Option ExplicitPrivate Const LOGON_WITH_PROFILE = &H1& Private Const LOGON_NETCREDENTIALS_ONLY = &H2& Private Const CREATE_DEFAULT_ERROR_MODE = &H4000000 Private Const CREATE_NEW_CONSOLE = &H10& Private Const CREATE_NEW_PROCESS_GROUP = &H200& Private Const CREATE_SEPARATE_WOW_VDM = &H800& Private Const CREATE_SUSPENDED = &H4& Private Const CREATE_UNICODE_ENVIRONMENT = &H400& Private Const ABOVE_NORMAL_PRIORITY_CLASS = &H8000& Private Const BELOW_NORMAL_PRIORITY_CLASS = &H4000& Private Const HIGH_PRIORITY_CLASS = &H80& Private Const IDLE_PRIORITY_CLASS = &H40& Private Const NORMAL_PRIORITY_CLASS = &H20& Private Const REALTIME_PRIORITY_CLASS = &H100&Private Type PROCESS_INFORMATION hProcess As Long hThread As Long dwProcessId As Long dwThreadId As Long End TypePrivate Type STARTUPINFO cb As Long lpReserved As Long lpDesktop As Long lpTitle As Long dwX As Long dwY As Long dwXSize As Long dwYSize As Long dwXCountChars As Long dwYCountChars As Long dwFillAttribute As Long dwFlags As Long wShowWindow As Integer cbReserved2 As Integer lpReserved2 As Byte hStdInput As Long hStdOutput As Long hStdError As Long End TypePrivate Declare Function CreateProcessWithLogon Lib "advapi32" Alias "CreateProcessWithLogonW" (ByVal lpUsername As Long, ByVal lpDomain As Long, ByVal lpPassword As Long, ByVal dwLogonFlags As Long, ByVal lpApplicationName As Long, ByVal lpCommandLine As Long, ByVal dwCreationFlags As Long, ByVal lpEnvironment As Long, ByVal lpCurrentDirectory As Long, lpStartupInfo As STARTUPINFO, lpProcessInfo As PROCESS_INFORMATION) As Long Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long '这个函数就可以用其他用户名运行程序了,参数很明了了:用户名、域(空即可)、密码、程序名(包括路径)Public Function AnShell(Username As String, Domain As String, Password As String, ApplicationName As String) As Long Dim lpUsername As String, lpDomain As String, lpPassword As String, lpApplicationName As String, lpCommandLine As String, lpCurrentDirectory As String Dim StartInfo As STARTUPINFO, ProcessInfo As PROCESS_INFORMATION
lpUsername = Username lpDomain = Domain lpPassword = Password lpApplicationName = ApplicationName lpCommandLine = vbNullString 'use the same as lpApplicationName lpCurrentDirectory = vbNullString 'use standard directory StartInfo.cb = LenB(StartInfo) 'initialize structure StartInfo.dwFlags = 0& CreateProcessWithLogon StrPtr(lpUsername), StrPtr(lpDomain), StrPtr(lpPassword), LOGON_WITH_PROFILE, StrPtr(lpApplicationName), StrPtr(lpCommandLine), CREATE_DEFAULT_ERROR_MODE Or CREATE_NEW_CONSOLE Or CREATE_NEW_PROCESS_GROUP, ByVal 0&, StrPtr(lpCurrentDirectory), StartInfo, ProcessInfo 'MsgBox ProcessInfo.hProcess
CloseHandle ProcessInfo.hThread 'close the handle to the main thread, since we don't use it CloseHandle ProcessInfo.hProcess 'close the handle to the process, since we don't use it ' note that closing the handles of the main thread and the process do not terminate the process ' unload this application AnShell = ProcessInfo.dwProcessId 'GLProcess = ProcessInfo.dwProcessId End Function Private Sub Form_Load() MsgBox AnShell("administrator", "", "msfans", "notepad.exe") End Sub
楼上的,我在 xp home sp2 环境下面测试不成功,创建的 线程可以了, 但任务管理起里面没有看到没有用户名
所以我就想用API
大家 能帮帮忙吗?
Private Const LOGON_NETCREDENTIALS_ONLY = &H2&
Private Const CREATE_DEFAULT_ERROR_MODE = &H4000000
Private Const CREATE_NEW_CONSOLE = &H10&
Private Const CREATE_NEW_PROCESS_GROUP = &H200&
Private Const CREATE_SEPARATE_WOW_VDM = &H800&
Private Const CREATE_SUSPENDED = &H4&
Private Const CREATE_UNICODE_ENVIRONMENT = &H400&
Private Const ABOVE_NORMAL_PRIORITY_CLASS = &H8000&
Private Const BELOW_NORMAL_PRIORITY_CLASS = &H4000&
Private Const HIGH_PRIORITY_CLASS = &H80&
Private Const IDLE_PRIORITY_CLASS = &H40&
Private Const NORMAL_PRIORITY_CLASS = &H20&
Private Const REALTIME_PRIORITY_CLASS = &H100&Private Type PROCESS_INFORMATION
hProcess As Long
hThread As Long
dwProcessId As Long
dwThreadId As Long
End TypePrivate Type STARTUPINFO
cb As Long
lpReserved As Long
lpDesktop As Long
lpTitle As Long
dwX As Long
dwY As Long
dwXSize As Long
dwYSize As Long
dwXCountChars As Long
dwYCountChars As Long
dwFillAttribute As Long
dwFlags As Long
wShowWindow As Integer
cbReserved2 As Integer
lpReserved2 As Byte
hStdInput As Long
hStdOutput As Long
hStdError As Long
End TypePrivate Declare Function CreateProcessWithLogon Lib "advapi32" Alias "CreateProcessWithLogonW" (ByVal lpUsername As Long, ByVal lpDomain As Long, ByVal lpPassword As Long, ByVal dwLogonFlags As Long, ByVal lpApplicationName As Long, ByVal lpCommandLine As Long, ByVal dwCreationFlags As Long, ByVal lpEnvironment As Long, ByVal lpCurrentDirectory As Long, lpStartupInfo As STARTUPINFO, lpProcessInfo As PROCESS_INFORMATION) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
'这个函数就可以用其他用户名运行程序了,参数很明了了:用户名、域(空即可)、密码、程序名(包括路径)Public Function AnShell(Username As String, Domain As String, Password As String, ApplicationName As String) As Long
Dim lpUsername As String, lpDomain As String, lpPassword As String, lpApplicationName As String, lpCommandLine As String, lpCurrentDirectory As String
Dim StartInfo As STARTUPINFO, ProcessInfo As PROCESS_INFORMATION
lpUsername = Username
lpDomain = Domain
lpPassword = Password
lpApplicationName = ApplicationName
lpCommandLine = vbNullString 'use the same as lpApplicationName
lpCurrentDirectory = vbNullString 'use standard directory
StartInfo.cb = LenB(StartInfo) 'initialize structure
StartInfo.dwFlags = 0&
CreateProcessWithLogon StrPtr(lpUsername), StrPtr(lpDomain), StrPtr(lpPassword), LOGON_WITH_PROFILE, StrPtr(lpApplicationName), StrPtr(lpCommandLine), CREATE_DEFAULT_ERROR_MODE Or CREATE_NEW_CONSOLE Or CREATE_NEW_PROCESS_GROUP, ByVal 0&, StrPtr(lpCurrentDirectory), StartInfo, ProcessInfo
'MsgBox ProcessInfo.hProcess
CloseHandle ProcessInfo.hThread 'close the handle to the main thread, since we don't use it
CloseHandle ProcessInfo.hProcess 'close the handle to the process, since we don't use it
' note that closing the handles of the main thread and the process do not terminate the process
' unload this application
AnShell = ProcessInfo.dwProcessId
'GLProcess = ProcessInfo.dwProcessId
End Function
Private Sub Form_Load()
MsgBox AnShell("administrator", "", "msfans", "notepad.exe")
End Sub