Dim lResult As Long
Dim tpTokens As TOKEN_PRIVILEGES
Dim s As String
Call OpenProcessToken(hProcess, TOKEN_QUERY, hToken)
If hToken Then
Call GetTokenInformation(hToken, ByVal TokenPrivileges, 0, 0, BufferSize)
If BufferSize Then ReDim InfoBuffer((BufferSize 4) - 1) As Long
lResult = GetTokenInformation(hToken, ByVal TokenPrivileges, InfoBuffer(0), BufferSize, BufferSize) If lResult = 1 Then Call RtlMoveMemory(tpTokens, InfoBuffer(0), LenB(tpTokens))
For i = 0 To tpTokens.PrivilegeCount - 1
If tpTokens.Privileges(i).Attributes <> 0 Then
s = String(256, 0)
LookupPrivilegeName vbNullString, tpTokens.Privileges(i).pLuid, s, Len(s)
ReDim Preserve r(x)
r(x).lValue = tpTokens.Privileges(i).pLuid.lowpart
r(x).sName = Replace(s, vbNullChar, vbNullString)
s = String(256, 0)
LookupPrivilegeDisplayName vbNullString, r(x).sName, s, Len(s), LanguageID
r(x).sDisplay = Replace(s, vbNullChar, vbNullString)
x = x + 1
End If
Next
End If
End If
Call CloseHandle(hToken)
End If
GetProcressPrivileges = r
End Function'示例代码
Private Sub Form_Load()
Dim p() As PRIVILEGE, i As Long
p = GetProcressPrivileges(GetCurrentProcess)
For i = 0 To UBound(p)
Debug.Print p(i).lValue, p(i).sName, p(i).sDisplay
Next
End Sub
上述代码输出结果如下(会因权限不同而异):
23 SeChangeNotifyPrivilege 跳过遍历检查
10 SeLoadDriverPrivilege 装载和卸载设备驱动程序
25 SeUndockPrivilege 从插接工作站中取出计算机
29 SeImpersonatePrivilege 身份验证后模拟客户端
30 SeCreateGlobalPrivilege 创建全局对象http://blog.csdn.net/Modest/archive/2008/03/10/2162170.aspx
; Win32汇编实现判断进程是否拥有某特殊权限
; Programmed by 魏滔序
; WebSite: http://www.chenoe.com
; Blog: http://blog.csdn.net/Modest
;:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
.486
.model flat,stdcall
option casemap:none
include windows.inc
include kernel32.inc
include Advapi32.inc
includelib kernel32.lib
includelib Advapi32.lib.code
Start:
IsPrivilege PROC hProcess,dwPrivilege
LOCAL hToken,BufferSize,i
LOCAL tPrivilege:LUID_AND_ATTRIBUTES
LOCAL pInfoBuffer,PrivilegeCount
Invoke OpenProcessToken,hProcess, TOKEN_QUERY, ADDR hToken
.If EAX == 0
MOV EAX,FALSE
RET
.EndIf
Invoke GetTokenInformation,hToken,TokenPrivileges, NULL, NULL, addr BufferSize
.If BufferSize == 0
MOV EAX,FALSE
RET
.EndIf
MOV EAX,BufferSize
Invoke GlobalAlloc,GMEM_FIXED,EAX
MOV pInfoBuffer,EAX
Invoke GetTokenInformation,hToken,TokenPrivileges, pInfoBuffer, BufferSize, addr BufferSize
PUSH EAX
Invoke CloseHandle,hToken
POP EAX
.If EAX == 0
MOV EAX,FALSE
RET
.EndIf
MOV i,0
Invoke RtlMoveMemory, addr PrivilegeCount,pInfoBuffer, 4
.While TRUE
MOV EAX,SIZEOF LUID_AND_ATTRIBUTES
IMUL EAX,i
ADD EAX,pInfoBuffer
ADD EAX,4
Invoke RtlMoveMemory, addr tPrivilege,EAX, SIZEOF LUID_AND_ATTRIBUTES
MOV EAX,dwPrivilege
.IF tPrivilege.Attributes != 0 && tPrivilege.Luid.LowPart == EAX
MOV EAX,TRUE
RET
.EndIf
ADD i,1
MOV EAX,i
.Break .IF EAX==PrivilegeCount
.EndW
MOV EAX,FALSE
RET
IsPrivilege Endp
End Start
上次封装了你写的某一功能的代码(封装前改了下),一直用到现在了,
从第一个版本的到现在软件升级你那个库都没动过:),过段时间要
商业化了,在商业化前我会把这款软件先贴到CSDN上面来大家试用下
没有什么大问题了,再放出去:)!
思路步骤如下:
1.获得进程PID,使用GetCurrentProcess函数
2.获得PID的访问令牌的句柄,使用OpenProcessToken函数
3.获得令牌句柄的信息,使用GetTokenInformation函数
4.获得权限列表,返回权限的信息,使用LookupPrivilegeName和LookupPrivilegeDisplayName函数